CVE List - 2023 / October
Showing 201 - 300 of 2690 CVEs for October 2023 (Page 3 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-27435 | 2023-10-03 | WordPress HTTP Auth Plugin <= 0.3.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-41693 | 2023-10-03 | WordPress MyCryptoCheckout Plugin <= 2.125 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-0506 | 2023-10-03 | ByDemes Group Airspace CCTV Web Service Improper Access Control |
| CVE-2023-41244 | 2023-10-03 | WordPress Localize Remote Images Plugin <= 1.0.9 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-39158 | 2023-10-03 | WordPress Woocommerce Category Banner Management Plugin <= 2.4.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-3349 | 2023-10-03 | Information exposure on IBERMATICA RPS |
| CVE-2023-3350 | 2023-10-03 | Cryptographic Issues on IBERMATICA RPS |
| CVE-2023-40558 | 2023-10-03 | WordPress Video Gallery & Management Plugin <= 3.3.5 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-4929 | 2023-10-03 | NPort 5000 Series Firmware Improper Validation of Integrity Check Vulnerability |
| CVE-2023-4886 | 2023-10-03 | Foreman: world readable file containing secrets |
| CVE-2023-4882 | 2023-10-03 | Multiple vulnerabilities in Open5GS |
| CVE-2023-4883 | 2023-10-03 | Multiple vulnerabilities in Open5GS |
| CVE-2023-4884 | 2023-10-03 | Multiple vulnerabilities in Open5GS |
| CVE-2023-4885 | 2023-10-03 | Multiple vulnerabilities in Open5GS |
| CVE-2023-4817 | 2023-10-03 | Unrestricted file upload vulnerability in ICP DAS ET-7060 |
| CVE-2023-3196 | 2023-10-03 | Multiple vulnerabilities in Canopsis of Capensis |
| CVE-2023-4564 | 2023-10-03 | Multiple vulnerabilities in Canopsis of Capensis |
| CVE-2023-33200 | 2023-10-03 | Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations |
| CVE-2023-34970 | 2023-10-03 | Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations |
| CVE-2023-4732 | 2023-10-03 | Kernel: race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode bug in include/linux/swapops.h |
| CVE-2023-4911 | 2023-10-03 | Glibc: buffer overflow in ld.so leading to privilege escalation |
| CVE-2023-5255 | 2023-10-03 | Denial of Service for Revocation of Auto Renewed Certificates |
| CVE-2022-22447 | 2023-10-03 | IBM Disconnected Log Collector information disclosure |
| CVE-2023-22618 | 2023-10-04 | If Security Hardening guide rules are not followed, then Nokia... |
| CVE-2023-27121 | 2023-10-04 | A cross-site scripting (XSS) vulnerability in the component /framework/cron/action/humanize of... |
| CVE-2023-35803 | 2023-10-04 | IQ Engine before 10.6r2 on Extreme Network AP devices has... |
| CVE-2023-36618 | 2023-10-04 | Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows... |
| CVE-2023-36619 | 2023-10-04 | Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows... |
| CVE-2023-40299 | 2023-10-04 | Kong Insomnia 2023.4.0 on macOS allows attackers to execute code... |
| CVE-2023-43321 | 2023-10-04 | File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows... |
| CVE-2023-43838 | 2023-10-04 | An arbitrary file upload vulnerability in Personal Management System v1.4.64... |
| CVE-2023-43877 | 2023-10-04 | Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that... |
| CVE-2023-44075 | 2023-10-04 | Cross Site Scripting vulnerability in Small CRM in PHP v.3.0... |
| CVE-2023-43261 | 2023-10-04 | An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41... |
| CVE-2023-35905 | 2023-10-04 | IBM FileNet Content Manager cross-site scripting |
| CVE-2023-37404 | 2023-10-04 | IBM Observability with Instana code execution |
| CVE-2023-5357 | 2023-10-04 | The Instagram for WordPress plugin for WordPress is vulnerable to... |
| CVE-2023-3213 | 2023-10-04 | The WP Mail SMTP Pro plugin for WordPress is vulnerable... |
| CVE-2023-5291 | 2023-10-04 | The Blog Filter plugin for WordPress is vulnerable to Stored... |
| CVE-2023-30690 | 2023-10-04 | Improper input validation vulnerability in Duo prior to SMR Oct-2023... |
| CVE-2023-30692 | 2023-10-04 | Improper input validation vulnerability in Evaluator prior to SMR Oct-2023... |
| CVE-2023-30727 | 2023-10-04 | Improper access control vulnerability in SecSettings prior to SMR Oct-2023... |
| CVE-2023-30731 | 2023-10-04 | Logic error in package installation via debugger command prior to... |
| CVE-2023-30732 | 2023-10-04 | Improper access control in system property prior to SMR Oct-2023... |
| CVE-2023-30733 | 2023-10-04 | Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR... |
| CVE-2023-30734 | 2023-10-04 | Improper access control vulnerability in Samsung Health prior to version... |
| CVE-2023-30735 | 2023-10-04 | Improper Preservation of Permissions vulnerability in SAssistant prior to version... |
| CVE-2023-30736 | 2023-10-04 | Improper authorization in PushMsgReceiver of Samsung Assistant prior to version... |
