CVE List - 2023 / October
Showing 901 - 1000 of 2690 CVEs for October 2023 (Page 10 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-35654 | 2023-10-11 | In ctrl_roi of stmvl53l1_module.c, there is a possible out of... |
| CVE-2023-35655 | 2023-10-11 | In CanConvertPadV2Op of darwinn_mlir_converter_aidl.cc, there is a possible out of... |
| CVE-2023-35660 | 2023-10-11 | In lwis_transaction_client_cleanup of lwis_transaction.c, there is a possible way to... |
| CVE-2023-35661 | 2023-10-11 | In ProfSixDecomTcpSACKoption of RohcPacketCommon.cpp, there is a possible out of... |
| CVE-2023-35662 | 2023-10-11 | there is a possible out of bounds write due to... |
| CVE-2023-40141 | 2023-10-11 | In temp_residency_name_store of thermal_metrics.c, there is a possible out of... |
| CVE-2023-40142 | 2023-10-11 | In TBD of TBD, there is a possible way to... |
| CVE-2023-41881 | 2023-10-11 | Deleting a collaboration should also delete linked resources |
| CVE-2023-41882 | 2023-10-11 | vantage6 Improper Access Control vulnerability |
| CVE-2023-43661 | 2023-10-11 | Cachet vulnerable to Authenticated Remote Code Execution |
| CVE-2023-44186 | 2023-10-11 | Junos OS and Junos OS Evolved: RPD crash when attempting to send a very long AS PATH to a non-4-byte-AS capable BGP neighbor |
| CVE-2023-45132 | 2023-10-11 | IgnoreIP/IgnoreCIDR should not trust X-Forwarded-For |
| CVE-2023-3781 | 2023-10-11 | there is a possible use-after-free write due to improper locking.... |
| CVE-2023-44187 | 2023-10-11 | Junos OS Evolved: 'file copy' CLI command can disclose password to shell users |
| CVE-2023-44188 | 2023-10-11 | Junos OS: jkdsd crash due to multiple telemetry requests |
| CVE-2023-44189 | 2023-10-11 | Junos OS Evolved: PTX10003 Series: MAC address validation bypass vulnerability |
| CVE-2023-44190 | 2023-10-11 | Junos OS Evolved: PTX10001, PTX10004, PTX10008, PTX10016: MAC address validation bypass vulnerability |
| CVE-2023-39325 | 2023-10-11 | HTTP/2 rapid reset can cause excessive work in net/http |
| CVE-2023-5218 | 2023-10-11 | Use after free in Site Isolation in Google Chrome prior... |
| CVE-2023-5487 | 2023-10-11 | Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70... |
| CVE-2023-5484 | 2023-10-11 | Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70... |
| CVE-2023-5475 | 2023-10-11 | Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70... |
| CVE-2023-5483 | 2023-10-11 | Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70... |
| CVE-2023-5481 | 2023-10-11 | Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70... |
| CVE-2023-5476 | 2023-10-11 | Use after free in Blink History in Google Chrome prior... |
| CVE-2023-5474 | 2023-10-11 | Heap buffer overflow in PDF in Google Chrome prior to... |
| CVE-2023-5479 | 2023-10-11 | Inappropriate implementation in Extensions API in Google Chrome prior to... |
| CVE-2023-5485 | 2023-10-11 | Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70... |
| CVE-2023-5478 | 2023-10-11 | Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70... |
| CVE-2023-5477 | 2023-10-11 | Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70... |
| CVE-2023-5486 | 2023-10-11 | Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70... |
| CVE-2023-5473 | 2023-10-11 | Use after free in Cast in Google Chrome prior to... |
| CVE-2023-1943 | 2023-10-11 | Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode |
| CVE-2023-23632 | 2023-10-12 | BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are... |
| CVE-2023-40829 | 2023-10-12 | There is an interface unauthorized access vulnerability in the background... |
| CVE-2023-40833 | 2023-10-12 | An issue in Thecosy IceCMS v.1.0.0 allows a remote attacker... |
| CVE-2023-41261 | 2023-10-12 | An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before... |
| CVE-2023-41262 | 2023-10-12 | An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before... |
| CVE-2023-41263 | 2023-10-12 | An issue was discovered in Plixer Scrutinizer before 19.3.1. It... |
| CVE-2023-42298 | 2023-10-12 | An issue in GPAC GPAC v.2.2.1 and before allows a... |
| CVE-2023-43147 | 2023-10-12 | PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site... |
| CVE-2023-43148 | 2023-10-12 | SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability... |
| CVE-2023-43149 | 2023-10-12 | SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF)... |
| CVE-2023-45510 | 2023-10-12 | tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc-mismatch (operator... |
| CVE-2023-45511 | 2023-10-12 | A memory leak in tsMuxer version git-2539d07 allows attackers to... |
| CVE-2023-5531 | 2023-10-12 | The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable... |
| CVE-2023-29453 | 2023-10-12 | Agent 2 package are built with Go version affected by CVE-2023-24538 |
| CVE-2023-32721 | 2023-10-12 | Stored XSS in Maps element |
| CVE-2023-32722 | 2023-10-12 | Stack-buffer Overflow in library module zbxjson |
| CVE-2023-32723 | 2023-10-12 | Inefficient permission check in class CControllerAuthenticationUpdate |
| CVE-2023-32724 | 2023-10-12 | JavaScript engine memory pointers are directly available for Zabbix users for modification |
| CVE-2023-5470 | 2023-10-12 | The Etsy Shop plugin for WordPress is vulnerable to Stored... |
