CVE List - 2023 / October
Showing 1601 - 1700 of 2690 CVEs for October 2023 (Page 17 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-34366 | 2023-10-19 | A use-after-free vulnerability exists in the Figure stream parsing functionality... |
| CVE-2023-5059 | 2023-10-19 | Santesoft Sante FFT Imaging Out-of-bounds Read |
| CVE-2023-39431 | 2023-10-19 | Santesoft Sante DICOM Viewer Pro Out-of-bounds Write |
| CVE-2023-35986 | 2023-10-19 | Santesoft Sante DICOM Viewer Pro Stack-based Buffer Overflow |
| CVE-2023-40153 | 2023-10-19 | Cross-site Scripting in DEXMA DEXGate |
| CVE-2023-41088 | 2023-10-19 | Cleartext Transmission of Sensitive Information in DEXMA DEXGate |
| CVE-2023-41089 | 2023-10-19 | Improper Authentication in DEXMA DEXGate |
| CVE-2023-42435 | 2023-10-19 | Cross-Site Request Forgery in DEXMA DEXGate |
| CVE-2023-42666 | 2023-10-19 | Exposure of Sensitive Information to an Unauthorized Actor in DEXMA DEXGate |
| CVE-2023-45825 | 2023-10-19 | Token in custom credentials object can leak through logs in ydb-go-sdk |
| CVE-2023-45826 | 2023-10-19 | Authenticated SQL Injection in leantime |
| CVE-2023-45809 | 2023-10-19 | Disclosure of user names via admin bulk action views in wagtail |
| CVE-2023-45820 | 2023-10-19 | Directus crashes on invalid WebSocket message |
| CVE-2023-38584 | 2023-10-19 | Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow |
| CVE-2023-40145 | 2023-10-19 | Weintek cMT3000 HMI Web CGI OS Command Injection |
| CVE-2023-43492 | 2023-10-19 | Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow |
| CVE-2023-45821 | 2023-10-19 | Incorrect Docker Hub registry check in Artifact Hub |
| CVE-2023-45822 | 2023-10-19 | Unsafe rego built-in allowed in Artifact Hub |
| CVE-2023-45823 | 2023-10-19 | Arbitrary file read in Artifact Hub |
| CVE-2023-45815 | 2023-10-19 | Viewing wget extractor output while logged in as an admin allows archived JS to execute in the admins context in ArchiveBox |
| CVE-2023-45819 | 2023-10-19 | Cross-site Scripting vulnerability in TinyMCE notificationManager.open API |
| CVE-2023-45818 | 2023-10-19 | Cross-site Scripting vulnerability in TinyMCE undo/redo, getContent API, resetContent API, and Autosave plugin |
| CVE-2023-44385 | 2023-10-19 | Client-Side Request Forgery in Home Assistant iOS/macOS native Apps |
| CVE-2023-41898 | 2023-10-19 | Arbitrary URL load in Android WebView in `MyActivity.kt` in Home Assistant Companion for Android |
| CVE-2023-41899 | 2023-10-19 | Partial Server-Side Request Forgery in Home Assistant Core |
| CVE-2023-41897 | 2023-10-19 | Lack of XFO header allows clickjacking in Home Assistant Core |
| CVE-2023-41896 | 2023-10-19 | Fake websocket server installation permits full takeover in Home Assistant Core |
| CVE-2023-41895 | 2023-10-19 | Cross-site Scripting via auth_callback login in Home Assistant Core |
| CVE-2023-41894 | 2023-10-19 | Local-only webhooks externally accessible via SniTun in Home Assistant Core |
| CVE-2023-41893 | 2023-10-19 | Account takeover via auth_callback login in Home Assistant Core |
| CVE-2023-46115 | 2023-10-19 | Updater Private Keys Possibly Leaked via Vite Environment Variables in tauri-cli |
| CVE-2023-32786 | 2023-10-20 | In Langchain through 0.0.155, prompt injection allows an attacker to... |
| CVE-2023-37824 | 2023-10-20 | Sitolog sitologapplicationconnect v7.8.a and before was discovered to contain a... |
| CVE-2023-38191 | 2023-10-20 | An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtest_external.php... |
| CVE-2023-39680 | 2023-10-20 | Sollace Unicopia version 1.1.1 and before was discovered to deserialize... |
| CVE-2023-40361 | 2023-10-20 | SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the... |
| CVE-2023-43346 | 2023-10-20 | Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows... |
| CVE-2023-43353 | 2023-10-20 | Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local... |
| CVE-2023-43354 | 2023-10-20 | Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local... |
| CVE-2023-43355 | 2023-10-20 | Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local... |
| CVE-2023-43356 | 2023-10-20 | Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local... |
| CVE-2023-43357 | 2023-10-20 | Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local... |
| CVE-2023-45394 | 2023-10-20 | Stored Cross-Site Scripting (XSS) vulnerability in the Company field in... |
| CVE-2023-45471 | 2023-10-20 | The QAD Search Server is vulnerable to Stored Cross-Site Scripting... |
| CVE-2023-46277 | 2023-10-20 | please (aka pleaser) through 0.5.4 allows privilege escalation through the... |
| CVE-2023-46287 | 2023-10-20 | XSS exists in NagVis before 1.9.38 via the select function... |
| CVE-2023-34052 | 2023-10-20 | VMware Aria Operations for Logs contains a deserialization vulnerability. A... |
| CVE-2023-34051 | 2023-10-20 | VMware Aria Operations for Logs contains an authentication bypass vulnerability.... |
| CVE-2023-5614 | 2023-10-20 | The Theme Switcha plugin for WordPress is vulnerable to Stored... |
