CVE List - 2023 / October
Showing 2201 - 2300 of 2690 CVEs for October 2023 (Page 23 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-45869 | 2023-10-26 | ILIAS 7.25 (2023-09-12) allows any authenticated user to execute arbitrary... |
| CVE-2023-46374 | 2023-10-26 | ZenTao Enterprise Edition version 4.1.3 and before is vulnerable to... |
| CVE-2023-46435 | 2023-10-26 | Sourcecodester Packers and Movers Management System v1.0 is vulnerable to... |
| CVE-2023-46449 | 2023-10-26 | Sourcecodester Free and Open Source inventory management system v1.0 is... |
| CVE-2023-46450 | 2023-10-26 | Sourcecodester Free and Open Source inventory management system 1.0 is... |
| CVE-2023-46491 | 2023-10-26 | ZenTao Biz version 4.1.3 and before has a Cross Site... |
| CVE-2023-46752 | 2023-10-26 | An issue was discovered in FRRouting FRR through 9.0.1. It... |
| CVE-2023-46753 | 2023-10-26 | An issue was discovered in FRRouting FRR through 9.0.1. A... |
| CVE-2023-46754 | 2023-10-26 | The admin panel for Obl.ong before 1.1.2 allows authorization bypass... |
| CVE-2023-43208 | 2023-10-26 | NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to... |
| CVE-2023-46667 | 2023-10-26 | Fleet Server Insertion of Sensitive Information into Log File |
| CVE-2023-31422 | 2023-10-26 | Kibana Insertion of Sensitive Information into Log File |
| CVE-2023-31421 | 2023-10-26 | Beats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue |
| CVE-2023-5139 | 2023-10-26 | Potential buffer overflow vulnerability in the Zephyr STM32 Crypto driver |
| CVE-2023-5798 | 2023-10-26 | Assistant < 1.4.4 - Editor+ SSRF |
| CVE-2023-46072 | 2023-10-26 | WordPress Add Shortcodes Actions And Filters Plugin <= 2.0.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-5802 | 2023-10-26 | WordPress WP Knowledgebase Plugin <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46074 | 2023-10-26 | WordPress FreshMail For WordPress Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-30492 | 2023-10-26 | WordPress Minimum Purchase for WooCommerce Plugin <= 2.0.0.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-5780 | 2023-10-26 | Tongda OA 2017 delete.php sql injection |
| CVE-2023-46075 | 2023-10-26 | WordPress Contact Form Builder, Contact Widget Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46076 | 2023-10-26 | WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.102 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46077 | 2023-10-26 | WordPress The Awesome Feed – Custom Feed Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46081 | 2023-10-26 | WordPress Lava Directory Manager Plugin <= 1.1.34 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32116 | 2023-10-26 | WordPress Custom post types Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46094 | 2023-10-26 | WordPress Conversios.io Plugin <= 6.5.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46088 | 2023-10-26 | WordPress WP Full Stripe Free Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-5781 | 2023-10-26 | Tongda OA 2017 delete_webmail.php DELETE_STR sql injection |
| CVE-2023-41095 | 2023-10-26 | Keys Stored in Plaintext on Secure Vault High for Silabs OpenThread devices |
| CVE-2023-41096 | 2023-10-26 | Keys Stored in Plaintext on Secure Vault High for Silabs Ember ZNet devices |
| CVE-2023-46090 | 2023-10-26 | WordPress Spider Facebook Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-5782 | 2023-10-26 | Tongda OA 2017 General News delete_query.php sql injection |
| CVE-2023-5783 | 2023-10-26 | Tongda OA 2017 delete.php sql injection |
| CVE-2023-46238 | 2023-10-26 | XSS with User Avatar image in ZITADEL |
| CVE-2023-5784 | 2023-10-26 | Netentsec NS-ASG Application Security Gateway uploadfirewall.php sql injection |
| CVE-2023-46234 | 2023-10-26 | browserify-sign vulnerable via an upper bound check issue in `dsaVerify` that leads to a signature forgery attack |
| CVE-2023-5785 | 2023-10-26 | Netentsec NS-ASG Application Security Gateway addaddress_interpret.php sql injection |
| CVE-2023-5786 | 2023-10-26 | GeoServer GeoWebCache rest.html direct request |
| CVE-2023-5787 | 2023-10-26 | Shaanxi Chanming Education Technology Score Query System sql injection |
| CVE-2023-5789 | 2023-10-26 | Dragon Path 707GR1 Ping Diagnostics cross site scripting |
| CVE-2023-5790 | 2023-10-26 | SourceCodester File Manager App add-file.php unrestricted upload |
| CVE-2023-42769 | 2023-10-26 | Sielco Radio Link and Analog FM Transmitters Improper Access Control |
| CVE-2023-46666 | 2023-10-26 | Elastic Sharepoint Online Python Connector Improper Access Control |
| CVE-2023-45317 | 2023-10-26 | Sielco Radio Link and Analog FM Transmitters Cross-Site Request Forgery |
| CVE-2023-5622 | 2023-10-26 | Privilege Escalation |
| CVE-2023-45228 | 2023-10-26 | Sielco Radio Link and Analog FM Transmitters Improper Access Control |
| CVE-2023-41966 | 2023-10-26 | Sielco Radio Link and Analog FM Transmitters Privilege Defined With Unsafe Actions |
| CVE-2023-5623 | 2023-10-26 | Privilege Escalation |
