CVE List - 2023 / November
Showing 1001 - 1100 of 2443 CVEs for November 2023 (Page 11 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-47657 | 2023-11-13 | WordPress Direct Checkout – Quick View – Buy Now For WooCommerce Plugin <= 1.5.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-45781 | 2023-11-14 | Buffer Overflow vulnerability in Tenda AX1803 v1.0.0.1_2994 and earlier allows... |
| CVE-2023-31754 | 2023-11-14 | Optimizely CMS UI before v12.16.0 was discovered to contain a... |
| CVE-2023-41570 | 2023-11-14 | MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect... |
| CVE-2023-42325 | 2023-11-14 | Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows... |
| CVE-2023-42326 | 2023-11-14 | An issue in Netgate pfSense v.2.7.0 allows a remote attacker... |
| CVE-2023-42327 | 2023-11-14 | Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows... |
| CVE-2023-43900 | 2023-11-14 | Insecure Direct Object References (IDOR) in EMSigner v2.8.7 allow attackers... |
| CVE-2023-43901 | 2023-11-14 | Incorrect access control in the AdHoc User creation form of... |
| CVE-2023-43902 | 2023-11-14 | Incorrect access control in the Forgot Your Password function of... |
| CVE-2023-45558 | 2023-11-14 | An issue in Golden v.13.6.1 allows attackers to send crafted... |
| CVE-2023-45560 | 2023-11-14 | An issue in Yasukawa memberscard v.13.6.1 allows attackers to send... |
| CVE-2023-45684 | 2023-11-14 | Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. The fixed... |
| CVE-2023-45878 | 2023-11-14 | GibbonEdu Gibbon version 25.0.1 and before allows Arbitrary File Write... |
| CVE-2023-45879 | 2023-11-14 | GibbonEdu Gibbon version 25.0.0 allows HTML Injection via an IFRAME... |
| CVE-2023-45880 | 2023-11-14 | GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the... |
| CVE-2023-45881 | 2023-11-14 | GibbonEdu Gibbon through version 25.0.0 allows /modules/Planner/resources_addQuick_ajaxProcess.php file upload with... |
| CVE-2023-46022 | 2023-11-14 | SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0... |
| CVE-2023-46023 | 2023-11-14 | SQL injection vulnerability in addTask.php in Code-Projects Simple Task List... |
| CVE-2023-46024 | 2023-11-14 | SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation... |
| CVE-2023-46025 | 2023-11-14 | SQL Injection vulnerability in teacher-info.php in phpgurukul Teacher Subject Allocation... |
| CVE-2023-46026 | 2023-11-14 | Cross Site Scripting (XSS) vulnerability in profile.php in phpgurukul Teacher... |
| CVE-2023-46445 | 2023-11-14 | An issue in AsyncSSH before 2.14.1 allows attackers to control... |
| CVE-2023-46446 | 2023-11-14 | An issue in AsyncSSH before 2.14.1 allows attackers to control... |
| CVE-2023-46580 | 2023-11-14 | Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers... |
| CVE-2023-46581 | 2023-11-14 | SQL injection vulnerability in Inventory Management v.1.0 allows a local... |
| CVE-2023-46582 | 2023-11-14 | SQL injection vulnerability in Inventory Management v.1.0 allows a local... |
| CVE-2023-47262 | 2023-11-14 | The startup process and device configurations of the Abbott ID... |
| CVE-2023-47384 | 2023-11-14 | MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak... |
| CVE-2023-48020 | 2023-11-14 | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request... |
| CVE-2023-48021 | 2023-11-14 | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request... |
| CVE-2023-48094 | 2023-11-14 | A cross-site scripting (XSS) vulnerability in CesiumJS v1.111 allows attackers... |
| CVE-2023-47629 | 2023-11-14 | Privilege escalation through email sign-up in datahub |
| CVE-2023-47628 | 2023-11-14 | Session Expiration Misconfiguration in datahub |
| CVE-2023-31403 | 2023-11-14 | Improper Access Control vulnerability in SAP Business One product installation |
| CVE-2023-41366 | 2023-11-14 | Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform |
| CVE-2023-42480 | 2023-11-14 | Information Disclosure in NetWeaver AS Java Logon |
| CVE-2023-6006 | 2023-11-14 | Privilege Escalation Vulnerability |
| CVE-2023-47609 | 2023-11-14 | SQL injection vulnerability in OSS Calendar versions prior to v.2.0.3... |
| CVE-2023-6109 | 2023-11-14 | The YOP Poll plugin for WordPress is vulnerable to a... |
| CVE-2023-31247 | 2023-11-14 | A memory corruption vulnerability exists in the HTTP Server Host... |
| CVE-2023-28379 | 2023-11-14 | A memory corruption vulnerability exists in the HTTP Server form... |
| CVE-2023-27882 | 2023-11-14 | A heap-based buffer overflow vulnerability exists in the HTTP Server... |
| CVE-2023-28391 | 2023-11-14 | A memory corruption vulnerability exists in the HTTP Server header... |
| CVE-2023-25181 | 2023-11-14 | A heap-based buffer overflow vulnerability exists in the HTTP Server... |
| CVE-2023-24585 | 2023-11-14 | An out-of-bounds write vulnerability exists in the HTTP Server functionality... |
