CVE List - 2023 / October

Showing 2201 - 2300 of 2690 CVEs for October 2023 (Page 23 of 27)

CVE ID Date Title
CVE-2023-45869 2023-10-26 ILIAS 7.25 (2023-09-12) allows any authenticated user to execute arbitrary...
CVE-2023-46374 2023-10-26 ZenTao Enterprise Edition version 4.1.3 and before is vulnerable to...
CVE-2023-46435 2023-10-26 Sourcecodester Packers and Movers Management System v1.0 is vulnerable to...
CVE-2023-46449 2023-10-26 Sourcecodester Free and Open Source inventory management system v1.0 is...
CVE-2023-46450 2023-10-26 Sourcecodester Free and Open Source inventory management system 1.0 is...
CVE-2023-46491 2023-10-26 ZenTao Biz version 4.1.3 and before has a Cross Site...
CVE-2023-46752 2023-10-26 An issue was discovered in FRRouting FRR through 9.0.1. It...
CVE-2023-46753 2023-10-26 An issue was discovered in FRRouting FRR through 9.0.1. A...
CVE-2023-46754 2023-10-26 The admin panel for Obl.ong before 1.1.2 allows authorization bypass...
CVE-2023-43208 2023-10-26 NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to...
CVE-2023-46667 2023-10-26 Fleet Server Insertion of Sensitive Information into Log File
CVE-2023-31422 2023-10-26 Kibana Insertion of Sensitive Information into Log File
CVE-2023-31421 2023-10-26 Beats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue
CVE-2023-5139 2023-10-26 Potential buffer overflow vulnerability in the Zephyr STM32 Crypto driver
CVE-2023-5798 2023-10-26 Assistant < 1.4.4 - Editor+ SSRF
CVE-2023-46072 2023-10-26 WordPress Add Shortcodes Actions And Filters Plugin <= 2.0.9 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-5802 2023-10-26 WordPress WP Knowledgebase Plugin <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-46074 2023-10-26 WordPress FreshMail For WordPress Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-30492 2023-10-26 WordPress Minimum Purchase for WooCommerce Plugin <= 2.0.0.1 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-5780 2023-10-26 Tongda OA 2017 delete.php sql injection
CVE-2023-46075 2023-10-26 WordPress Contact Form Builder, Contact Widget Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-46076 2023-10-26 WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.102 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-46077 2023-10-26 WordPress The Awesome Feed – Custom Feed Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-46081 2023-10-26 WordPress Lava Directory Manager Plugin <= 1.1.34 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-32116 2023-10-26 WordPress Custom post types Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-46094 2023-10-26 WordPress Conversios.io Plugin <= 6.5.3 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-46088 2023-10-26 WordPress WP Full Stripe Free Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-5781 2023-10-26 Tongda OA 2017 delete_webmail.php DELETE_STR sql injection
CVE-2023-41095 2023-10-26 Keys Stored in Plaintext on Secure Vault High for Silabs OpenThread devices
CVE-2023-41096 2023-10-26 Keys Stored in Plaintext on Secure Vault High for Silabs Ember ZNet devices
CVE-2023-46090 2023-10-26 WordPress Spider Facebook Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-5782 2023-10-26 Tongda OA 2017 General News delete_query.php sql injection
CVE-2023-5783 2023-10-26 Tongda OA 2017 delete.php sql injection
CVE-2023-46238 2023-10-26 XSS with User Avatar image in ZITADEL
CVE-2023-5784 2023-10-26 Netentsec NS-ASG Application Security Gateway uploadfirewall.php sql injection
CVE-2023-46234 2023-10-26 browserify-sign vulnerable via an upper bound check issue in `dsaVerify` that leads to a signature forgery attack
CVE-2023-5785 2023-10-26 Netentsec NS-ASG Application Security Gateway addaddress_interpret.php sql injection
CVE-2023-5786 2023-10-26 GeoServer GeoWebCache rest.html direct request
CVE-2023-5787 2023-10-26 Shaanxi Chanming Education Technology Score Query System sql injection
CVE-2023-5789 2023-10-26 Dragon Path 707GR1 Ping Diagnostics cross site scripting
CVE-2023-5790 2023-10-26 SourceCodester File Manager App add-file.php unrestricted upload
CVE-2023-42769 2023-10-26 Sielco Radio Link and Analog FM Transmitters Improper Access Control
CVE-2023-46666 2023-10-26 Elastic Sharepoint Online Python Connector Improper Access Control
CVE-2023-45317 2023-10-26 Sielco Radio Link and Analog FM Transmitters Cross-Site Request Forgery
CVE-2023-5622 2023-10-26 Privilege Escalation
CVE-2023-45228 2023-10-26 Sielco Radio Link and Analog FM Transmitters Improper Access Control
CVE-2023-41966 2023-10-26 Sielco Radio Link and Analog FM Transmitters Privilege Defined With Unsafe Actions
