CVE List - 2023 / November
Showing 1301 - 1400 of 2443 CVEs for November 2023 (Page 14 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-48217 | 2023-11-14 | Remote code execution via form uploads in statamic/cms |
| CVE-2023-47520 | 2023-11-14 | WordPress Responsive Column Widgets Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47518 | 2023-11-14 | WordPress Restrict Categories Plugin <= 2.6.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47517 | 2023-11-14 | WordPress SendPress Newsletters Plugin <= 1.23.11.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39202 | 2023-11-14 | Untrusted search path in Zoom Rooms Client for Windows and... |
| CVE-2023-39203 | 2023-11-14 | Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop... |
| CVE-2023-39204 | 2023-11-14 | Buffer overflow in some Zoom clients may allow an unauthenticated... |
| CVE-2023-39205 | 2023-11-14 | Improper conditions check in Zoom Team Chat for Zoom clients... |
| CVE-2023-45614 | 2023-11-14 | There are buffer overflow vulnerabilities in the underlying CLI service... |
| CVE-2023-45615 | 2023-11-14 | There are buffer overflow vulnerabilities in the underlying CLI service... |
| CVE-2023-45616 | 2023-11-14 | There is a buffer overflow vulnerability in the underlying AirWave... |
| CVE-2023-45617 | 2023-11-14 | There are arbitrary file deletion vulnerabilities in the CLI service... |
| CVE-2023-45618 | 2023-11-14 | There are arbitrary file deletion vulnerabilities in the AirWave client... |
| CVE-2023-45619 | 2023-11-14 | There is an arbitrary file deletion vulnerability in the RSSI... |
| CVE-2023-45620 | 2023-11-14 | Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed... |
| CVE-2023-45621 | 2023-11-14 | Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed... |
| CVE-2023-45622 | 2023-11-14 | Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service... |
| CVE-2023-45623 | 2023-11-14 | Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service... |
| CVE-2023-5189 | 2023-11-14 | Hub: insecure galaxy-importer tarfile extraction |
| CVE-2023-45624 | 2023-11-14 | An unauthenticated Denial-of-Service (DoS) vulnerability exists in the soft ap... |
| CVE-2023-45625 | 2023-11-14 | Multiple authenticated command injection vulnerabilities exist in the command line... |
| CVE-2023-45626 | 2023-11-14 | An authenticated vulnerability has been identified allowing an attacker to... |
| CVE-2023-45627 | 2023-11-14 | An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service.... |
| CVE-2023-39206 | 2023-11-14 | Buffer overflow in some Zoom clients may allow an unauthenticated... |
| CVE-2023-39199 | 2023-11-14 | Cryptographic issues with In-Meeting Chat for some Zoom clients may... |
| CVE-2023-43588 | 2023-11-14 | Insufficient control flow management in some Zoom clients may allow... |
| CVE-2023-43582 | 2023-11-14 | Improper authorization in some Zoom clients may allow an authorized... |
| CVE-2023-43590 | 2023-11-14 | Link following in Zoom Rooms for macOS before version 5.16.0... |
| CVE-2023-43591 | 2023-11-14 | Improper privilege management in Zoom Rooms for macOS before version... |
| CVE-2023-31100 | 2023-11-14 | Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™... |
| CVE-2023-38543 | 2023-11-14 | A vulnerability exists on all versions of the Ivanti Secure... |
| CVE-2023-38043 | 2023-11-14 | A vulnerability exists on all versions of the Ivanti Secure... |
| CVE-2023-38544 | 2023-11-14 | A logged in user can modify specific files that may... |
| CVE-2023-35080 | 2023-11-14 | A vulnerability has been identified in the Ivanti Secure Access... |
| CVE-2023-39335 | 2023-11-14 | A security vulnerability has been identified in EPMM Versions 11.10,... |
| CVE-2023-41718 | 2023-11-14 | When a particular process flow is initiated, an attacker may... |
| CVE-2023-39337 | 2023-11-14 | A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8... |
| CVE-2023-46121 | 2023-11-14 | Generic Extractor MITM Vulnerability in yt-dlp |
| CVE-2023-40923 | 2023-11-15 | MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL... |
| CVE-2023-41442 | 2023-11-15 | An issue in Kloudq Technologies Limited Tor Equip 1.0, Tor... |
| CVE-2023-41597 | 2023-11-15 | EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting... |
| CVE-2023-43979 | 2023-11-15 | ETS Soft ybc_blog before v4.4.0 was discovered to contain a... |
| CVE-2023-47308 | 2023-11-15 | In the module "Newsletter Popup PRO with Voucher/Coupon code" (newsletterpop)... |
| CVE-2023-47309 | 2023-11-15 | Nukium nkmgls before version 3.0.2 is vulnerable to Cross Site... |
| CVE-2023-47345 | 2023-11-15 | Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause... |
| CVE-2023-47347 | 2023-11-15 | Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause... |
| CVE-2023-47444 | 2023-11-15 | An issue discovered in OpenCart 4.0.0.0 to 4.0.2.3 allows authenticated... |
| CVE-2023-47445 | 2023-11-15 | Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via... |
| CVE-2023-47446 | 2023-11-15 | Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting... |
| CVE-2023-48011 | 2023-11-15 | GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the... |
