CVE List - 2023 / October
Showing 1001 - 1100 of 2690 CVEs for October 2023 (Page 11 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-44176 | 2023-10-12 | Junos OS : Stack overflow vulnerability in CLI command processing |
| CVE-2023-44178 | 2023-10-12 | Junos OS : Stack overflow vulnerability in CLI command processing |
| CVE-2023-44181 | 2023-10-12 | Junos OS: QFX5k: l2 loop in the overlay impacts the stability in a EVPN/VXLAN environment |
| CVE-2023-44182 | 2023-10-12 | Junos OS and Junos OS Evolved: An Unchecked Return Value in multiple users interfaces affects confidentiality and integrity of device operations |
| CVE-2023-44183 | 2023-10-12 | Junos OS: QFX5000 Series, EX4600 Series: In a VxLAN scenario an adjacent attacker within the VxLAN sending genuine packets may cause a DMA memory leak to occur. |
| CVE-2023-44184 | 2023-10-12 | Junos OS and Junos OS Evolved: High CPU load due to specific NETCONF command |
| CVE-2023-44185 | 2023-10-12 | Junos OS and Junos OS Evolved: In an BGP scenario RPD crashes upon receiving and processing a specific malformed ISO VPN BGP UPDATE packet |
| CVE-2023-44191 | 2023-10-12 | Junos OS: QFX5000 Series and EX4000 Series: Denial of Service (DoS) on a large scale VLAN due to PFE hogging |
| CVE-2023-44192 | 2023-10-12 | Junos OS: QFX5000 Series: DMA memory leak is observed when specific DHCP packets are transmitted over pseudo-VTEP |
| CVE-2023-44193 | 2023-10-12 | Junos OS: MX Series: An FPC crash is observed when CFM is enabled in a VPLS scenario and a specific LDP related command is run |
| CVE-2023-44194 | 2023-10-12 | Junos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privileges |
| CVE-2023-44195 | 2023-10-12 | Junos OS Evolved: Packets which are not destined to the router can reach the RE |
| CVE-2023-44196 | 2023-10-12 | Junos OS Evolved: PTX10003 Series: Packets which are not destined to the router can reach the RE |
| CVE-2023-44197 | 2023-10-12 | Junos OS and Junos OS Evolved: An rpd crash may occur when BGP is processing newly learned routes |
| CVE-2023-44198 | 2023-10-12 | Junos OS: SRX Series and MX Series: SIP ALG doesn't drop specifically malformed retransmitted SIP packets |
| CVE-2023-44199 | 2023-10-12 | Junos OS: MX Series: In a PTP scenario a prolonged routing protocol churn can trigger an FPC reboot |
| CVE-2023-44201 | 2023-10-12 | Junos OS and Junos OS Evolved: A local attacker can retrieve sensitive information and elevate privileges on the device to an authorized user. |
| CVE-2023-44203 | 2023-10-12 | Junos OS: QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600: Packet flooding will occur when IGMP traffic is sent to an isolated VLAN |
| CVE-2023-44204 | 2023-10-12 | Junos OS and Junos OS Evolved: The rpd will crash upon receiving a malformed BGP UPDATE message |
| CVE-2023-5563 | 2023-10-12 | The SJA1000 CAN controller driver backend automatically attempt to recover... |
| CVE-2023-45391 | 2023-10-13 | A stored cross-site scripting (XSS) vulnerability in the Create A... |
| CVE-2023-45393 | 2023-10-13 | An indirect object reference (IDOR) in GRANDING UTime Master v9.0.7-Build:Apr... |
| CVE-2023-45463 | 2023-10-13 | Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via... |
| CVE-2023-45464 | 2023-10-13 | Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via... |
| CVE-2023-45465 | 2023-10-13 | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability... |
| CVE-2023-45466 | 2023-10-13 | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability... |
| CVE-2023-45467 | 2023-10-13 | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability... |
