CVE List - 2023 / November
Showing 301 - 400 of 2443 CVEs for November 2023 (Page 4 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-4592 | 2023-11-03 | Improper Neutralization of Input During Web Page Generation in WPN-XM Serverstack |
| CVE-2023-41652 | 2023-11-03 | WordPress RSVPMarker Plugin <= 10.6.6 is vulnerable to SQL Injection |
| CVE-2023-34383 | 2023-11-03 | WordPress WP Project Manager Plugin <= 2.6.0 is vulnerable to SQL Injection |
| CVE-2022-47588 | 2023-11-03 | WordPress Simple Photo Gallery Plugin <= v1.8.1 is vulnerable to SQL Injection |
| CVE-2023-3277 | 2023-11-03 | The MStore API plugin for WordPress is vulnerable to Unauthorized... |
| CVE-2022-45805 | 2023-11-03 | WordPress Paytm Payment Gateway Plugin <= 2.7.3 is vulnerable to SQL Injection |
| CVE-2023-25960 | 2023-11-03 | WordPress Zendrop – Global Dropshipping Plugin <= 1.0.0 is vulnerable to SQL Injection |
| CVE-2022-47445 | 2023-11-03 | WordPress Be POPIA Compliant Plugin <= 1.2.0 is vulnerable to SQL Injection |
| CVE-2023-5707 | 2023-11-03 | The SEO Slider plugin for WordPress is vulnerable to Stored... |
| CVE-2023-5945 | 2023-11-03 | The video carousel slider with lightbox plugin for WordPress is... |
| CVE-2023-3961 | 2023-11-03 | Samba: smbd allows client access to unix domain sockets on the file system as root |
| CVE-2022-46808 | 2023-11-03 | WordPress ARMember Plugin <= 3.4.11 is vulnerable to SQL Injection |
| CVE-2023-26015 | 2023-11-03 | WordPress MapPress Maps for WordPress Plugin <= 2.85.4 is vulnerable to SQL Injection |
| CVE-2022-46859 | 2023-11-03 | WordPress Spiffy Calendar Plugin <= 4.9.1 is vulnerable to SQL Injection |
| CVE-2022-47426 | 2023-11-03 | WordPress Neshan Maps Plugin <= 1.1.4 is vulnerable to SQL Injection |
| CVE-2023-5946 | 2023-11-03 | The Digirisk plugin for WordPress is vulnerable to Reflected Cross-Site... |
| CVE-2023-5088 | 2023-11-03 | Qemu: improper ide controller reset can lead to mbr overwrite |
| CVE-2022-46818 | 2023-11-03 | WordPress Email posts to subscribers Plugin <= 6.2 is vulnerable to SQL Injection |
| CVE-2023-32121 | 2023-11-03 | WordPress Zero Spam Plugin <= 5.4.4 is vulnerable to SQL Injection |
| CVE-2023-32508 | 2023-11-03 | WordPress Order Your Posts Manually Plugin <= 2.2.5 is vulnerable to SQL Injection |
| CVE-2023-25990 | 2023-11-03 | WordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL Injection |
| CVE-2023-25800 | 2023-11-03 | WordPress Tutor LMS Plugin <= 2.2.0 is vulnerable to SQL Injection |
| CVE-2023-23368 | 2023-11-03 | QTS, QuTS hero, QuTScloud |
| CVE-2023-23369 | 2023-11-03 | QTS, Multimedia Console, and Media Streaming add-on |
| CVE-2023-39299 | 2023-11-03 | Music Station |
| CVE-2023-39301 | 2023-11-03 | QTS, QuTS hero, QuTScloud |
| CVE-2023-25700 | 2023-11-03 | WordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL Injection |
| CVE-2023-34179 | 2023-11-03 | WordPress Groundhogg Plugin <= 2.7.11 is vulnerable to SQL Injection |
| CVE-2023-36529 | 2023-11-03 | WordPress Houzez CRM Plugin <= 1.3.4 is vulnerable to SQL Injection |
| CVE-2023-3893 | 2023-11-03 | Kubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalation |
| CVE-2022-3172 | 2023-11-03 | Kubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF) |
| CVE-2022-44569 | 2023-11-03 | A locally authenticated attacker with low privileges can bypass authentication... |
| CVE-2022-43555 | 2023-11-03 | Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation... |
| CVE-2022-43554 | 2023-11-03 | Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation... |
| CVE-2023-41725 | 2023-11-03 | Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation... |
| CVE-2023-41726 | 2023-11-03 | Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability |
| CVE-2023-45189 | 2023-11-03 | IBM Robotic Process Automation information disclosure |
| CVE-2023-36677 | 2023-11-03 | WordPress SP Project & Document Manager Plugin <= 4.67 is vulnerable to SQL Injection |
