CVE List - 2023 / January

Showing 401 - 500 of 2351 CVEs for January 2023 (Page 5 of 24)

Back to List Previous Next

CVE ID	Date	Title
CVE-2022-40517	2023-01-06	Stack based buffer overflow in Core
CVE-2022-40518	2023-01-06	Buffer overread in Core
CVE-2022-40519	2023-01-06	Buffer over-read in Core
CVE-2022-40520	2023-01-06	Stack based buffer overflow in Core
CVE-2022-4878	2023-01-06	JATOS ZIP ZipUtil.java ZipUtil path traversal
CVE-2022-45787	2023-01-06	Apache James MIME4J: Temporary File Information Disclosure in MIME4J TempFileStorageProvider
CVE-2022-45935	2023-01-06	Apache James server: Temporary File Information Disclosure
CVE-2016-15011	2023-01-06	e-Contract dssp SignResponseVerifier.java checkSignResponse xml external entity reference
CVE-2015-10016	2023-01-06	jeff-kelley opensim-utils regionscrits.php DatabaseForRegion sql injection
CVE-2014-125046	2023-01-06	Seiji42 cub-scout-tracker databaseAccessFunctions.js sql injection
CVE-2015-10017	2023-01-06	HPI-Information-Systems ProLOD sql injection
CVE-2020-36642	2023-01-06	trampgeek jobe LanguageTask.php run_in_sandbox command injection
CVE-2018-25066	2023-01-06	PeterMu nodebatis sql injection
CVE-2022-4879	2023-01-06	Forged Alliance Forever Vote improper authorization
CVE-2014-125047	2023-01-06	tbezman school-store sql injection
CVE-2019-25099	2023-01-06	Arthmoor QSF-Portal index.php path traversal
CVE-2014-125048	2023-01-06	kassi xingwall oauth.js session fixiation
CVE-2014-125049	2023-01-06	typcn Blogile server.js getNav sql injection
CVE-2015-10018	2023-01-06	DBRisinajumi d2files D2filesController.php actionDownloadFile sql injection
CVE-2023-22475	2023-01-06	Cross-Site Scripting in Canarytoken history
CVE-2014-125050	2023-01-06	ScottTZhang voter-js main.js sql injection
CVE-2014-125051	2023-01-06	himiklab yii2-jqgrid-widget JqGridAction.php addSearchOptionsRecursively sql injection
CVE-2022-22470	2023-01-06	IBM Security Verify Governance information disclosure
CVE-2022-35281	2023-01-06	IBM Maximo Application Suite command injection
CVE-2018-25067	2023-01-06	JoomGallery Image Sort default.php sql injection
CVE-2018-25068	2023-01-06	devent globalpom-utils FileResourceManagerProvider.java createTmpDir temp file
CVE-2014-125052	2023-01-06	JervenBolleman sparql-identifiers RegistryDao.java sql injection
CVE-2022-2482	2023-01-06	A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the file system accessible from Linux. A...
CVE-2022-2483	2023-01-06	The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the...
CVE-2022-2484	2023-01-06	The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. This could result in the execution of a...
CVE-2022-40201	2023-01-06	Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to a Stack-Based Buffer Overflow when a malformed design (DGN) file is parsed. This may allow an attacker to execute...
CVE-2013-10008	2023-01-06	sheilazpy eShop sql injection
CVE-2022-41613	2023-01-06	Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to an Out-of-Bounds Read when when parsing DGN files, which may allow an attacker to crash the product, disclose sensitive...
CVE-2014-125053	2023-01-06	Piwigo-Guest-Book Navigation Bar guestbook.inc.php sql injection
CVE-2023-0106	2023-01-07	Cross-site Scripting (XSS) - Stored in usememos/memos
CVE-2023-0107	2023-01-07	Cross-site Scripting (XSS) - Stored in usememos/memos
CVE-2023-0108	2023-01-07	Cross-site Scripting (XSS) - Stored in usememos/memos
CVE-2023-0110	2023-01-07	Cross-site Scripting (XSS) - Stored in usememos/memos
CVE-2023-0111	2023-01-07	Cross-site Scripting (XSS) - Stored in usememos/memos
CVE-2023-0112	2023-01-07	Cross-site Scripting (XSS) - Stored in usememos/memos
CVE-2023-0113	2023-01-07	Netis Netcore Router Backup param.file.tgz information disclosure
CVE-2023-0114	2023-01-07	Netis Netcore Router Backup param.file.tgz cleartext storage in a file or on disk
CVE-2018-25069	2023-01-07	Netis Netcore Router hard-coded password
CVE-2014-125054	2023-01-07	koroket RedditOnRails Vote access control
CVE-2015-10019	2023-01-07	foxoverflow MySimplifiedSQL MySimplifiedSQL_Examples.php cross site scripting
CVE-2014-125055	2023-01-07	agnivade easy-scrypt scrypt.go VerifyPassphrase timing discrepancy
CVE-2020-36644	2023-01-07	jamesmartin Inline SVG URL Parameter helpers.rb cross site scripting