| CVE-2023-5613 | 2023-10-20 | The Super Testimonials plugin for WordPress is vulnerable to Stored... |
| CVE-2023-5668 | 2023-10-20 | The WhatsApp Share Button plugin for WordPress is vulnerable to... |
| CVE-2023-5071 | 2023-10-20 | The Sitekit plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2023-4598 | 2023-10-20 | The Slimstat Analytics plugin for WordPress is vulnerable to SQL... |
| CVE-2020-36698 | 2023-10-20 | The Security & Malware scan by CleanTalk plugin for WordPress... |
| CVE-2023-4482 | 2023-10-20 | The Auto Amazon Links plugin for WordPress is vulnerable to... |
| CVE-2023-5308 | 2023-10-20 | The Podcast Subscribe Buttons plugin for WordPress is vulnerable to... |
| CVE-2023-4402 | 2023-10-20 | The Essential Blocks plugin for WordPress is vulnerable to PHP... |
| CVE-2023-4942 | 2023-10-20 | The BEAR for WordPress is vulnerable to Cross-Site Request Forgery... |
| CVE-2023-4947 | 2023-10-20 | The WooCommerce EAN Payment Gateway plugin for WordPress is vulnerable... |
| CVE-2023-4975 | 2023-10-20 | The Website Builder by SeedProd plugin for WordPress is vulnerable... |
| CVE-2023-4943 | 2023-10-20 | The BEAR for WordPress is vulnerable to Missing Authorization in... |
| CVE-2022-4954 | 2023-10-20 | The Waiting: One-click countdowns plugin for WordPress is vulnerable to... |
| CVE-2023-5050 | 2023-10-20 | The Leaflet Map plugin for WordPress is vulnerable to Stored... |
| CVE-2023-4940 | 2023-10-20 | The BEAR for WordPress is vulnerable to Cross-Site Request Forgery... |
| CVE-2023-5200 | 2023-10-20 | The flowpaper plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2023-5120 | 2023-10-20 | The Migration, Backup, Staging – WPvivid plugin for WordPress is... |
| CVE-2023-4919 | 2023-10-20 | The iframe plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2023-4271 | 2023-10-20 | The Photospace Responsive plugin for WordPress is vulnerable to Stored... |
| CVE-2023-4937 | 2023-10-20 | The BEAR for WordPress is vulnerable to Cross-Site Request Forgery... |
| CVE-2023-5414 | 2023-10-20 | The Icegram Express plugin for WordPress is vulnerable to Directory... |
| CVE-2023-5576 | 2023-10-20 | The Migration, Backup, Staging - WPvivid plugin for WordPress is... |
| CVE-2020-36706 | 2023-10-20 | The Simple:Press – WordPress Forum Plugin for WordPress is vulnerable... |
| CVE-2023-4920 | 2023-10-20 | The BEAR for WordPress is vulnerable to Cross-Site Request Forgery... |
| CVE-2021-4353 | 2023-10-20 | The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is... |
| CVE-2023-4274 | 2023-10-20 | The Migration, Backup, Staging – WPvivid plugin for WordPress is... |
| CVE-2023-4935 | 2023-10-20 | The BEAR for WordPress is vulnerable to Cross-Site Request Forgery... |
| CVE-2021-4335 | 2023-10-20 | The Fancy Product Designer plugin for WordPress is vulnerable to... |
| CVE-2023-4488 | 2023-10-20 | The Dropbox Folder Share for WordPress is vulnerable to Local... |
| CVE-2023-4968 | 2023-10-20 | The WPLegalPages plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2022-4712 | 2023-10-20 | The WP Cerber Security plugin for WordPress is vulnerable to... |
| CVE-2023-2325 | 2023-10-20 | Stored XSS Vulnerability in M-Files Classic Web |
| CVE-2023-5523 | 2023-10-20 | M-Files Web Companion allows Remote Code Execution |
| CVE-2023-5524 | 2023-10-20 | M-Files Web Companion allows Remote Code Execution for some filetypes |
| CVE-2022-4943 | 2023-10-20 | The miniOrange's Google Authenticator plugin for WordPress is vulnerable to... |
| CVE-2023-4961 | 2023-10-20 | The Poptin plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2023-4923 | 2023-10-20 | The BEAR for WordPress is vulnerable to Cross-Site Request Forgery... |
| CVE-2023-4924 | 2023-10-20 | The BEAR for WordPress is vulnerable to Missing Authorization in... |
| CVE-2023-5534 | 2023-10-20 | The AI ChatBot plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-5615 | 2023-10-20 | The Skype Legacy Buttons plugin for WordPress is vulnerable to... |
| CVE-2020-36714 | 2023-10-20 | The Brizy plugin for WordPress is vulnerable to authorization bypass... |
| CVE-2022-3342 | 2023-10-20 | The Jetpack CRM plugin for WordPress is vulnerable to PHAR... |
| CVE-2023-3998 | 2023-10-20 | The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification... |
| CVE-2023-4796 | 2023-10-20 | The Booster for WooCommerce for WordPress is vulnerable to Information... |
| CVE-2023-5533 | 2023-10-20 | The AI ChatBot plugin for WordPress is vulnerable to unauthorized... |
| CVE-2020-36751 | 2023-10-20 | The Coupon Creator plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-4926 | 2023-10-20 | The BEAR for WordPress is vulnerable to Cross-Site Request Forgery... |
| CVE-2023-5337 | 2023-10-20 | The Contact form Form For All plugin for WordPress is... |
| CVE-2023-4386 | 2023-10-20 | The Essential Blocks plugin for WordPress is vulnerable to PHP... |
| CVE-2022-2441 | 2023-10-20 | The ImageMagick Engine plugin for WordPress is vulnerable to remote... |
| CVE-2023-3869 | 2023-10-20 | The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification... |