CVE-2023-5623 2023-10-26 Privilege Escalation
CVE-2023-5791 2023-10-26 SourceCodester Sticky Notes App add-note.php cross site scripting
CVE-2023-5792 2023-10-26 SourceCodester Sticky Notes App delete-note.php sql injection
CVE-2023-5624 2023-10-26 Blind SQL Injection
CVE-2023-5793 2023-10-26 flusity CMS Dashboard customblock.php loadCustomBlocCreateForm cross site scripting
CVE-2023-5794 2023-10-26 PHPGurukul Online Railway Catering System Login index.php sql injection
CVE-2023-31419 2023-10-26 Elasticsearch StackOverflow vulnerability
CVE-2023-5795 2023-10-26 CodeAstro POS System Profile Picture profil unrestricted upload
CVE-2023-5796 2023-10-26 CodeAstro POS System Logo setting unrestricted upload
CVE-2023-31418 2023-10-26 Elasticsearch uncontrolled resource consumption
CVE-2023-31417 2023-10-26 Elasticsearch Insertion of sensitive information in audit logs
CVE-2023-31416 2023-10-26 Elastic Cloud on Kubernetes (ECK) secret token configuration issue
CVE-2023-44267 2023-10-26 Online Art Gallery v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CVE-2023-39936 2023-10-26 Ashlar-Vellum Graphite Out-of-bounds Read
CVE-2023-39427 2023-10-26 Ashlar-Vellum Cobalt, Xenon, Argon, Lithium Out-of-bounds Write
CVE-2023-0897 2023-10-26 Session FIxation in Sielco PolyEco1000
CVE-2023-5754 2023-10-26 Improper Restriction of Excessive Authentication Attempts in Sielco PolyEco1000
CVE-2023-46661 2023-10-26 Improper Access Control in Sielco PolyEco1000
CVE-2023-46662 2023-10-26 Improper Access Control in Sielco PolyEco1000
CVE-2023-5804 2023-10-26 PHPGurukul Nipah Virus Testing Management System login.php sql injection
CVE-2023-46663 2023-10-26 Improper Access Control in Sielco PolyEco1000
CVE-2023-46664 2023-10-26 Improper Access Control in Sielco PolyEco1000
CVE-2023-46747 2023-10-26 BIG-IP Configuration utility unauthenticated remote code execution vulnerability
CVE-2023-46748 2023-10-26 BIG-IP Configuration utility authenticated SQL injection vulnerability
CVE-2023-46665 2023-10-26 Improper Access Control in Sielco PolyEco1000
CVE-2023-5805 2023-10-26 SourceCodester Simple Real Estate Portal System view_estate.php sql injection
CVE-2022-34832 2023-10-27 An issue was discovered in VERMEG AgileReporter 21.3. XXE can...
CVE-2022-34833 2023-10-27 An issue was discovered in VERMEG AgileReporter 21.3. An admin...
CVE-2022-34834 2023-10-27 An issue was discovered in VERMEG AgileReporter 21.3. Attackers can...
CVE-2023-35794 2023-10-27 An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The...
CVE-2023-45498 2023-10-27 VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was...
CVE-2023-45499 2023-10-27 VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was...
CVE-2023-46375 2023-10-27 ZenTao Biz version 4.1.3 and before is vulnerable to Cross...
CVE-2023-46376 2023-10-27 Zentao Biz version 8.7 and before is vulnerable to Information...
CVE-2023-46393 2023-10-27 gougucms v4.08.18 was discovered to contain a password reset poisoning...
CVE-2023-46394 2023-10-27 A stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms...
CVE-2023-46407 2023-10-27 FFmpeg prior to commit bf814 was discovered to contain an...
CVE-2023-46490 2023-10-27 SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker...
CVE-2023-46503 2023-10-27 Cross Site Scripting (XSS) vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows...
CVE-2023-46504 2023-10-27 Cross Site Scripting (XSS) vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows...
CVE-2023-46505 2023-10-27 Cross Site Scripting vulnerability in FanCMS v.1.0.0 allows an attacker...
CVE-2023-46509 2023-10-27 An issue in Contec SolarView Compact v.6.0 and before allows...
CVE-2023-46510 2023-10-27 An issue in ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154...
CVE-2023-46587 2023-10-27 Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local...
CVE-2023-46813 2023-10-27 An issue was discovered in the Linux kernel before 6.5.9,...
CVE-2023-46815 2023-10-27 An issue was discovered in SugarCRM 12 before 12.0.4 and...
CVE-2023-46816 2023-10-27 An issue was discovered in SugarCRM 12 before 12.0.4 and...
CVE-2023-46818 2023-10-27 An issue was discovered in ISPConfig before 3.2.11p1. PHP code...
CVE-2023-46852 2023-10-27 In Memcached before 1.6.22, a buffer overflow exists when processing...
CVE-2023-46853 2023-10-27 In Memcached before 1.6.22, an off-by-one error exists when processing...
CVE-2023-5810 2023-10-27 flusity CMS posts.php loadPostAddForm cross site scripting
CVE-2023-5811 2023-10-27 flusity CMS posts.php loadPostAddForm cross site scripting
CVE-2023-5812 2023-10-27 flusity CMS upload.php handleFileUpload unrestricted upload