CVE List - 2023 / November
Showing 1801 - 1900 of 2443 CVEs for November 2023 (Page 19 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-49146 | 2023-11-22 | DOMSanitizer (aka dom-sanitizer) before 1.0.7 allows XSS via an SVG... |
| CVE-2021-22150 | 2023-11-22 | Kibana code execution issue |
| CVE-2021-22151 | 2023-11-22 | Kibana path traversal issue |
| CVE-2023-5299 | 2023-11-22 | Fuji Electric Tellus Lite V-Simulator Improper Access Control |
| CVE-2023-40152 | 2023-11-22 | Fuji Electric Tellus Lite V-Simulator Out-of-bounds Write |
| CVE-2023-35127 | 2023-11-22 | Fuji Electric Tellus Lite V-Simulator Stack-based Buffer Overflow |
| CVE-2021-22142 | 2023-11-22 | Kibana Reporting vulnerabilities |
| CVE-2021-22143 | 2023-11-22 | Elastic APM .NET Agent information disclosure |
| CVE-2021-37942 | 2023-11-22 | APM Java Agent Local Privilege Escalation |
| CVE-2021-37937 | 2023-11-22 | Elasticsearch privilege escalation |
| CVE-2022-35638 | 2023-11-22 | IBM Sterling B2B Integrator cross-site request forgery |
| CVE-2023-29069 | 2023-11-22 | A maliciously crafted DLL file can be forced to install... |
| CVE-2023-41145 | 2023-11-22 | Autodesk users who no longer have an active license for... |
| CVE-2023-41146 | 2023-11-22 | Autodesk Customer Support Portal allows cases created by users under... |
| CVE-2023-2447 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to Cross-Site Request... |
| CVE-2023-2446 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to sensitive information... |
| CVE-2023-5921 | 2023-11-22 | Function Bypass in Geodi |
| CVE-2023-6011 | 2023-11-22 | Stored XSS in Geodi |
| CVE-2023-37924 | 2023-11-22 | Apache Submarine: SQL injection from unauthorized login |
| CVE-2023-46673 | 2023-11-22 | It was identified that malformed scripts used in the script... |
| CVE-2023-6117 | 2023-11-22 | M-Files REST API allows Denial of Service |
| CVE-2023-6189 | 2023-11-22 | Improper Permission Handling in M-Files Server |
| CVE-2023-5047 | 2023-11-22 | SQLi in DRDrive |
| CVE-2023-6253 | 2023-11-22 | Saved Uninstall Key in Digital Guardian Agent Uninstaller |
| CVE-2023-3103 | 2023-11-22 | Authentication Bypass by Spoofing in Unitree Robotics A1 |
| CVE-2023-5983 | 2023-11-22 | Information Disclosure in Botanik Software Pharmacy Automation |
| CVE-2023-3104 | 2023-11-22 | Missing Authentication for Critical Function in Unitree Robotics A1 |
| CVE-2023-43081 | 2023-11-22 | PowerProtect Agent for File System Version 19.14 and prior, contains... |
| CVE-2023-28749 | 2023-11-22 | WordPress CM On Demand Search And Replace Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-28747 | 2023-11-22 | WordPress CBX Currency Converter Plugin <= 3.0.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-27633 | 2023-11-22 | WordPress Customify Plugin <= 2.10.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-27446 | 2023-11-22 | WordPress DeepL Pro API translation Plugin <= 2.1.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-27444 | 2023-11-22 | WordPress DecaLog Plugin <= 3.7.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-27442 | 2023-11-22 | WordPress Leyka Plugin <= 3.29.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-2889 | 2023-11-22 | SQLi in Veon Computer's Service Tracking Software |
| CVE-2023-6252 | 2023-11-22 | Path traversal vulnerability in Chameleon Power products |
| CVE-2023-27451 | 2023-11-22 | WordPress Instant Images Plugin <= 5.1.0.2 is vulnerable to Server Side Request Forgery (SSRF) |
| CVE-2023-27453 | 2023-11-22 | WordPress LWS Tools Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-27461 | 2023-11-22 | WordPress When Last Login Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-27458 | 2023-11-22 | WordPress WpStream – Live Streaming, Video on Demand, Pay Per View Plugin <= 4.4.10 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-27457 | 2023-11-22 | WordPress Add Expires Headers & Optimized Minify Plugin <= 2.7 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-26532 | 2023-11-22 | WordPress Social Auto Poster Plugin <= 2.1.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-26535 | 2023-11-22 | WordPress Sheets To WP Table Live Sync Plugin <= 2.12.15 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-26542 | 2023-11-22 | WordPress phpinfo() WP Plugin <= 4.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-48705 | 2023-11-22 | nautobot has XSS potential in custom links, job buttons, and computed fields |
| CVE-2023-5706 | 2023-11-22 | The VK Blocks plugin for WordPress is vulnerable to Stored... |
| CVE-2023-5667 | 2023-11-22 | The Tab Ultimate plugin for WordPress is vulnerable to Stored... |
| CVE-2023-2841 | 2023-11-22 | The Advanced Local Pickup for WooCommerce plugin for WordPress is... |
| CVE-2023-5417 | 2023-11-22 | The Funnelforms Free plugin for WordPress is vulnerable to unauthorized... |
| CVE-2023-5096 | 2023-11-22 | The HTML filter and csv-file search plugin for WordPress is... |