| CVE-2023-30737 | 2023-10-04 | Improper access control vulnerability in Samsung Health prior to version... |
| CVE-2023-30738 | 2023-10-04 | An improper input validation in UEFI Firmware prior to Firmware... |
| CVE-2023-5368 | 2023-10-04 | msdosfs data disclosure |
| CVE-2023-5369 | 2023-10-04 | copy_file_range insufficient capability rights check |
| CVE-2023-5370 | 2023-10-04 | arm64 boot CPUs may lack speculative execution protections |
| CVE-2023-44272 | 2023-10-04 | A cross-site scripting vulnerability exists in Citadel versions prior to... |
| CVE-2023-5375 | 2023-10-04 | Open Redirect in mosparo/mosparo |
| CVE-2023-5377 | 2023-10-04 | Out-of-bounds Read in gpac/gpac |
| CVE-2023-37995 | 2023-10-04 | WordPress WP-CopyProtect [Protect your blog posts] Plugin <= 3.1.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-25980 | 2023-10-04 | WordPress Optimize Database after Deleting Revisions Plugin <= 5.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-25788 | 2023-10-04 | WordPress Saphali Woocommerce Lite Plugin <= 1.8.13 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-25489 | 2023-10-04 | WordPress Update Theme and Plugins from Zip File Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-4586 | 2023-10-04 | Hotrod-client: hot rod client does not enable hostname validation when using tls that lead to a mitm attack |
| CVE-2023-1584 | 2023-10-04 | Quarkus-oidc: id and access tokens leak via the authorization code flow |
| CVE-2023-2809 | 2023-10-04 | Use of Cleartext credentials in Sage 200 Spain |
| CVE-2023-3512 | 2023-10-04 | Relative path traversal in Setelsa Security ConacWin CB |
| CVE-2023-4997 | 2023-10-04 | Improper authorisation in Uptime DC |
| CVE-2023-3701 | 2023-10-04 | Relative path traversal in Aqua eSolutions |
| CVE-2023-2422 | 2023-10-04 | Keycloak: oauth client impersonation |
| CVE-2023-4090 | 2023-10-04 | Cross-Site Scripting (XSS) vulnerability on WideStand CMS of Acilia |
| CVE-2023-4037 | 2023-10-04 | SQL injection in Setelsa Security ConacWin |
| CVE-2023-3037 | 2023-10-04 | HelpDezk Community improper authorization |
| CVE-2023-3038 | 2023-10-04 | HelpDezk Community improper authorization |
| CVE-2023-3153 | 2023-10-04 | Service monitor mac flow is not rate limited |
| CVE-2022-4132 | 2023-10-04 | Memory leak on tls connections |
| CVE-2023-3361 | 2023-10-04 | S3 credentials included when exporting elyra notebook |
| CVE-2023-44208 | 2023-10-04 | Sensitive information disclosure and manipulation due to missing authorization. The... |
| CVE-2023-4491 | 2023-10-04 | Easy Address Book Web Server Buffer overflow vulnerability |
| CVE-2023-4492 | 2023-10-04 | Easy Address Book Web Server XSS vulnerability |
| CVE-2023-4493 | 2023-10-04 | Easy Address Book Web Server Stored XSS vulnerability |
| CVE-2023-4494 | 2023-10-04 | Easy Chat Server Stack-based buffer overflow vulnerability |
| CVE-2023-4495 | 2023-10-04 | Easy Chat Server XSS vulnerability |
| CVE-2023-5373 | 2023-10-04 | SourceCodester Online Computer and Laptop Store Master.php register sql injection |
| CVE-2023-4496 | 2023-10-04 | Easy Chat Server XSS vulnerability |
| CVE-2023-4497 | 2023-10-04 | Easy Chat Server XSS vulnerability |
| CVE-2023-1832 | 2023-10-04 | Improper authorization check in the server component |
| CVE-2023-25025 | 2023-10-04 | WordPress WP-CopyProtect [Protect your blog posts] Plugin <= 3.1.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-5374 | 2023-10-04 | SourceCodester Online Computer and Laptop Store products.php sql injection |
| CVE-2023-40684 | 2023-10-04 | IBM Content Navigator cross-site scripting |
| CVE-2023-40376 | 2023-10-04 | IBM UrbanCode Deploy (UCD) improper authentication controls |
| CVE-2022-43906 | 2023-10-04 | IBM Security Guardium information disclosure |
| CVE-2023-27433 | 2023-10-04 | WordPress Make Paths Relative Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-40561 | 2023-10-04 | Enhanced Ecommerce Google Analytics for WooCommerce |
| CVE-2023-22515 | 2023-10-04 | Atlassian has been made aware of an issue reported by... |
| CVE-2023-40559 | 2023-10-04 | WordPress WooCommerce Dynamic Pricing and Discount Rules Plugin <= 2.4.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-5113 | 2023-10-04 | Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS) |
| CVE-2023-4237 | 2023-10-04 | Platform: ec2_key module prints out the private key directly to the standard output |
| CVE-2023-4380 | 2023-10-04 | Platform: token exposed at importing project |
| CVE-2023-3971 | 2023-10-04 | Controller: html injection in custom login info |
| CVE-2023-3665 | 2023-10-04 | A code injection vulnerability in Trellix ENS 10.7.0 April 2023... |
| CVE-2021-3784 | 2023-10-04 | Garuda Linux Improper Authorization |
| CVE-2022-36276 | 2023-10-04 | SQL injection vulnerability in TCMAN GIM |