| CVE-2023-45468 | 2023-10-13 | Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via... |
| CVE-2023-5564 | 2023-10-13 | Cross-site Scripting (XSS) - Stored in froxlor/froxlor |
| CVE-2023-4562 | 2023-10-13 | Information Disclosure, Information Tampering and Authentication Bypass Vulnerability in MELSEC-F Series main module |
| CVE-2023-5557 | 2023-10-13 | Tracker-miners: sandbox escape |
| CVE-2023-42752 | 2023-10-13 | Kernel: integer overflow in igmpv3_newpack leading to exploitable memory access |
| CVE-2023-38221 | 2023-10-13 | Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) |
| CVE-2023-38249 | 2023-10-13 | Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) |
| CVE-2023-38250 | 2023-10-13 | Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) |
| CVE-2023-38218 | 2023-10-13 | Incorrect Authorization - Customer account takeover |
| CVE-2023-26366 | 2023-10-13 | Validate Your Inputs | Server-Side Request Forgery (SSRF) (CWE-918) |
| CVE-2023-26367 | 2023-10-13 | Error based file extraction via PHP filter chains during product bulk import logic |
| CVE-2023-38220 | 2023-10-13 | Full page cache enumeration via cookie X-Magento-Vary |
| CVE-2023-38219 | 2023-10-13 | Validate Your Inputs | Cross-site Scripting (Stored XSS) (CWE-79) - Customer to Admin stored XSS with Gift wrapping |
| CVE-2023-38251 | 2023-10-13 | Adobe Commerce | Uncontrolled Resource Consumption (CWE-400) |
| CVE-2023-5571 | 2023-10-13 | Improper Input Validation in vriteio/vrite |
| CVE-2023-5572 | 2023-10-13 | Server-Side Request Forgery (SSRF) in vriteio/vrite |
| CVE-2023-38000 | 2023-10-13 | Auth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links Block |
| CVE-2023-5573 | 2023-10-13 | Allocation of Resources Without Limits or Throttling in vriteio/vrite |
| CVE-2023-39999 | 2023-10-13 | WordPress < 6.3.2 is vulnerable to Broken Access Control |
| CVE-2023-43079 | 2023-10-13 | Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an... |
| CVE-2023-45107 | 2023-10-13 | WordPress GoodBarber Plugin <= 1.0.22 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45108 | 2023-10-13 | WordPress Mailrelay Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-39960 | 2023-10-13 | Nextcloud Server has improper restriction of excessive authentication attempts on WebDAV endpoint |
| CVE-2023-45130 | 2023-10-13 | Frontier opcode SUICIDE touches too many storage values on large contracts |
| CVE-2023-5240 | 2023-10-13 | Improper access control in PAM propagation scripts in Devolutions Server... |
| CVE-2023-4829 | 2023-10-13 | Cross-site Scripting (XSS) - Stored in froxlor/froxlor |
| CVE-2023-4517 | 2023-10-13 | Cross-site Scripting (XSS) - Stored in hestiacp/hestiacp |
| CVE-2023-4995 | 2023-10-13 | The Embed Calendly plugin for WordPress is vulnerable to Stored... |
| CVE-2023-45162 | 2023-10-13 | Blind SQL vulnerability in 1E platform |
| CVE-2023-29464 | 2023-10-13 | Rockwell Automation FactoryTalk Linx Vulnerable to Denial-of-Service and Information Disclosure |
| CVE-2023-45109 | 2023-10-13 | WordPress WhitePage Plugin <= 1.1.5 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-33303 | 2023-10-13 | A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through... |
| CVE-2023-45267 | 2023-10-13 | WordPress IRivYou Plugin <= 2.2.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-41682 | 2023-10-13 | A improper limitation of a pathname to a restricted directory... |
| CVE-2023-41681 | 2023-10-13 | A improper neutralization of input during web page generation ('cross-site... |
