CVE List - 2023 / October
Showing 1801 - 1900 of 2690 CVEs for October 2023 (Page 19 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-33517 | 2023-10-23 | carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File... |
| CVE-2023-37635 | 2023-10-23 | UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute... |
| CVE-2023-37636 | 2023-10-23 | A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton... |
| CVE-2023-42295 | 2023-10-23 | An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker... |
| CVE-2023-43358 | 2023-10-23 | Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local... |
| CVE-2023-44760 | 2023-10-23 | Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1... |
| CVE-2023-45966 | 2023-10-23 | umputun remark42 version 1.12.1 and before has a Blind Server-Side... |
| CVE-2023-45998 | 2023-10-23 | kodbox 1.44 is vulnerable to Cross Site Scripting (XSS). Customizing... |
| CVE-2023-46058 | 2023-10-23 | Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows... |
| CVE-2023-46059 | 2023-10-23 | Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows... |
| CVE-2023-46324 | 2023-10-23 | pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19... |
| CVE-2023-46331 | 2023-10-23 | WebAssembly wabt 1.0.33 has an Out-of-Bound Memory Read in in... |
| CVE-2023-46332 | 2023-10-23 | WebAssembly wabt 1.0.33 contains an Out-of-Bound Memory Write in DataSegment::Drop(),... |
| CVE-2023-46602 | 2023-10-23 | In International Color Consortium DemoIccMAX 79ecb74, there is a stack-based... |
| CVE-2023-46603 | 2023-10-23 | In International Color Consortium DemoIccMAX 79ecb74, there is an out-of-bounds... |
| CVE-2023-5701 | 2023-10-23 | vnotex vnote Markdown File cross site scripting |
| CVE-2023-5702 | 2023-10-23 | Viessmann Vitogate 300 direct request |
| CVE-2023-43624 | 2023-10-23 | CX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an... |
| CVE-2023-45802 | 2023-10-23 | Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST |
| CVE-2023-43622 | 2023-10-23 | Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 |
| CVE-2023-31122 | 2023-10-23 | Apache HTTP Server: mod_macro buffer over-read |
| CVE-2023-5246 | 2023-10-23 | Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with... |
| CVE-2021-26734 | 2023-10-23 | Junction Delete leading to elevation of privilege |
| CVE-2021-26735 | 2023-10-23 | Untrusted Search Path While Executing REG DELETE by Uninstaller |
| CVE-2021-26736 | 2023-10-23 | ZApp Installer Privilege Escalation Vulnerabilities |
| CVE-2021-26737 | 2023-10-23 | Privilege Escalation Using PID Reuse in ZCC macOS |
| CVE-2021-26738 | 2023-10-23 | Privilege Escalation for ZCC macOS via PATH Variable |
| CVE-2023-28793 | 2023-10-23 | Heap Based Buffer Overflow in Library |
| CVE-2023-28795 | 2023-10-23 | Client IPC validation bypass |
| CVE-2023-28796 | 2023-10-23 | IPC Bypass Through PLT Section in ELF |
| CVE-2023-28797 | 2023-10-23 | LPE using arbitrary file delete with Symlinks |
| CVE-2023-28803 | 2023-10-23 | Traffic being bypassed by ZCC by configuring synthetic IP range as local network |
| CVE-2023-28804 | 2023-10-23 | Linux ZCC allows unsigned updates, allowing elevated Code Execution |
| CVE-2023-28805 | 2023-10-23 | ZCC on Linux privilege escalation |
| CVE-2023-5718 | 2023-10-23 | The Vue.js Devtools extension was found to leak screenshot data... |
| CVE-2023-46127 | 2023-10-23 | Frappe vulnerable to HTML injection by any Desk user |
| CVE-2023-43074 | 2023-10-23 | Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A... |
| CVE-2023-43065 | 2023-10-23 | Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability.... |
| CVE-2023-43066 | 2023-10-23 | Dell Unity prior to 5.3 contains a Restricted Shell Bypass... |
| CVE-2023-43067 | 2023-10-23 | Dell Unity prior to 5.3 contains an XML External Entity... |
| CVE-2023-46122 | 2023-10-23 | Arbitrary file write via archive extraction (Zip Slip) vulnerability in sbt |
| CVE-2023-37532 | 2023-10-23 | A path traversal vulnerability affects HCL Commerce |
| CVE-2023-43045 | 2023-10-23 | IBM Sterling Partner Engagement Manager security bypass |
| CVE-2023-38722 | 2023-10-23 | IBM Sterling Partner Engagement Manager cross-site scripting |
| CVE-2023-46288 | 2023-10-23 | Apache Airflow: Sensitive parameters exposed in API when "non-sensitive-only" configuration is set |
| CVE-2023-33840 | 2023-10-23 | IBM Security Verify Governance cross-site scripting |
| CVE-2022-22466 | 2023-10-23 | IBM Security Verify Governance information disclosure |
| CVE-2023-33839 | 2023-10-23 | IBM Security Verify Governance command execution |
| CVE-2023-33837 | 2023-10-23 | IBM Security Verify Governance information disclosure |
| CVE-2023-5633 | 2023-10-23 | Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling |
| CVE-2022-38484 | 2023-10-24 | An arbitrary file upload and directory traversal vulnerability exist in... |
| CVE-2022-38485 | 2023-10-24 | A directory traversal vulnerability exists in the AgeVolt Portal prior... |