| CVE-2023-5791 | 2023-10-26 | SourceCodester Sticky Notes App add-note.php cross site scripting |
| CVE-2023-5792 | 2023-10-26 | SourceCodester Sticky Notes App delete-note.php sql injection |
| CVE-2023-5624 | 2023-10-26 | Blind SQL Injection |
| CVE-2023-5793 | 2023-10-26 | flusity CMS Dashboard customblock.php loadCustomBlocCreateForm cross site scripting |
| CVE-2023-5794 | 2023-10-26 | PHPGurukul Online Railway Catering System Login index.php sql injection |
| CVE-2023-31419 | 2023-10-26 | Elasticsearch StackOverflow vulnerability |
| CVE-2023-5795 | 2023-10-26 | CodeAstro POS System Profile Picture profil unrestricted upload |
| CVE-2023-5796 | 2023-10-26 | CodeAstro POS System Logo setting unrestricted upload |
| CVE-2023-31418 | 2023-10-26 | Elasticsearch uncontrolled resource consumption |
| CVE-2023-31417 | 2023-10-26 | Elasticsearch Insertion of sensitive information in audit logs |
| CVE-2023-31416 | 2023-10-26 | Elastic Cloud on Kubernetes (ECK) secret token configuration issue |
| CVE-2023-44267 | 2023-10-26 | Online Art Gallery v1.0 - Multiple Unauthenticated SQL Injections (SQLi) |
| CVE-2023-39936 | 2023-10-26 | Ashlar-Vellum Graphite Out-of-bounds Read |
| CVE-2023-39427 | 2023-10-26 | Ashlar-Vellum Cobalt, Xenon, Argon, Lithium Out-of-bounds Write |
| CVE-2023-0897 | 2023-10-26 | Session FIxation in Sielco PolyEco1000 |
| CVE-2023-5754 | 2023-10-26 | Improper Restriction of Excessive Authentication Attempts in Sielco PolyEco1000 |
| CVE-2023-46661 | 2023-10-26 | Improper Access Control in Sielco PolyEco1000 |
| CVE-2023-46662 | 2023-10-26 | Improper Access Control in Sielco PolyEco1000 |
| CVE-2023-5804 | 2023-10-26 | PHPGurukul Nipah Virus Testing Management System login.php sql injection |
| CVE-2023-46663 | 2023-10-26 | Improper Access Control in Sielco PolyEco1000 |
| CVE-2023-46664 | 2023-10-26 | Improper Access Control in Sielco PolyEco1000 |
| CVE-2023-46747 | 2023-10-26 | BIG-IP Configuration utility unauthenticated remote code execution vulnerability |
| CVE-2023-46748 | 2023-10-26 | BIG-IP Configuration utility authenticated SQL injection vulnerability |
| CVE-2023-46665 | 2023-10-26 | Improper Access Control in Sielco PolyEco1000 |
| CVE-2023-5805 | 2023-10-26 | SourceCodester Simple Real Estate Portal System view_estate.php sql injection |
| CVE-2022-34832 | 2023-10-27 | An issue was discovered in VERMEG AgileReporter 21.3. XXE can... |
| CVE-2022-34833 | 2023-10-27 | An issue was discovered in VERMEG AgileReporter 21.3. An admin... |
| CVE-2022-34834 | 2023-10-27 | An issue was discovered in VERMEG AgileReporter 21.3. Attackers can... |
| CVE-2023-35794 | 2023-10-27 | An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The... |
| CVE-2023-45498 | 2023-10-27 | VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was... |
| CVE-2023-45499 | 2023-10-27 | VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was... |
| CVE-2023-46375 | 2023-10-27 | ZenTao Biz version 4.1.3 and before is vulnerable to Cross... |
| CVE-2023-46376 | 2023-10-27 | Zentao Biz version 8.7 and before is vulnerable to Information... |
| CVE-2023-46393 | 2023-10-27 | gougucms v4.08.18 was discovered to contain a password reset poisoning... |
| CVE-2023-46394 | 2023-10-27 | A stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms... |
| CVE-2023-46407 | 2023-10-27 | FFmpeg prior to commit bf814 was discovered to contain an... |
| CVE-2023-46490 | 2023-10-27 | SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker... |
| CVE-2023-46503 | 2023-10-27 | Cross Site Scripting (XSS) vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows... |
| CVE-2023-46504 | 2023-10-27 | Cross Site Scripting (XSS) vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows... |
| CVE-2023-46505 | 2023-10-27 | Cross Site Scripting vulnerability in FanCMS v.1.0.0 allows an attacker... |
| CVE-2023-46509 | 2023-10-27 | An issue in Contec SolarView Compact v.6.0 and before allows... |
| CVE-2023-46510 | 2023-10-27 | An issue in ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154... |
| CVE-2023-46587 | 2023-10-27 | Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local... |
| CVE-2023-46813 | 2023-10-27 | An issue was discovered in the Linux kernel before 6.5.9,... |
| CVE-2023-46815 | 2023-10-27 | An issue was discovered in SugarCRM 12 before 12.0.4 and... |
| CVE-2023-46816 | 2023-10-27 | An issue was discovered in SugarCRM 12 before 12.0.4 and... |
| CVE-2023-46818 | 2023-10-27 | An issue was discovered in ISPConfig before 3.2.11p1. PHP code... |
| CVE-2023-46852 | 2023-10-27 | In Memcached before 1.6.22, a buffer overflow exists when processing... |
| CVE-2023-46853 | 2023-10-27 | In Memcached before 1.6.22, an off-by-one error exists when processing... |
| CVE-2023-5810 | 2023-10-27 | flusity CMS posts.php loadPostAddForm cross site scripting |
| CVE-2023-5811 | 2023-10-27 | flusity CMS posts.php loadPostAddForm cross site scripting |
| CVE-2023-5812 | 2023-10-27 | flusity CMS upload.php handleFileUpload unrestricted upload |