| CVE-2023-48013 | 2023-11-15 | GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via... |
| CVE-2023-48014 | 2023-11-15 | GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via... |
| CVE-2023-48087 | 2023-11-15 | xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and... |
| CVE-2023-48088 | 2023-11-15 | xxl-job-admin 2.4.0 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2023-48089 | 2023-11-15 | xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution (RCE) via... |
| CVE-2023-48197 | 2023-11-15 | Cross-Site Scripting (XSS) vulnerability in the ‘manageApiKeys’ component of Grocy... |
| CVE-2023-48198 | 2023-11-15 | A Cross-Site Scripting (XSS) vulnerability in the 'product description' component... |
| CVE-2023-48199 | 2023-11-15 | HTML Injection vulnerability in the 'manageApiKeys' component in Grocy <=... |
| CVE-2023-48200 | 2023-11-15 | Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local... |
| CVE-2023-48204 | 2023-11-15 | An issue in PublicCMS v.4.0.202302.e allows a remote attacker to... |
| CVE-2023-48365 | 2023-11-15 | Qlik Sense Enterprise for Windows before August 2023 Patch 2... |
| CVE-2023-47678 | 2023-11-15 | An improper access control vulnerability exists in RT-AC87U all versions.... |
| CVE-2023-5984 | 2023-11-15 | A CWE-494 Download of Code Without Integrity Check vulnerability exists... |
| CVE-2023-5985 | 2023-11-15 | A CWE-79 Improper Neutralization of Input During Web Page Generation... |
| CVE-2023-5986 | 2023-11-15 | A CWE-601 URL Redirection to Untrusted Site vulnerability exists that... |
| CVE-2023-5987 | 2023-11-15 | A CWE-79 Improper Neutralization of Input During Web Page Generation... |
| CVE-2023-6032 | 2023-11-15 | A CWE-22: Improper Limitation of a Pathname to a Restricted... |
| CVE-2023-47580 | 2023-11-15 | Multiple improper restriction of operations within the bounds of a... |
| CVE-2023-47581 | 2023-11-15 | Out-of-bounds read vulnerability exists in TELLUS V4.0.17.0 and earlier and... |
| CVE-2023-47582 | 2023-11-15 | Access of uninitialized pointer vulnerability exists in TELLUS V4.0.17.0 and... |
| CVE-2023-47583 | 2023-11-15 | Multiple out-of-bounds read vulnerabilities exist in TELLUS Simulator V4.0.17.0 and... |
| CVE-2023-47584 | 2023-11-15 | Out-of-bounds write vulnerability exists in V-Server V4.0.18.0 and earlier and... |
| CVE-2023-47585 | 2023-11-15 | Out-of-bounds read vulnerability exists in V-Server V4.0.18.0 and earlier and... |
| CVE-2023-47586 | 2023-11-15 | Multiple heap-based buffer overflow vulnerabilities exist in V-Server V4.0.18.0 and... |
| CVE-2023-6133 | 2023-11-15 | The Forminator plugin for WordPress is vulnerable to arbitrary file... |
| CVE-2023-4889 | 2023-11-15 | The Shareaholic plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2023-46672 | 2023-11-15 | Logstash Insertion of Sensitive Information into Log File |
| CVE-2023-34062 | 2023-11-15 | In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13... |
| CVE-2023-23549 | 2023-11-15 | DoS via long hostnames |
| CVE-2023-4602 | 2023-11-15 | The Namaste! LMS plugin for WordPress is vulnerable to Reflected... |
| CVE-2023-5245 | 2023-11-15 | Using MLeap for loading a saved model (zip archive) can lead to path traversal/arbitrary file creation and possibly remote code execution. |
| CVE-2023-5720 | 2023-11-15 | Quarkus: build env information disclosure via gradle plugin |
| CVE-2023-5676 | 2023-11-15 | Eclipse OpenJ9 possible infinite busy hang |
| CVE-2023-33873 | 2023-11-15 | AVEVA Operations Control Logger Execution with Unnecessary Privileges |
| CVE-2023-34982 | 2023-11-15 | AVEVA Operations Control Logger External Control of File Name or Path |
| CVE-2023-5997 | 2023-11-15 | Use after free in Garbage Collection in Google Chrome prior... |
| CVE-2023-6112 | 2023-11-15 | Use after free in Navigation in Google Chrome prior to... |
| CVE-2023-48219 | 2023-11-15 | Special characters in unescaped text nodes can trigger mXSS in TinyMCE |
| CVE-2023-47637 | 2023-11-15 | SQL Injection in Admin Grid Filter API in Pimcore |
| CVE-2023-47636 | 2023-11-15 | Full Path Disclosure via re-export document in pimcore/admin-ui-classic-bundle |
| CVE-2023-30954 | 2023-11-15 | Gotham Video Broken Authentication |
| CVE-2023-41699 | 2023-11-15 | Payara Platform: URL Redirection to untrusted site using FORM authentication |
| CVE-2023-22818 | 2023-11-15 | Multiple DLL Search Order hijacking Vulnerabilities in SanDisk Security Installer for Windows |
| CVE-2023-48224 | 2023-11-15 | Cryptographically Weak Generation of One-Time Codes for Identity Verification in ethyca-fides |
| CVE-2023-6105 | 2023-11-15 | ManageEngine Information Disclosure in Multiple Products |
| CVE-2023-4689 | 2023-11-15 | The Elementor Addon Elements plugin for WordPress is vulnerable to... |
| CVE-2023-4723 | 2023-11-15 | The Elementor Addon Elements plugin for WordPress is vulnerable to... |
| CVE-2023-5381 | 2023-11-15 | The Elementor Addon Elements plugin for WordPress is vulnerable to... |
| CVE-2023-4690 | 2023-11-15 | The Elementor Addon Elements plugin for WordPress is vulnerable to... |
| CVE-2021-35437 | 2023-11-16 | SQL injection vulnerability in LMXCMS v.1.4 allows attacker to execute... |