CVE List - 2023 / October
Showing 1701 - 1800 of 2690 CVEs for October 2023 (Page 18 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-4999 | 2023-10-20 | The Horizontal scrolling announcement plugin for WordPress is vulnerable to SQL Injection via the plugin's [horizontal-scrolling] shortcode in versions up to, and including, 9.2 due to insufficient escaping on the... |
| CVE-2023-3996 | 2023-10-20 | The ARMember Lite - Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 4.0.14 due to insufficient input sanitization and... |
| CVE-2022-4290 | 2023-10-20 | The Cyr to Lat plugin for WordPress is vulnerable to authenticated SQL Injection via the 'ctl_sanitize_title' function in versions up to, and including, 3.5 due to insufficient escaping on the... |
| CVE-2023-5121 | 2023-10-20 | The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings (the backup path parameter) in versions up to, and including, 0.9.89 due... |
| CVE-2023-4668 | 2023-10-20 | The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated attackers to extract... |
| CVE-2023-5231 | 2023-10-20 | The Magic Action Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 2.17.2 due to insufficient input sanitization and output escaping... |
| CVE-2021-4418 | 2023-10-20 | The Custom CSS, JS & PHP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.7. This is due to missing or incorrect nonce... |
| CVE-2023-5602 | 2023-10-20 | The Social Media Share Buttons & Social Sharing Icons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.5. This is due to... |
| CVE-2020-36753 | 2023-10-20 | The Hueman theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.6.3. This is due to missing or incorrect nonce validation on the save_meta_box()... |
| CVE-2020-36754 | 2023-10-20 | The Paid Memberships Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.2. This is due to missing or incorrect nonce validation on... |
| CVE-2020-36755 | 2023-10-20 | The Customizr theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.3.0. This is due to missing or incorrect nonce validation on the czr_fn_post_fields_save()... |
| CVE-2023-5292 | 2023-10-20 | The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'acfe_form' shortcode in versions up to, and including, 0.8.9.3 due to insufficient input sanitization... |
| CVE-2020-36758 | 2023-10-20 | The RSS Aggregator by Feedzy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4.2. This is due to missing or incorrect nonce validation... |
| CVE-2020-36759 | 2023-10-20 | The Woody code snippets plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.9. This is due to missing or incorrect nonce validation on... |
| CVE-2023-5086 | 2023-10-20 | The Copy Anything to Clipboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'copy' shortcode in versions up to, and including, 2.6.4 due to insufficient input sanitization and... |
| CVE-2023-5070 | 2023-10-20 | The Social Media Share Buttons & Social Sharing Icons plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.8.5 via the sfsi_save_export function. This... |
| CVE-2021-4334 | 2023-10-20 | The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized modification of site options due to a missing capability check on the fpd_update_options function in versions up to, and... |
| CVE-2023-5109 | 2023-10-20 | The WP Mailto Links – Protect Email Addresses plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wpml_mailto' shortcode in versions up to, and including, 3.1.3 due to insufficient... |
| CVE-2023-4021 | 2023-10-20 | The Modern Events Calendar lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Google API key and Calendar ID in versions up to, but not including, 7.1.0 due... |
| CVE-2022-3622 | 2023-10-20 | The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and including, 6.9.11. This makes it possible for authenticated attackers, with... |
| CVE-2023-4648 | 2023-10-20 | The WP Customer Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 3.6.6 due to insufficient input sanitization and output... |
| CVE-2023-34044 | 2023-10-20 | Information disclosure vulnerability in bluetooth device-sharing functionality |
| CVE-2023-34046 | 2023-10-20 | VMware Fusion TOCTOU local privilege escalation vulnerability |
| CVE-2023-34045 | 2023-10-20 | VMware Fusion installer local privilege escalation |
| CVE-2023-44256 | 2023-10-20 | A server-side request forgery vulnerability [CWE-918] in Fortinet FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3 and before 7.0.8 and FortiManager version 7.4.0, version 7.2.0 through 7.2.3 and before 7.0.8 allows... |