CVE-2014-125056	2023-01-07	Pylons horus services.py timing discrepancy
CVE-2014-125057	2023-01-07	mrobit robitailletheknot CSRF Token filters.php comparison
CVE-2018-25070	2023-01-07	polterguy Phosphorus Five CSV Import NonQuery.cs csv.Read sql injection
CVE-2014-125058	2023-01-07	LearnMeSomeCodes project3 search.rb search_first_name sql injection
CVE-2015-10021	2023-01-07	ritterim definely database.js cross site scripting
CVE-2015-10022	2023-01-07	IISH nlgis2 custom_import.pl sql injection
CVE-2018-25071	2023-01-07	roxlukas LMeve proxy.php insert_log sql injection
CVE-2015-10023	2023-01-07	Fumon trello-octometric srv.go main sql injection
CVE-2015-10024	2023-01-07	hoffie larasync file_storage.go path traversal
CVE-2014-125059	2023-01-07	sternenseemann sternenblog main.c blog_index file inclusion
CVE-2014-125060	2023-01-07	holdennb CollabCal calenderServer.cpp handleGet improper authentication
CVE-2015-10025	2023-01-07	luelista miniConf URL Scanning MessageView.cs denial of service
CVE-2014-125061	2023-01-07	peel filebroker common.rb select_transfer_status_desc sql injection
CVE-2022-4880	2023-01-07	stakira OpenUtau ZIP Archive VoicebankInstaller.cs VoicebankInstaller path traversal
CVE-2015-10026	2023-01-07	tiredtyrant flairbot flair.py sql injection
CVE-2016-15012	2023-01-07	forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection
CVE-2021-4306	2023-01-07	cronvel terminal-kit redos
CVE-2014-125062	2023-01-07	ananich bitstorm announce.php sql injection
CVE-2015-10027	2023-01-07	hydrian TTRSS-Auth-LDAP Username ldap injection
CVE-2020-36645	2023-01-07	square squalor sql injection
CVE-2015-10028	2023-01-07	ss15-this-is-sparta Main Page roomElement.js cross site scripting
CVE-2014-125063	2023-01-07	ada-l0velace Bid sql injection
CVE-2017-20164	2023-01-07	Symbiote Seed Login SecurityLoginExtension.php onBeforeSecurityLogin redirect
CVE-2021-4307	2023-01-07	Yomguithereal Baobab prototype pollution
CVE-2016-15013	2023-01-07	ForumHulp searchresults listener.php list_keywords sql injection
CVE-2020-36646	2023-01-07	MediaArea ZenLib Ztring.cpp Date_From_Seconds_1970_Local unknown vulnerability
CVE-2015-10029	2023-01-07	kelvinmo simplexrd simplexrd.class.php xml external entity reference
CVE-2014-125065	2023-01-07	john5223 bottle-auth sql injection
CVE-2016-15014	2023-01-07	CESNET theme-cesnet resetpassword.php insufficiently protected credentials
CVE-2013-10009	2023-01-07	DrAzraelTod pyChao __init__.py lesen sql injection
CVE-2022-1101	2023-01-07	SourceCodester Royale Event Management System userregister.php improper authentication
CVE-2022-1102	2023-01-07	SourceCodester Royale Event Management System companyprofile.php cross site scripting
CVE-2014-125029	2023-01-07	ttskch PaginationServiceProvider Demo index.php sql injection
CVE-2021-4301	2023-01-07	slackero phpwcms sql injection
CVE-2022-2666	2023-01-07	SourceCodester Loan Management System login.php sql injection
CVE-2022-0668	2023-01-08	JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user.
CVE-2014-125066	2023-01-08	emmflo yuko-bot denial of service
CVE-2021-4308	2023-01-08	WebPA sql injection
CVE-2020-36647	2023-01-08	YunoHost-Apps transmission_ynh nginx.conf path traversal
CVE-2014-125067	2023-01-08	corincerami curiosity image_controller.rb sql injection
CVE-2007-10002	2023-01-08	web-cyradm auth.inc.php sql injection
CVE-2020-36648	2023-01-08	pouetnet pouet sql injection
CVE-2015-10030	2023-01-08	SUKOHI Surpass Surpass.php pathname traversal
CVE-2014-125068	2023-01-08	saxman maps-js-icoads http-server.js path traversal
CVE-2014-125069	2023-01-08	saxman maps-js-icoads exposure of information through directory listing
CVE-2019-25100	2023-01-08	happyman twmap pointdata2.php sql injection
CVE-2022-4881	2023-01-08	CapsAdmin PAC3 http.lua cross site scripting
CVE-2018-25072	2023-01-08	lojban jbovlaste listing.html sql injection
CVE-2015-10031	2023-01-08	purpleparrots 491-Project Highscore update.php sql injection
CVE-2021-4309	2023-01-08	01-Scripts 01ACP cross site scripting
CVE-2016-15015	2023-01-08	viafintech Barzahlen Payment Module PHP SDK Webhook.php verify timing discrepancy
CVE-2014-125070	2023-01-08	yanheven console tables.py AvailabilityZonesTable cross site scripting
CVE-2016-15016	2023-01-08	mrtnmtth joomla_mod_einsatz_stats helper.php getStatsByType sql injection