| CVE-2023-5822 | 2023-11-22 | The Drag and Drop Multiple File Upload - Contact Form... |
| CVE-2023-5537 | 2023-11-22 | The Delete Usermeta plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-4686 | 2023-11-22 | The WP Customer Reviews plugin for WordPress is vulnerable to... |
| CVE-2023-5815 | 2023-11-22 | The News & Blog Designer Pack – WordPress Blog Plugin... |
| CVE-2023-5742 | 2023-11-22 | The EasyRotator for WordPress plugin for WordPress is vulnerable to... |
| CVE-2023-5386 | 2023-11-22 | The Funnelforms Free plugin for WordPress is vulnerable to unauthorized... |
| CVE-2023-5662 | 2023-11-22 | The Sponsors plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2023-5128 | 2023-11-22 | The TCD Google Maps plugin for WordPress is vulnerable to... |
| CVE-2023-5466 | 2023-11-22 | The Wp anything slider plugin for WordPress is vulnerable to... |
| CVE-2023-5419 | 2023-11-22 | The Funnelforms Free plugin for WordPress is vulnerable to unauthorized... |
| CVE-2023-6007 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to unauthorized access... |
| CVE-2023-6160 | 2023-11-22 | The LifterLMS – WordPress LMS Plugin for eLearning plugin for... |
| CVE-2023-5415 | 2023-11-22 | The Funnelforms Free plugin for WordPress is vulnerable to unauthorized... |
| CVE-2023-5048 | 2023-11-22 | The WDContactFormBuilder plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2023-5382 | 2023-11-22 | The Funnelforms Free plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-2440 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to Cross-Site Request... |
| CVE-2023-6164 | 2023-11-22 | The MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance... |
| CVE-2023-4726 | 2023-11-22 | The Ultimate Dashboard plugin for WordPress is vulnerable to Stored... |
| CVE-2023-2448 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to unauthorized access... |
| CVE-2023-2438 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to Cross-Site Request... |
| CVE-2023-5411 | 2023-11-22 | The Funnelforms Free plugin for WordPress is vulnerable to unauthorized... |
| CVE-2023-5338 | 2023-11-22 | The Theme Blvd Shortcodes plugin for WordPress is vulnerable to... |
| CVE-2023-5664 | 2023-11-22 | The Garden Gnome Package plugin for WordPress is vulnerable to... |
| CVE-2023-5314 | 2023-11-22 | The WP EXtra plugin for WordPress is vulnerable to unauthorized... |
| CVE-2023-5416 | 2023-11-22 | The Funnelforms Free plugin for WordPress is vulnerable to unauthorized... |
| CVE-2023-5234 | 2023-11-22 | The Related Products for WooCommerce plugin for WordPress is vulnerable... |
| CVE-2023-2437 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to authentication bypass... |
| CVE-2023-5469 | 2023-11-22 | The Drop Shadow Boxes plugin for WordPress is vulnerable to... |
| CVE-2023-5163 | 2023-11-22 | The Weather Atlas Widget plugin for WordPress is vulnerable to... |
| CVE-2023-5465 | 2023-11-22 | The Popup with fancybox plugin for WordPress is vulnerable to... |
| CVE-2023-5387 | 2023-11-22 | The Funnelforms Free plugin for WordPress is vulnerable to unauthorized... |
| CVE-2023-5383 | 2023-11-22 | The Funnelforms Free plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-5708 | 2023-11-22 | The WP Post Columns plugin for WordPress is vulnerable to... |
| CVE-2023-5715 | 2023-11-22 | The Website Optimization – Plerdy plugin for WordPress is vulnerable... |
| CVE-2023-2449 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to unauthorized password... |
| CVE-2023-5385 | 2023-11-22 | The Funnelforms Free plugin for WordPress is vulnerable to unauthorized... |
| CVE-2023-6009 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to privilege escalation... |
| CVE-2023-6008 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to Cross-Site Request... |
| CVE-2023-5704 | 2023-11-22 | The CPO Shortcodes plugin for WordPress is vulnerable to Stored... |
| CVE-2023-2497 | 2023-11-22 | The UserPro plugin for WordPress is vulnerable to Cross-Site Request... |
| CVE-2023-43082 | 2023-11-22 | Dell Unity prior to 5.3 contains a 'man in the... |
| CVE-2023-6156 | 2023-11-22 | Livestatus injection in availability timeline |
| CVE-2023-6157 | 2023-11-22 | Livestatus injection in ajax_search |
| CVE-2023-20084 | 2023-11-22 | A vulnerability in the endpoint software of Cisco Secure Endpoint... |
| CVE-2023-20240 | 2023-11-22 | Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure... |
| CVE-2023-20241 | 2023-11-22 | Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure... |
| CVE-2023-25987 | 2023-11-22 | WordPress YouTube Channel Plugin <= 3.23.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-25986 | 2023-11-22 | WordPress PayGreen Plugin <= 4.10.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-6263 | 2023-11-22 | Server Spoofing Vulnerability in NxCloud |
| CVE-2023-47755 | 2023-11-22 | WordPress WooCommerce Product Carousel Slider Plugin <= 3.3.5 is vulnerable to Cross Site Scripting (XSS) |