CVE List - 2023 / November
Showing 1501 - 1600 of 2443 CVEs for November 2023 (Page 16 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-47245 | 2023-11-16 | WordPress ANAC XML Viewer Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47242 | 2023-11-16 | WordPress ANAC XML Bandi di Gara Plugin <= 7.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47240 | 2023-11-16 | WordPress CBX Map for Google Map & OpenStreetMap Plugin <= 1.1.11 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47239 | 2023-11-16 | WordPress Easy PayPal Shopping Cart Plugin <= 1.1.10 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28621 | 2023-11-16 | WordPress Raise Mag Theme <= 1.0.7 and Wishful Blog theme <= 2.0.1 are vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39926 | 2023-11-16 | WordPress Under Construction / Maintenance Mode from Acurax Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34375 | 2023-11-16 | WordPress Seo By 10Web Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-36026 | 2023-11-16 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2023-36008 | 2023-11-16 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| CVE-2023-32957 | 2023-11-16 | WordPress Team Members Showcase Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32796 | 2023-11-16 | WordPress WooCommerce Product Enquiry Plugin <= 2.3.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46214 | 2023-11-16 | Remote code execution (RCE) in Splunk Enterprise through Insecure XML Parsing |
| CVE-2023-46213 | 2023-11-16 | Cross-site Scripting (XSS) on “Show Syntax Highlighted” View in Search Page |
| CVE-2023-6020 | 2023-11-16 | Ray Static File Local File Include |
| CVE-2023-6014 | 2023-11-16 | MLflow Authentication Bypass |
| CVE-2023-40314 | 2023-11-16 | Cross-site scripting in bootstrap.jsp |
| CVE-2023-47642 | 2023-11-16 | Stream description leaks to ex-subscribers in Zulip |
| CVE-2023-48222 | 2023-11-16 | Authenticated users can view or delete jobs they do not have authorization for in Rundeck |
| CVE-2023-47112 | 2023-11-16 | Authenticated users can view job names and groups they do not have authorization to view in Rundeck |
| CVE-2023-47688 | 2023-11-16 | WordPress Youtube SpeedLoad Plugin <= 0.6.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-47687 | 2023-11-16 | WordPress Woo Custom and Sequential Order Number Plugin <= 2.6.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-47686 | 2023-11-16 | WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.2.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-48237 | 2023-11-16 | overflow in shift_line in vim |
| CVE-2023-48236 | 2023-11-16 | overflow in get_number in vim |
| CVE-2023-48235 | 2023-11-16 | overflow in ex address parsing in vim |
| CVE-2023-48234 | 2023-11-16 | overflow in nv_z_get_count in vim |
| CVE-2023-48233 | 2023-11-16 | overflow with count for :s command in vim |
| CVE-2023-48232 | 2023-11-16 | Floating point Exception in adjust_plines_for_skipcol() in vim |
| CVE-2023-48231 | 2023-11-16 | Use-After-Free in win_close() in vim |
| CVE-2020-11447 | 2023-11-17 | An issue was discovered on Bell HomeHub 3000 SG48222070 devices.... |
| CVE-2020-11448 | 2023-11-17 | An issue was discovered on Bell HomeHub 3000 SG48222070 devices.... |
| CVE-2023-38313 | 2023-11-17 | An issue was discovered in OpenNDS Captive Portal before 10.1.2.... |
| CVE-2023-38314 | 2023-11-17 | An issue was discovered in OpenNDS Captive Portal before version... |
| CVE-2023-38315 | 2023-11-17 | An issue was discovered in OpenNDS Captive Portal before version... |
| CVE-2023-38316 | 2023-11-17 | An issue was discovered in OpenNDS Captive Portal before version... |
| CVE-2023-38320 | 2023-11-17 | An issue was discovered in OpenNDS Captive Portal before version... |
| CVE-2023-38322 | 2023-11-17 | An issue was discovered in OpenNDS Captive Portal before version... |
| CVE-2023-38324 | 2023-11-17 | An issue was discovered in OpenNDS before 10.1.2. It allows... |
| CVE-2023-41101 | 2023-11-17 | An issue was discovered in the captive portal in OpenNDS... |
| CVE-2023-41102 | 2023-11-17 | An issue was discovered in the captive portal in OpenNDS... |
| CVE-2023-43177 | 2023-11-17 | CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification... |
| CVE-2023-44796 | 2023-11-17 | Cross Site Scripting (XSS) vulnerability in LimeSurvey before version 6.2.9-230925... |
| CVE-2023-45382 | 2023-11-17 | In the module "SoNice Retour" (sonice_retour) up to version 2.1.0... |
| CVE-2023-45387 | 2023-11-17 | In the module "Product Catalog (CSV, Excel, XML) Export PRO"... |
| CVE-2023-46402 | 2023-11-17 | git-urls 1.0.0 allows ReDOS (Regular Expression Denial of Service) in... |
| CVE-2023-48024 | 2023-11-17 | Liblisp through commit 4c65969 was discovered to contain a use-after-free... |
| CVE-2023-48025 | 2023-11-17 | Liblisp through commit 4c65969 was discovered to contain a out-of-bounds-read... |
| CVE-2023-48028 | 2023-11-17 | kodbox 1.46.01 has a security flaw that enables user enumeration.... |
| CVE-2023-48029 | 2023-11-17 | Corebos 8.0 and below is vulnerable to CSV Injection. An... |
