CVE List - 2023 / November

Showing 1601 - 1700 of 2443 CVEs for November 2023 (Page 17 of 25)

Back to List Previous Next

CVE ID	Date	Title
CVE-2023-40809	2023-11-18	OpenCRX version 5.2.0 is vulnerable to HTML injection via the...
CVE-2023-40810	2023-11-18	OpenCRX version 5.2.0 is vulnerable to HTML injection via Product...
CVE-2023-40812	2023-11-18	OpenCRX version 5.2.0 is vulnerable to HTML injection via the...
CVE-2023-40813	2023-11-18	OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity...
CVE-2023-40814	2023-11-18	OpenCRX version 5.2.0 is vulnerable to HTML injection via the...
CVE-2023-40815	2023-11-18	OpenCRX version 5.2.0 is vulnerable to HTML injection via the...
CVE-2023-40816	2023-11-18	OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity...
CVE-2023-40817	2023-11-18	OpenCRX version 5.2.0 is vulnerable to HTML injection via the...
CVE-2023-48017	2023-11-18	Dreamer_cms 4.1.3 is vulnerable to Cross Site Request Forgery (CSRF)...
CVE-2023-48736	2023-11-18	In International Color Consortium DemoIccMAX 3e7948b, CIccCLUT::Interp2d in IccTagLut.cpp in...
CVE-2023-4214	2023-11-18	The AppPresser plugin for WordPress is vulnerable to unauthorized password...
CVE-2023-6187	2023-11-18	The Paid Memberships Pro plugin for WordPress is vulnerable to...
CVE-2023-40363	2023-11-18	IBM InfoSphere Information Server privilege escalation
CVE-2023-38361	2023-11-18	IBM CICS TX Advanced information disclosure
CVE-2023-47685	2023-11-18	WordPress Preloader Matrix Plugin <= 2.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47672	2023-11-18	WordPress WP Category Post List Widget Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47671	2023-11-18	WordPress Vertical scroll recent post Plugin <= 14.0 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47670	2023-11-18	WordPress Korea SNS Plugin <= 1.6.3 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47667	2023-11-18	WordPress WP Full Stripe Free plugin <= 7.0.16 - Cross Site Request Forgery (CSRF) vulnerability on every Setting Save
CVE-2023-47666	2023-11-18	WordPress Code Snippets Plugin <= 3.5.0 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47664	2023-11-18	WordPress Plainview Protect Passwords Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47655	2023-11-18	WordPress ANAC XML Bandi di Gara Plugin <= 7.5 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47651	2023-11-18	WordPress WP Links Page Plugin <= 4.9.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47650	2023-11-18	WordPress Add Local Avatar Plugin <= 12.1 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47649	2023-11-18	WordPress Best Restaurant Menu by PriceListo Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47644	2023-11-18	WordPress ProfileGrid Plugin <= 5.6.6 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47556	2023-11-18	WordPress Device Theme Switcher Plugin <= 3.0.2 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47553	2023-11-18	WordPress UserHeat Plugin Plugin <= 1.1.6 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47552	2023-11-18	WordPress Image Hover Effects Plugin <= 5.5 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47551	2023-11-18	WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47531	2023-11-18	WordPress Droit Dark Mode Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47519	2023-11-18	WordPress WooCommerce Product Table Lite Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-47243	2023-11-18	WordPress MSHOP MY SITE Plugin <= 1.1.6 is vulnerable to Broken Access Control
CVE-2023-41129	2023-11-18	WordPress Patreon WordPress Plugin <= 1.8.6 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-25985	2023-11-18	WordPress WordPress Tooltips Plugin <= 8.2.5 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-32514	2023-11-18	WordPress Google Site Verification plugin using Meta Tag Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-32504	2023-11-18	WordPress Wise Chat Plugin <= 3.1.3 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-32245	2023-11-18	WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Server Side Request Forgery (SSRF)
CVE-2023-31089	2023-11-18	WordPress Video XML Sitemap Generator Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-31075	2023-11-18	WordPress Easy Hide Login Plugin <= 1.0.8 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-28780	2023-11-18	WordPress Yoast SEO: Local Plugin <= 14.8 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-5341	2023-11-19	Imagemagick: heap use-after-free in coders/bmp.c
CVE-2023-38823	2023-11-20	Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0,...
CVE-2023-38879	2023-11-20	The Community Edition version 9.0 of OS4ED's openSIS Classic allows...
CVE-2023-38880	2023-11-20	The Community Edition version 9.0 of OS4ED's openSIS Classic has...
CVE-2023-38881	2023-11-20	A reflected cross-site scripting (XSS) vulnerability in the Community Edition...