| CVE-2023-44483 | 2023-10-20 | Apache Santuario: Private Key disclosure in debug-log output |
| CVE-2023-5618 | 2023-10-20 | The Modern Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in versions up to, and including, 1.4.16 due to insufficient input sanitization and output... |
| CVE-2023-3487 | 2023-10-20 | Integer overflow in Silicon Labs Gecko Bootloader leads to unbounded memory access |
| CVE-2023-3965 | 2023-10-20 | The nsc theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This... |
| CVE-2023-3962 | 2023-10-20 | The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This... |
| CVE-2023-3933 | 2023-10-20 | The Your Journey theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping.... |
| CVE-2023-23373 | 2023-10-20 | QUSBCam2 |
| CVE-2023-5686 | 2023-10-20 | Heap-based Buffer Overflow in radareorg/radare2 |
| CVE-2023-5687 | 2023-10-20 | Cross-Site Request Forgery (CSRF) in mosparo/mosparo |
| CVE-2023-5688 | 2023-10-20 | Cross-site Scripting (XSS) - DOM in modoboa/modoboa |
| CVE-2023-5689 | 2023-10-20 | Cross-site Scripting (XSS) - DOM in modoboa/modoboa |
| CVE-2023-5690 | 2023-10-20 | Cross-Site Request Forgery (CSRF) in modoboa/modoboa |
| CVE-2023-45805 | 2023-10-20 | Trojan Lockfilein pdm |
| CVE-2023-46117 | 2023-10-20 | Inadequate validation of retrieved subdomains may lead to a Remote Code Execution in reconFTW |
| CVE-2023-5681 | 2023-10-20 | Netentsec NS-ASG Application Security Gateway list_addr_fwresource_ip.php sql injection |
| CVE-2023-5682 | 2023-10-20 | Tongda OA delete.php sql injection |
| CVE-2023-45661 | 2023-10-20 | Wild address read in stbi__gif_load_next in stb_image |
| CVE-2023-45662 | 2023-10-20 | Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image |
| CVE-2023-45663 | 2023-10-20 | Disclosure of uninitialized memory in stbi__tga_load in stb_image |
| CVE-2023-45664 | 2023-10-20 | Double-free in stbi__load_gif_main_outofmem in stb_image |
| CVE-2023-45666 | 2023-10-20 | Possible double-free or memory leak in stbi__load_gif_main in stb_image |
| CVE-2023-45667 | 2023-10-20 | Null pointer dereference because of an uninitialized variable in stb_image |
| CVE-2023-45675 | 2023-10-20 | 0 byte write heap buffer overflow in start_decoder in stb_vorbis |
| CVE-2023-45676 | 2023-10-20 | Multi-byte write heap buffer overflow in start_decoder in stb_vorbis |
| CVE-2023-45677 | 2023-10-20 | Heap buffer out of bounds write in start_decoder in stb_vorbis |
| CVE-2023-45678 | 2023-10-20 | Off-by-one heap buffer write in start_decoder in stb_vorbis |
| CVE-2023-45679 | 2023-10-20 | Attempt to free an uninitialized memory pointer in vorbis_deinit in stb_vorbis |
| CVE-2023-45680 | 2023-10-20 | Null pointer dereference in vorbis_deinit in stb_vorbis |
| CVE-2023-45681 | 2023-10-20 | Out of bounds heap buffer write in stb_vorbis |
| CVE-2023-45682 | 2023-10-20 | Wild address read in vorbis_decode_packet_rest in stb_vorbis |
| CVE-2023-38190 | 2023-10-21 | An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter. |
| CVE-2023-38192 | 2023-10-21 | An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords. |
| CVE-2023-38193 | 2023-10-21 | An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line. |
| CVE-2023-38194 | 2023-10-21 | An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter. |
| CVE-2023-46003 | 2023-10-21 | I-doit pro 25 and below is vulnerable to Cross Site Scripting (XSS) via index.php. |
| CVE-2023-46054 | 2023-10-21 | Cross Site Scripting (XSS) vulnerability in WBCE CMS v.1.6.1 and before allows a remote attacker to escalate privileges via a crafted script to the website_footer parameter in the admin/settings/save.php component. |
| CVE-2023-46055 | 2023-10-21 | An issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function to the "thingnario Logger Maintenance... |
| CVE-2023-5132 | 2023-10-21 | The Soisy Pagamento Rateale plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the parseRemoteRequest function in versions up to, and including,... |
| CVE-2023-5683 | 2023-10-21 | Byzoro Smart S85F Management Platform importconf.php os command injection |
| CVE-2023-5684 | 2023-10-21 | Byzoro Smart S85F Management Platform importexport.php os command injection |
| CVE-2023-4635 | 2023-10-21 | The EventON plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in versions up to, and including, 2.2.2 due to insufficient input sanitization and output escaping.... |