| CVE-2023-43503 | 2023-11-14 | A vulnerability has been identified in COMOS (All versions <... |
| CVE-2023-43504 | 2023-11-14 | A vulnerability has been identified in COMOS (All versions <... |
| CVE-2023-43505 | 2023-11-14 | A vulnerability has been identified in COMOS (All versions). The... |
| CVE-2023-44317 | 2023-11-14 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2023-44318 | 2023-11-14 | Affected devices use a hardcoded key to obfuscate the configuration... |
| CVE-2023-44319 | 2023-11-14 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2023-44320 | 2023-11-14 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2023-44321 | 2023-11-14 | Affected devices do not properly validate the length of inputs... |
| CVE-2023-44322 | 2023-11-14 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2023-44373 | 2023-11-14 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2023-44374 | 2023-11-14 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2023-45794 | 2023-11-14 | A vulnerability has been identified in Mendix Applications using Mendix... |
| CVE-2023-46096 | 2023-11-14 | A vulnerability has been identified in SIMATIC PCS neo (All... |
| CVE-2023-46097 | 2023-11-14 | A vulnerability has been identified in SIMATIC PCS neo (All... |
| CVE-2023-46098 | 2023-11-14 | A vulnerability has been identified in SIMATIC PCS neo (All... |
| CVE-2023-46099 | 2023-11-14 | A vulnerability has been identified in SIMATIC PCS neo (All... |
| CVE-2023-46590 | 2023-11-14 | A vulnerability has been identified in Siemens OPC UA Modelling... |
| CVE-2023-46601 | 2023-11-14 | A vulnerability has been identified in COMOS (All versions). The... |
| CVE-2023-6111 | 2023-11-14 | Use-after-free in Linux kernel's netfilter: nf_tables component |
| CVE-2023-6124 | 2023-11-14 | Server-Side Request Forgery (SSRF) in salesagility/suitecrm |
| CVE-2023-6125 | 2023-11-14 | Code Injection in salesagility/suitecrm |
| CVE-2023-6126 | 2023-11-14 | Code Injection in salesagility/suitecrm |
| CVE-2023-6127 | 2023-11-14 | Unrestricted Upload of File with Dangerous Type in salesagility/suitecrm |
| CVE-2023-6128 | 2023-11-14 | Cross-site Scripting (XSS) - Reflected in salesagility/suitecrm |
| CVE-2023-6130 | 2023-11-14 | Path Traversal: '\..\filename' in salesagility/suitecrm |
| CVE-2023-6131 | 2023-11-14 | Code Injection in salesagility/suitecrm |
| CVE-2023-47660 | 2023-11-14 | WordPress Product Visibility by Country for WooCommerce Plugin <= 1.4.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47659 | 2023-11-14 | WordPress Lava Directory Manager Plugin <= 1.1.34 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-38151 | 2023-11-14 | Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability |
| CVE-2023-36719 | 2023-11-14 | Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability |
| CVE-2023-36705 | 2023-11-14 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2023-36560 | 2023-11-14 | ASP.NET Security Feature Bypass Vulnerability |
| CVE-2023-36428 | 2023-11-14 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability |
| CVE-2023-36427 | 2023-11-14 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2023-36425 | 2023-11-14 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability |
| CVE-2023-36424 | 2023-11-14 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2023-36423 | 2023-11-14 | Microsoft Remote Registry Service Remote Code Execution Vulnerability |
| CVE-2023-36422 | 2023-11-14 | Microsoft Windows Defender Elevation of Privilege Vulnerability |
| CVE-2023-36413 | 2023-11-14 | Microsoft Office Security Feature Bypass Vulnerability |
| CVE-2023-36410 | 2023-11-14 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-36052 | 2023-11-14 | Azure CLI REST Command Information Disclosure Vulnerability |
| CVE-2023-36043 | 2023-11-14 | Open Management Infrastructure Information Disclosure Vulnerability |
| CVE-2023-36036 | 2023-11-14 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| CVE-2023-36017 | 2023-11-14 | Windows Scripting Engine Memory Corruption Vulnerability |
| CVE-2023-38177 | 2023-11-14 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2023-36439 | 2023-11-14 | Microsoft Exchange Server Remote Code Execution Vulnerability |
| CVE-2023-36408 | 2023-11-14 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2023-36407 | 2023-11-14 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2023-36406 | 2023-11-14 | Windows Hyper-V Information Disclosure Vulnerability |
| CVE-2023-36405 | 2023-11-14 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-36404 | 2023-11-14 | Windows Kernel Information Disclosure Vulnerability |
| CVE-2023-36403 | 2023-11-14 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-36402 | 2023-11-14 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-36401 | 2023-11-14 | Microsoft Remote Registry Service Remote Code Execution Vulnerability |