CVE-2023-38882	2023-11-20	A reflected cross-site scripting (XSS) vulnerability in the Community Edition...
CVE-2023-38883	2023-11-20	A reflected cross-site scripting (XSS) vulnerability in the Community Edition...
CVE-2023-38884	2023-11-20	An Insecure Direct Object Reference (IDOR) vulnerability in the Community...
CVE-2023-38885	2023-11-20	OpenSIS Classic Community Edition version 9.0 lacks cross-site request forgery...
CVE-2023-46470	2023-11-20	Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6...
CVE-2023-46471	2023-11-20	Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6...
CVE-2023-46990	2023-11-20	Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote...
CVE-2023-47172	2023-11-20	Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure...
CVE-2023-47311	2023-11-20	An issue in Yamcs 5.8.6 allows attackers to send aribitrary...
CVE-2023-47417	2023-11-20	Cross Site Scripting (XSS) vulnerability in the component /shells/embedder.html of...
CVE-2023-48039	2023-11-20	GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75.
CVE-2023-48051	2023-11-20	An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to...
CVE-2023-48090	2023-11-20	GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329.
CVE-2023-48109	2023-11-20	Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow...
CVE-2023-48110	2023-11-20	Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow...
CVE-2023-48111	2023-11-20	Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow...
CVE-2023-48176	2023-11-20	An Insecure Permissions issue in WebsiteGuide v.0.2 allows a remote...
CVE-2023-48192	2023-11-20	An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker...
CVE-2023-46700	2023-11-20	SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.4M...
CVE-2023-47175	2023-11-20	Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M...
CVE-2023-3379	2023-11-20	WAGO: Improper Privilege Management in web-based management
CVE-2023-46302	2023-11-20	Apache Submarine: Fix CVE-2022-1471 SnakeYaml unsafe deserialization
CVE-2022-46337	2023-11-20	Apache Derby: LDAP injection vulnerability in authenticator
CVE-2023-3116	2023-11-20	Liteos-A has a incorrect default permissions vulnerability
CVE-2023-43612	2023-11-20	Hiview has an improper preservation of permissions vulnerability
CVE-2023-46705	2023-11-20	Arkruntime has a type confusion vulnerability
CVE-2023-6045	2023-11-20	Arkruntime has a type confusion vulnerability
CVE-2023-42774	2023-11-20	Liteos-A has a incorrect default permissions vulnerability
CVE-2023-46100	2023-11-20	Cert manager has a use of uninitialized resource vulnerability
CVE-2023-47217	2023-11-20	Arkruntime has a buffer overflow vulnerability
CVE-2023-5593	2023-11-20	The out-of-bounds write vulnerability in the Windows-based SecuExtender SSL VPN...
CVE-2023-47772	2023-11-20	WordPress Slider Revolution Plugin <= 6.6.14 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-6196	2023-11-20	The Audio Merchant plugin for WordPress is vulnerable to Cross-Site...
CVE-2023-6197	2023-11-20	The Audio Merchant plugin for WordPress is vulnerable to Cross-Site...
CVE-2023-36013	2023-11-20	PowerShell Information Disclosure Vulnerability
CVE-2023-35762	2023-11-20	OS Command Injection in INEA ME RTU
CVE-2023-29155	2023-11-20	INEA ME RTU Missing Authentication for Critical Function
CVE-2023-48218	2023-11-20	Strapi Protected Populate Plugin leaking fields if the request fields where empty or only fields selected where not populatable
CVE-2023-48221	2023-11-20	wire-avs remote format string vulnerability
CVE-2023-48223	2023-11-20	fast-jwt JWT Algorithm Confusion
CVE-2023-48240	2023-11-20	XWiki Platform sends cookies to external images in rendered diff and is vulnerable to server side request forgery
CVE-2023-48241	2023-11-20	XWiki exposed whole content of all documents of all wikis to anybody with view right on Solr suggest service
CVE-2023-48292	2023-11-20	XWiki Admin Tools Application Run Shell Command allows CSRF RCE attacks
CVE-2023-48293	2023-11-20	XWiki Admin Tools Application CSRF with QueryOnXWiki allows arbitrary database queries
CVE-2023-48300	2023-11-20	Embed Privacy missing escaping for show_all attribute in opt-out shortcode
CVE-2023-48309	2023-11-20	next-auth vulnerable to possible user mocking that bypasses basic authentication
CVE-2023-5340	2023-11-20	Five Star Restaurant Menu and Food Ordering < 2.4.11 - Unauthenticated PHP Object Injection
CVE-2023-4970	2023-11-20	PubyDoc <= 2.0.6 - Admin+ Stored XSS
CVE-2023-5140	2023-11-20	Bonus for Woo < 5.8.3 - Reflected Cross-Site Scripting
CVE-2023-4824	2023-11-20	WooHoo Newspaper Magazine Theme <= 2.5.3 - Settings Update via CSRF
CVE-2023-4799	2023-11-20	Magic Embeds < 3.1.2 - Contributor+ Stored XSS via shortcode
CVE-2023-4808	2023-11-20	WP Post Popup <= 3.7.3 - Admin+ Stored XSS
CVE-2023-5652	2023-11-20	WP Hotel Booking < 2.0.8 - Unauthenticated SQLi
CVE-2023-5609	2023-11-20	Seraphinite Accelerator < 2.20.29 - Reflected XSS