| CVE-2023-5205 | 2023-10-21 | The Add Custom Body Class plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'add_custom_body_class' value in versions up to, and including, 1.4.1 due to insufficient input sanitization... |
| CVE-2023-4939 | 2023-10-21 | The SALESmanago plugin for WordPress is vulnerable to Log Injection in versions up to, and including, 3.2.4. This is due to the use of a weak authentication token for the... |
| CVE-2023-46067 | 2023-10-21 | WordPress Rocket Font Plugin <= 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46078 | 2023-10-21 | WordPress Serial Numbers for WooCommerce – License Manager Plugin <= 1.6.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2021-46897 | 2023-10-22 | views.py in Wagtail CRX CodeRed Extensions (formerly CodeRed CMS or coderedcms) before 0.22.3 allows upward protected/..%2f..%2f path traversal when serving protected media. |
| CVE-2021-46898 | 2023-10-22 | views/switch.py in django-grappelli (aka Django Grappelli) before 2.15.2 attempts to prevent external redirection with startswith("/") but this does not consider a protocol-relative URL (e.g., //example.com) attack. |
| CVE-2023-46298 | 2023-10-22 | Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same... |
| CVE-2023-46300 | 2023-10-22 | iTerm2 before 3.4.20 allow (potentially remote) code execution because of mishandling of certain escape sequences related to tmux integration. |
| CVE-2023-46301 | 2023-10-22 | iTerm2 before 3.4.20 allow (potentially remote) code execution because of mishandling of certain escape sequences related to upload. |
| CVE-2023-46306 | 2023-10-22 | The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters in the /admin/gnssAutoAlign.php... |
| CVE-2023-46315 | 2023-10-22 | The zanllp sd-webui-infinite-image-browsing (aka Infinite Image Browsing) extension before 977815a for stable-diffusion-webui (aka Stable Diffusion web UI), if Gradio authentication is enabled without secret key configuration, allows remote attackers to... |
| CVE-2023-46317 | 2023-10-22 | Knot Resolver before 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers. |
| CVE-2023-46319 | 2023-10-22 | WALLIX Bastion 9.x before 9.0.9 and 10.x before 10.0.5 allows unauthenticated access to sensitive information by bypassing access control on a network access administration web interface. |
| CVE-2023-46321 | 2023-10-22 | iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line. |
| CVE-2023-46322 | 2023-10-22 | iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may be outside the set of alphanumeric... |
| CVE-2023-46303 | 2023-10-22 | link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root. |
| CVE-2023-38275 | 2023-10-22 | IBM Cognos Dashboards information disclosure |
| CVE-2023-38276 | 2023-10-22 | IBM Cognos Dashboards information disclosure |
| CVE-2023-38735 | 2023-10-22 | IBM Cognos Dashboards improper authentication |
| CVE-2023-46085 | 2023-10-22 | WordPress Wp Ultimate Review Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46089 | 2023-10-22 | WordPress Userback Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46095 | 2023-10-22 | WordPress Smooth Scroll Links Plugin <= 1.1.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-5693 | 2023-10-22 | CodeAstro Internet Banking System pages_reset_pwd.php sql injection |
| CVE-2023-5694 | 2023-10-22 | CodeAstro Internet Banking System pages_system_settings.php cross site scripting |
| CVE-2023-5695 | 2023-10-22 | CodeAstro Internet Banking System pages_reset_pwd.php cross site scripting |
| CVE-2023-5696 | 2023-10-22 | CodeAstro Internet Banking System pages_transfer_money.php cross site scripting |
| CVE-2023-5697 | 2023-10-22 | CodeAstro Internet Banking System pages_withdraw_money.php cross site scripting |
| CVE-2023-5698 | 2023-10-22 | CodeAstro Internet Banking System pages_deposit_money.php cross site scripting |
| CVE-2023-5699 | 2023-10-22 | CodeAstro Internet Banking System pages_view_client.php cross site scripting |
| CVE-2023-5700 | 2023-10-22 | Netentsec NS-ASG Application Security Gateway uploadiscgwrouteconf.php sql injection |
| CVE-2023-27148 | 2023-10-23 | A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the... |
| CVE-2023-27149 | 2023-10-23 | A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when... |
| CVE-2023-27152 | 2023-10-23 | DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication. |
| CVE-2023-33517 | 2023-10-23 | carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end System). |