| CVE-2023-29973 | 2023-10-24 | Pfsense CE version 2.6.0 is vulnerable to No rate limit... |
| CVE-2023-31580 | 2023-10-24 | light-oauth2 before version 2.1.27 obtains the public key without any... |
| CVE-2023-31581 | 2023-10-24 | Dromara Sureness before v1.0.8 was discovered to use a hardcoded... |
| CVE-2023-31582 | 2023-10-24 | jose4j before v0.9.3 allows attackers to set a low iteration... |
| CVE-2023-36085 | 2023-10-24 | The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host... |
| CVE-2023-39619 | 2023-10-24 | ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker... |
| CVE-2023-39732 | 2023-10-24 | The leakage of the client secret in Tokueimaru_waiting Line 13.6.1... |
| CVE-2023-39733 | 2023-10-24 | The leakage of the client secret in TonTon-Tei Line v13.6.1... |
| CVE-2023-39734 | 2023-10-24 | The leakage of the client secret in VISION MEAT WORKS... |
| CVE-2023-39735 | 2023-10-24 | The leakage of the client secret in Uomasa_Saiji_news Line 13.6.1... |
| CVE-2023-39736 | 2023-10-24 | The leakage of the client secret in Fukunaga_memberscard Line 13.6.1... |
| CVE-2023-39737 | 2023-10-24 | The leakage of the client secret in Matsuya Line 13.6.1... |
| CVE-2023-39739 | 2023-10-24 | The leakage of the client secret in REGINA SWEETS&BAKERY Line... |
| CVE-2023-39740 | 2023-10-24 | The leakage of the client secret in Onigiriya-musubee Line 13.6.1... |
| CVE-2023-43281 | 2023-10-24 | Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a... |
| CVE-2023-43360 | 2023-10-24 | Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local... |
| CVE-2023-44767 | 2023-10-24 | A File upload vulnerability in RiteCMS 3.0 allows a local... |
| CVE-2023-44769 | 2023-10-24 | A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows... |
| CVE-2023-45554 | 2023-10-24 | File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker... |
| CVE-2023-45555 | 2023-10-24 | File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker... |
| CVE-2023-45990 | 2023-10-24 | Insecure Permissions vulnerability in WenwenaiCMS v.1.0 allows a remote attacker... |
| CVE-2023-46010 | 2023-10-24 | An issue in SeaCMS v.12.9 allows an attacker to execute... |
| CVE-2023-46316 | 2023-10-24 | In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper... |
| CVE-2023-46369 | 2023-10-24 | Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the... |
| CVE-2023-46370 | 2023-10-24 | Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via the... |
| CVE-2023-46371 | 2023-10-24 | TP-Link device TL-WDR7660 2.0.30 and TL-WR886N 2.0.12 has a stack... |
| CVE-2023-46373 | 2023-10-24 | TP-Link TL-WDR7660 2.0.30 has a stack overflow vulnerability via the... |
| CVE-2023-46574 | 2023-10-24 | An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker... |
| CVE-2023-5746 | 2023-10-24 | A vulnerability regarding use of externally-controlled format string is found... |
| CVE-2023-46150 | 2023-10-24 | WordPress WP Radio plugin <= 3.1.9 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46151 | 2023-10-24 | WordPress Product Category Tree Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46152 | 2023-10-24 | WordPress WOLF Plugin <= 1.0.7.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46189 | 2023-10-24 | WordPress Google Calendar Events Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46190 | 2023-10-24 | WordPress Novo-Map : your WP posts on custom google maps Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-5748 | 2023-10-24 | Buffer copy without checking size of input ('Classic Buffer Overflow')... |
| CVE-2023-46191 | 2023-10-24 | WordPress Open Graph Metabox Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46193 | 2023-10-24 | WordPress Internal Link Building Plugin <= 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46198 | 2023-10-24 | WordPress Appointment Calendar Plugin <= 2.9.6 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46202 | 2023-10-24 | WordPress Auto Login New User After Registration Plugin <= 1.9.6 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46204 | 2023-10-24 | WordPress Duplicate Theme Plugin <= 0.1.6 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-45634 | 2023-10-24 | WordPress Copy Or Move Comments Plugin <= 5.0.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45637 | 2023-10-24 | WordPress EventPrime Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45640 | 2023-10-24 | WordPress WP ULike Plugin <= 4.6.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45644 | 2023-10-24 | WordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45646 | 2023-10-24 | WordPress PDF Block Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45747 | 2023-10-24 | WordPress WP Lightbox 2 Plugin <= 3.0.6.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45750 | 2023-10-24 | WordPress Nexter Extension Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45754 | 2023-10-24 | WordPress Easy Testimonial Slider and Form Plugin <= 1.0.18 is vulnerable to Cross Site Scripting (XSS) |