| CVE-2023-48031 | 2023-11-17 | OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with... |
| CVE-2023-48185 | 2023-11-17 | Directory Traversal vulnerability in TerraMaster v.s1.0 through v.2.295 allows a... |
| CVE-2023-48648 | 2023-11-17 | Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized... |
| CVE-2023-48649 | 2023-11-17 | Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows stored... |
| CVE-2023-48655 | 2023-11-17 | An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php does... |
| CVE-2023-48656 | 2023-11-17 | An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles... |
| CVE-2023-48657 | 2023-11-17 | An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles... |
| CVE-2023-48658 | 2023-11-17 | An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks... |
| CVE-2023-48659 | 2023-11-17 | An issue was discovered in MISP before 2.4.176. app/Controller/AppController.php mishandles... |
| CVE-2023-38130 | 2023-11-17 | Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3... |
| CVE-2023-42428 | 2023-11-17 | Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a... |
| CVE-2023-47283 | 2023-11-17 | Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a... |
| CVE-2023-47675 | 2023-11-17 | CubeCart prior to 6.5.3 allows a remote authenticated attacker with... |
| CVE-2023-39544 | 2023-11-17 | CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and... |
| CVE-2023-39545 | 2023-11-17 | CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and... |
| CVE-2023-39546 | 2023-11-17 | CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and... |
| CVE-2023-39547 | 2023-11-17 | CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and... |
| CVE-2023-39548 | 2023-11-17 | CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and... |
| CVE-2023-47797 | 2023-11-17 | Reflected cross-site scripting (XSS) vulnerability on a content page’s edit... |
| CVE-2023-44325 | 2023-11-17 | ZDI-CAN-21666: Adobe Animate FLA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-44326 | 2023-11-17 | ZDI-CAN-21866: Adobe Dimension GLTF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-47757 | 2023-11-17 | WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control |
| CVE-2023-5444 | 2023-11-17 | CSRF in ePO leading to privilege escalation |
| CVE-2023-5445 | 2023-11-17 | An open redirect vulnerability in ePolicy Orchestrator prior to 5.10.0... |
| CVE-2023-47067 | 2023-11-17 | ZDI-CAN-21706: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-47069 | 2023-11-17 | ZDI-CAN-21703: Adobe After Effects M4A File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-47073 | 2023-11-17 | ZDI-CAN-21709: Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-47070 | 2023-11-17 | ZDI-CAN-21708: Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-47066 | 2023-11-17 | ZDI-CAN-21705: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-47072 | 2023-11-17 | ZDI-CAN-21790: Adobe After Effects MP4 File Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2023-47071 | 2023-11-17 | ZDI-CAN-21704: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-47068 | 2023-11-17 | ZDI-CAN-21702: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-44324 | 2023-11-17 | ZDI-CAN-21344: Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability |
| CVE-2023-22273 | 2023-11-17 | ZDI-CAN-21307: Adobe RoboHelp Server OnPublishFile Directory Traversal Remote Code Execution Vulnerability |
| CVE-2023-22274 | 2023-11-17 | ZDI-CAN-21305: Adobe RoboHelp Server UpdateCommandStream XML External Entity Processing Information Disclosure Vulnerability |
| CVE-2023-22268 | 2023-11-17 | ZDI-CAN-21308: Adobe RoboHelp Server getRHSGroupsForRoles SQL Injection Information Disclosure Vulnerability |
| CVE-2023-22272 | 2023-11-17 | ZDI-CAN-21309: Adobe RoboHelp Server resolveDistinguishedName LDAP Injection Information Disclosure Vulnerability |
| CVE-2023-22275 | 2023-11-17 | ZDI-CAN-21306: Adobe RoboHelp Server GetNewUserId SQL Injection Information Disclosure Vulnerability |
| CVE-2023-44350 | 2023-11-17 | ColdFusion | Deserialization of Untrusted Data (CWE-502) |
| CVE-2023-44353 | 2023-11-17 | ColdFusion WDDX Deserialization Gadgets |
| CVE-2023-44352 | 2023-11-17 | Unauthenticate Reflected XSS on Adobe Coldfusion 2018 - 2021 - 2023 last version |
| CVE-2023-26347 | 2023-11-17 | CVE-2023-38205 issues | ColdFusion Admin Panel Access |
| CVE-2023-44355 | 2023-11-17 | ColdFusion | Improper Input Validation (CWE-20) |
| CVE-2023-44351 | 2023-11-17 | Adobe ColdFusion RCE Security Vulnerability |
| CVE-2023-26364 | 2023-11-17 | Denial of Service of regular expression in package @adobe/css-tools |
| CVE-2023-6179 | 2023-11-17 | Incorrect Permission assignment to program executable folders |
| CVE-2023-6188 | 2023-11-17 | GetSimpleCMS theme-edit.php code injection |
| CVE-2023-48295 | 2023-11-17 | Cross-site Scripting at Device groups Deletion feature in LibreNMS |
| CVE-2023-48294 | 2023-11-17 | Broken Access control on Graphs Feature in LibreNMS |
| CVE-2023-48238 | 2023-11-17 | JWT Algorithm Confusion in json-web-token library |
| CVE-2023-46745 | 2023-11-17 | Rate limiting Bypass on login page in libreNMS |