| CVE-2023-45047 | 2023-10-12 | WordPress LeadSquared Suite Plugin <= 0.7.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-5554 | 2023-10-12 | Lack of TLS certificate verification in log transmission of a... |
| CVE-2023-5555 | 2023-10-12 | Cross-site Scripting (XSS) - Generic in frappe/lms |
| CVE-2023-5556 | 2023-10-12 | Cross-site Scripting (XSS) - Reflected in structurizr/onpremises |
| CVE-2023-23651 | 2023-10-12 | WordPress MainWP Google Analytics Extension Plugin <= 4.0.4 - SQL Injection vulnerability |
| CVE-2023-23737 | 2023-10-12 | WordPress MainWP Broken Links Checker Extension Plugin <= 4.0 is vulnerable to SQL Injection |
| CVE-2023-43789 | 2023-10-12 | Libxpm: out of bounds read on xpm with corrupted colormap |
| CVE-2023-5046 | 2023-10-12 | SQLi in Biltay's Procost |
| CVE-2023-5045 | 2023-10-12 | SQLi in Biltay's Kayısı |
| CVE-2023-44998 | 2023-10-12 | WordPress Category Meta Plugin <= 1.2.8 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45011 | 2023-10-12 | WordPress WP Power Stats Plugin <= 2.2.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45048 | 2023-10-12 | WordPress Social proof testimonials and reviews by Repuso Plugin <= 5.00 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45052 | 2023-10-12 | WordPress WP Bing Map Pro Plugin < 5.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45058 | 2023-10-12 | WordPress Short URL Plugin <= 1.6.8 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45060 | 2023-10-12 | WordPress Interactive World Map Plugin <= 3.2.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45063 | 2023-10-12 | WordPress AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One Plugin <= 1.1.5 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45068 | 2023-10-12 | WordPress Contact Form by Supsystic Plugin <= 1.7.27 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-27315 | 2023-10-12 | Information Disclosure Vulnerability in SnapGathers |
| CVE-2023-32124 | 2023-10-12 | WordPress Publish Confirm Message Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-41131 | 2023-10-12 | WordPress Sp*tify Play Button for WordPress Plugin <= 2.10 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45102 | 2023-10-12 | WordPress Blog Manager Light Plugin <= 1.20 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45103 | 2023-10-12 | WordPress Permalinks Customizer Plugin <= 2.8.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45106 | 2023-10-12 | WordPress Urvanov Syntax Highlighter Plugin <= 2.8.33 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-31192 | 2023-10-12 | An information disclosure vulnerability exists in the ClientConnect() functionality of... |
| CVE-2023-32634 | 2023-10-12 | An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of... |
| CVE-2023-27516 | 2023-10-12 | An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of... |
| CVE-2023-32275 | 2023-10-12 | An information disclosure vulnerability exists in the CtEnumCa() functionality of... |
| CVE-2023-25774 | 2023-10-12 | A denial-of-service vulnerability exists in the vpnserver ConnectionAccept() functionality of... |
| CVE-2023-23581 | 2023-10-12 | A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of... |
| CVE-2023-22308 | 2023-10-12 | An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality... |
| CVE-2023-22325 | 2023-10-12 | A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE... |
| CVE-2023-27395 | 2023-10-12 | A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket()... |
| CVE-2023-5072 | 2023-10-12 | DoS Vulnerability in JSON-Java |
| CVE-2023-45133 | 2023-10-12 | Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code |
| CVE-2023-45138 | 2023-10-12 | Change Request Application vulnerable to XSS and remote code execution through change request title |
| CVE-2023-45142 | 2023-10-12 | OpenTelemetry-Go Contrib has DoS vulnerability in otelhttp due to unbound cardinality metrics |
| CVE-2023-45143 | 2023-10-12 | Undici's cookie header not cleared on cross-origin redirect in fetch |
| CVE-2023-27312 | 2023-10-12 | Privilege Escalation Vulnerability in SnapCenter Plugin for VMware vSphere |
| CVE-2023-27313 | 2023-10-12 | Privilege Escalation Vulnerability in SnapCenter |
| CVE-2023-27314 | 2023-10-12 | Denial of Service Vulnerability in ONTAP 9 |
| CVE-2023-5562 | 2023-10-12 | Unsafe default allows for cross-site scripting attacks in KNIME Server and KNIME Business Hub |
| CVE-2023-27316 | 2023-10-12 | Privilege Escalation Vulnerability in SnapCenter |
| CVE-2023-22392 | 2023-10-12 | Junos OS: PTX Series and QFX10000 Series: Received flow-routes which aren't installed as the hardware doesn't support them, lead to an FPC heap memory leak |
| CVE-2023-36839 | 2023-10-12 | Junos OS and Junos OS Evolved: An l2cpd crash will occur when specific LLDP packets are received |
| CVE-2023-36841 | 2023-10-12 | Junos OS: MX Series: Receipt of malformed TCP traffic will cause a Denial of Service |
| CVE-2023-36843 | 2023-10-12 | Junos OS: SRX Series: The PFE will crash on receiving malformed SSL traffic when Sky ATP is enabled |
| CVE-2023-44175 | 2023-10-12 | Junos OS and Junos OS Evolved: Receipt of a specific genuine PIM packet causes RPD crash |
| CVE-2023-44177 | 2023-10-12 | Junos OS and Junos OS Evolved: Stack overflow vulnerability in CLI command processing |