CVE List - 2023 / January
Showing 2101 - 2200 of 2351 CVEs for January 2023 (Page 22 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-39811 | 2023-01-27 | Italtel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui/advancedsettings.jsp... |
| CVE-2022-39812 | 2023-01-27 | Italtel NetMatch-S CI 5.2.0-20211008 allows Absolute Path Traversal under NMSCI-WebGui/SaveFileUploader.... |
| CVE-2022-39813 | 2023-01-27 | Italtel NetMatch-S CI 5.2.0-20211008 allows Multiple Reflected/Stored XSS issues under... |
| CVE-2022-4139 | 2023-01-27 | An incorrect TLB flush issue was found in the Linux... |
| CVE-2022-4201 | 2023-01-27 | A blind SSRF in GitLab CE/EE affecting all from 11.3... |
| CVE-2022-4205 | 2023-01-27 | In Gitlab EE/CE before 15.6.1, 15.5.5 and 15.4.6 using a... |
| CVE-2022-4255 | 2023-01-27 | An info leak issue was identified in all versions of... |
| CVE-2022-4285 | 2023-01-27 | An illegal memory access flaw was found in the binutils... |
| CVE-2022-4335 | 2023-01-27 | A blind SSRF vulnerability was identified in all versions of... |
| CVE-2022-43978 | 2023-01-27 | Limited Authentication bypass due to hardcoded secret |
| CVE-2022-43979 | 2023-01-27 | Path Traversal leading to Local File Inclusion |
| CVE-2022-43980 | 2023-01-27 | Cross-site scripting vulnerability in the network maps edit functionality |
| CVE-2022-44024 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10.... |
| CVE-2022-44025 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10.... |
| CVE-2022-44026 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10.... |
| CVE-2022-44027 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10.... |
| CVE-2022-44028 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10.... |
| CVE-2022-44029 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 before P10.... |
| CVE-2022-44298 | 2023-01-27 | SiteServer CMS 7.1.3 is vulnerable to SQL Injection. |
| CVE-2022-44715 | 2023-01-27 | Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows... |
| CVE-2022-44717 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 build 904.... |
| CVE-2022-44718 | 2023-01-27 | An issue was discovered in NetScout nGeniusONE 6.3.2 build 904.... |
| CVE-2022-46968 | 2023-01-27 | A stored cross-site scripting (XSS) vulnerability in /index.php?page=help of Revenue... |
| CVE-2022-47632 | 2023-01-27 | Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an... |
| CVE-2022-48007 | 2023-01-27 | A stored cross-site scripting (XSS) vulnerability in identification.php of Piwigo... |
| CVE-2022-48008 | 2023-01-27 | An arbitrary file upload vulnerability in the plugin manager of... |
| CVE-2022-48011 | 2023-01-27 | Opencats v0.9.7 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-48012 | 2023-01-27 | Opencats v0.9.7 was discovered to contain a reflected cross-site scripting... |
| CVE-2022-48013 | 2023-01-27 | Opencats v0.9.7 was discovered to contain a stored cross-site scripting... |
| CVE-2022-48066 | 2023-01-27 | An issue in the component global.so of Totolink A830R V4.1.2cu.5182... |
| CVE-2022-48067 | 2023-01-27 | An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers... |
| CVE-2022-48069 | 2023-01-27 | Totolink A830R V4.1.2cu.5182 was discovered to contain a command injection... |
| CVE-2022-48070 | 2023-01-27 | Phicomm K2 v22.6.534.263 was discovered to contain a command injection... |
| CVE-2022-48071 | 2023-01-27 | Phicomm K2 v22.6.534.263 was discovered to store the root and... |
| CVE-2022-48072 | 2023-01-27 | Phicomm K2G v22.6.3.20 was discovered to contain a command injection... |
| CVE-2022-48073 | 2023-01-27 | Phicomm K2G v22.6.3.20 was discovered to store the root and... |
| CVE-2022-48107 | 2023-01-27 | D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability... |
| CVE-2022-48108 | 2023-01-27 | D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability... |
| CVE-2022-48116 | 2023-01-27 | AyaCMS v3.1.2 was discovered to contain a remote code execution... |
| CVE-2022-48118 | 2023-01-27 | Jorani v1.0 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2023-22240 | 2023-01-27 | ZDI-CAN-19517: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-22241 | 2023-01-27 | ZDI-CAN-19516: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-22242 | 2023-01-27 | ZDI-CAN-19515: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-23616 | 2023-01-27 | Discourse membership requests lack character limit |
| CVE-2023-23620 | 2023-01-27 | Discourse restricted tag routes leak topic information |
| CVE-2023-24060 | 2023-01-27 | Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]=... |
| CVE-2023-22740 | 2023-01-27 | Discourse vulnerable to Allocation of Resources Without Limits via Chat drafts |
| CVE-2023-0527 | 2023-01-27 | PHPGurukul Online Security Guards Hiring System search-request.php cross site scripting |
| CVE-2023-0528 | 2023-01-27 | SourceCodester Online Tours & Travels Management System abc.php sql injection |
| CVE-2023-0529 | 2023-01-27 | SourceCodester Online Tours & Travels Management System add_payment.php sql injection |
| CVE-2023-0530 | 2023-01-27 | SourceCodester Online Tours & Travels Management System approve_user.php sql injection |