| CVE-2023-41680 | 2023-10-13 | A improper neutralization of input during web page generation ('cross-site... |
| CVE-2023-41843 | 2023-10-13 | A improper neutralization of input during web page generation ('cross-site... |
| CVE-2023-41836 | 2023-10-13 | An improper neutralization of input during web page generation ('cross-site... |
| CVE-2023-45268 | 2023-10-13 | WordPress Hitsteps Web Analytics Plugin <= 5.86 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45269 | 2023-10-13 | WordPress Simple SEO Plugin <= 2.0.25 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45276 | 2023-10-13 | WordPress Automated Editor Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45270 | 2023-10-13 | WordPress Pinpoint Booking System Plugin <= 2.9.9.4.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-40682 | 2023-10-13 | IBM App Connect Enterprise information disclosure |
| CVE-2023-5409 | 2023-10-13 | HP is aware of a potential security vulnerability in HP... |
| CVE-2023-5449 | 2023-10-13 | A potential security vulnerability has been identified in certain HP... |
| CVE-2023-4499 | 2023-10-13 | A potential security vulnerability has been identified in the HP... |
| CVE-2023-32970 | 2023-10-13 | QTS, QuTS hero, QuTScloud |
| CVE-2023-32973 | 2023-10-13 | QTS, QuTS hero, QuTScloud |
| CVE-2023-32974 | 2023-10-13 | QTS, QuTS hero, QuTScloud |
| CVE-2023-32976 | 2023-10-13 | Container Station |
| CVE-2023-34975 | 2023-10-13 | QTS, QuTS hero, QuTScloud |
| CVE-2023-34976 | 2023-10-13 | Video Station |
| CVE-2023-34977 | 2023-10-13 | Video Station |
| CVE-2023-36559 | 2023-10-13 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2023-4263 | 2023-10-13 | Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver |
| CVE-2023-4257 | 2023-10-13 | Unchecked user input length in the Zephyr WiFi shell module |
| CVE-2023-45674 | 2023-10-13 | SQL injection vulnerability in Farmbot-Web-App |
| CVE-2023-30148 | 2023-10-14 | Multiple Stored Cross Site Scripting (XSS) vulnerabilities in Opart opartmultihtmlblock... |
| CVE-2023-30154 | 2023-10-14 | Multiple improper neutralization of SQL parameters in module AfterMail (aftermailpresta)... |
| CVE-2023-44037 | 2023-10-14 | An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru... |
| CVE-2023-45852 | 2023-10-14 | In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to... |
| CVE-2023-45853 | 2023-10-14 | MiniZip in zlib through 1.3 has an integer overflow and... |
| CVE-2023-45855 | 2023-10-14 | qdPM 9.2 allows Directory Traversal to list files and directories... |
| CVE-2023-45856 | 2023-10-14 | qdPM 9.2 allows remote code execution by using the Add... |
| CVE-2023-45862 | 2023-10-14 | An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250... |
| CVE-2023-45863 | 2023-10-14 | An issue was discovered in lib/kobject.c in the Linux kernel... |
| CVE-2023-26155 | 2023-10-14 | All versions of the package node-qpdf are vulnerable to Command... |
| CVE-2023-42780 | 2023-10-14 | Apache Airflow: Improper access control vulnerability in the "List dag warnings" feature |
| CVE-2023-45348 | 2023-10-14 | Apache Airflow: Configuration information leakage vulnerability |
| CVE-2023-42792 | 2023-10-14 | Apache Airflow: Improper access control to DAG resources |
| CVE-2023-42663 | 2023-10-14 | Apache Airflow: Bypass permission verification to view task instances of other dags |
| CVE-2023-5578 | 2023-10-14 | Portábilis i-Educar HTTP GET Request agenda_imprimir.php cross site scripting |
| CVE-2023-1259 | 2023-10-14 | The Hotjar plugin for WordPress is vulnerable to Stored Cross-Site... |