| CVE-2023-0531 | 2023-01-27 | SourceCodester Online Tours & Travels Management System booking_report.php sql injection |
| CVE-2023-0532 | 2023-01-27 | SourceCodester Online Tours & Travels Management System disapprove_user.php sql injection |
| CVE-2023-0533 | 2023-01-27 | SourceCodester Online Tours & Travels Management System expense_report.php sql injection |
| CVE-2023-0534 | 2023-01-27 | SourceCodester Online Tours & Travels Management System expense_report.php sql injection |
| CVE-2021-21395 | 2023-01-27 | Magneto-lts vulnerable to Cross-Site Request Forgery |
| CVE-2021-39217 | 2023-01-27 | OpenMage LTS arbitrary command execution in custom layout update through blocks |
| CVE-2021-41143 | 2023-01-27 | OpenMage LTS arbitrary file deletion in customer media allows for remote code execution |
| CVE-2021-41144 | 2023-01-27 | OpenMage LTS authenticated remote code execution through layout update |
| CVE-2021-41231 | 2023-01-27 | OpenMage LTS DataFlow upload remote code execution vulnerability |
| CVE-2023-0549 | 2023-01-27 | YAFNET Private Message PostPrivateMessage cross site scripting |
| CVE-2023-0550 | 2023-01-27 | The Quick Restaurant Menu plugin for WordPress is vulnerable to... |
| CVE-2023-0553 | 2023-01-27 | The Quick Restaurant Menu plugin for WordPress is vulnerable to... |
| CVE-2023-0554 | 2023-01-27 | The Quick Restaurant Menu plugin for WordPress is vulnerable to... |
| CVE-2023-0555 | 2023-01-27 | The Quick Restaurant Menu plugin for WordPress is vulnerable to... |
| CVE-2022-39380 | 2023-01-27 | wire-webapp contains Improper Handling of Exceptional Conditions leading to a DoS via Markdown Rendering |
| CVE-2023-0556 | 2023-01-27 | The ContentStudio plugin for WordPress is vulnerable to authorization bypass... |
| CVE-2023-0557 | 2023-01-27 | The ContentStudio plugin for WordPress is vulnerable to Sensitive Information... |
| CVE-2023-0558 | 2023-01-27 | The ContentStudio plugin for WordPress is vulnerable to authorization bypass... |
| CVE-2022-39324 | 2023-01-27 | Grafana vulnerable to spoofing originalUrl of snapshots |
| CVE-2022-23552 | 2023-01-27 | Grafana stored XSS in FileUploader component |
| CVE-2023-22737 | 2023-01-27 | wire-server vulnerable to unauthorized removal of Bots from Conversations |
| CVE-2022-46359 | 2023-01-27 | Potential vulnerabilities have been identified in HP Security Manager which... |
| CVE-2022-46358 | 2023-01-27 | Potential vulnerabilities have been identified in HP Security Manager which... |
| CVE-2022-46357 | 2023-01-27 | Potential vulnerabilities have been identified in HP Security Manager which... |
| CVE-2022-46356 | 2023-01-27 | Potential vulnerabilities have been identified in HP Security Manager which... |
| CVE-2023-23617 | 2023-01-27 | OpenMage LTS has DoS vulnerability in MaliciousCode filter |
| CVE-2023-23621 | 2023-01-27 | Discourse vulnerable to ReDoS in user agent parsing |
| CVE-2023-23624 | 2023-01-27 | Discourse's exclude_tags param could leak which topics had a specific hidden tag |
| CVE-2023-23627 | 2023-01-27 | Sanitize vulnerable to Cross-site Scripting via Improper neutralization of `noscript` element |
| CVE-2023-23628 | 2023-01-28 | Metabase subject to Exposure of Sensitive Information to an Unauthorized Actor |
| CVE-2023-23629 | 2023-01-28 | Metabase subject to Improper Privilege Management |
| CVE-2023-0560 | 2023-01-28 | SourceCodester Online Tours & Travels Management System practice_pdf.php sql injection |
| CVE-2023-0561 | 2023-01-28 | SourceCodester Online Tours & Travels Management System s.php sql injection |
| CVE-2023-0562 | 2023-01-28 | PHPGurukul Bank Locker Management System Login index.php sql injection |
| CVE-2023-0563 | 2023-01-28 | PHPGurukul Bank Locker Management System Assign Locker add-locker-form.php cross site scripting |
| CVE-2021-4315 | 2023-01-28 | NYUCCL psiTurk experiment.py special elements used in a template engine |
| CVE-2022-48285 | 2023-01-29 | loadAsync in JSZip before 3.8.0 allows Directory Traversal via a... |
| CVE-2021-46873 | 2023-01-29 | WireGuard, such as WireGuard 0.5.3 on Windows, does not fully... |
| CVE-2023-0564 | 2023-01-29 | Weak Password Requirements in froxlor/froxlor |
| CVE-2023-0565 | 2023-01-29 | Business Logic Errors in froxlor/froxlor |
| CVE-2023-0566 | 2023-01-29 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in froxlor/froxlor |
| CVE-2023-0569 | 2023-01-29 | Weak Password Requirements in publify/publify |
| CVE-2023-0572 | 2023-01-29 | Unchecked Error Condition in froxlor/froxlor |
| CVE-2023-24065 | 2023-01-29 | NOSH 4a5cfdb allows stored XSS via the create user page.... |
| CVE-2023-0570 | 2023-01-29 | SourceCodester Online Tours & Travels Management System payment_operation.php sql injection |
| CVE-2023-0571 | 2023-01-29 | SourceCodester Canteen Management System Add Customer createcustomer.php cross site scripting |
| CVE-2009-10003 | 2023-01-29 | capnsquarepants wordcraft tag.php cross site scripting |
| CVE-2016-15022 | 2023-01-29 | mosbth cimage check_system.php cross site scripting |
| CVE-2022-0223 | 2023-01-30 | A CWE-22: Improper Limitation of a Pathname to a Restricted... |