| CVE-2023-32741 | 2023-11-03 | WordPress Contact Form to Any API Plugin <= 1.1.2 is vulnerable to SQL Injection |
| CVE-2023-38391 | 2023-11-03 | WordPress Onepage Builder – Easiest Landing Page Builder For WordPress Plugin <= 2.4.1 is vulnerable to SQL Injection |
| CVE-2023-35910 | 2023-11-03 | WordPress Quasar form Plugin <= 6.0 is vulnerable to SQL Injection |
| CVE-2023-40215 | 2023-11-03 | WordPress Demon image annotation Plugin <= 5.1 is vulnerable to SQL Injection |
| CVE-2023-40922 | 2023-11-04 | kerawen before v2.5.1 was discovered to contain a SQL injection... |
| CVE-2023-46382 | 2023-11-04 | LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator... |
| CVE-2023-46963 | 2023-11-04 | An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan... |
| CVE-2023-46964 | 2023-11-04 | Cross Site Scripting (XSS) vulnerability in Hillstone Next Generation FireWall... |
| CVE-2023-46981 | 2023-11-04 | SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker... |
| CVE-2023-47249 | 2023-11-04 | In International Color Consortium DemoIccMAX 79ecb74, a CIccXmlArrayType:::ParseText function (for... |
| CVE-2023-46380 | 2023-11-04 | LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator... |
| CVE-2023-46381 | 2023-11-04 | LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator... |
| CVE-2023-47258 | 2023-11-05 | Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in... |
| CVE-2023-47259 | 2023-11-05 | Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in... |
| CVE-2023-47260 | 2023-11-05 | Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via... |
| CVE-2023-47271 | 2023-11-05 | PKP-WAL (aka PKP Web Application Library or pkp-lib) before 3.3.0-16,... |
| CVE-2023-47272 | 2023-11-05 | Roundcube 1.5.x before 1.5.6 and 1.6.x before 1.6.5 allows XSS... |
| CVE-2017-20187 | 2023-11-05 | Magnesium-PHP Base.php formatEmailString injection |
| CVE-2018-25092 | 2023-11-05 | Vaerys-Dawn DiscordSailv2 Command Mention access control |
| CVE-2022-48192 | 2023-11-06 | Cross-site scripting vulnerability in Softing smartLink SW-HT |
| CVE-2022-48193 | 2023-11-06 | Weak ciphers vulnerability in Softing smartLink SW-HT |
| CVE-2023-38406 | 2023-11-06 | bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length... |
| CVE-2023-38407 | 2023-11-06 | bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond... |
| CVE-2023-45556 | 2023-11-06 | Cross Site Scripting vulnerability in Mybb Mybb Forums v.1.8.33 allows... |
| CVE-2023-47253 | 2023-11-06 | Qualitor through 8.20 allows remote attackers to execute arbitrary code... |
| CVE-2023-47004 | 2023-11-06 | Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and... |
| CVE-2018-25093 | 2023-11-06 | Vaerys-Dawn DiscordSailv2 Tag access control |
| CVE-2023-46802 | 2023-11-06 | e-Tax software Version3.0.10 and earlier improperly restricts XML external entity... |
| CVE-2023-32832 | 2023-11-06 | In video, there is a possible memory corruption due to... |
| CVE-2023-32818 | 2023-11-06 | In vdec, there is a possible out of bounds write... |
| CVE-2023-32834 | 2023-11-06 | In secmem, there is a possible memory corruption due to... |
| CVE-2023-32835 | 2023-11-06 | In keyinstall, there is a possible memory corruption due to... |
| CVE-2023-32836 | 2023-11-06 | In display, there is a possible out of bounds write... |
| CVE-2023-32837 | 2023-11-06 | In video, there is a possible out of bounds write... |
| CVE-2023-20702 | 2023-11-06 | In 5G NRLC, there is a possible invalid memory access... |
| CVE-2023-32838 | 2023-11-06 | In dpe, there is a possible out of bounds write... |
| CVE-2023-32839 | 2023-11-06 | In dpe, there is a possible out of bounds write... |
| CVE-2023-32825 | 2023-11-06 | In bluethooth service, there is a possible out of bounds... |
| CVE-2023-32840 | 2023-11-06 | In modem CCCI, there is a possible out of bounds... |
| CVE-2023-4625 | 2023-11-06 | Denial-of-Service(DoS) Vulnerability in Web server function on MELSEC Series CPU module |
| CVE-2023-4699 | 2023-11-06 | Arbitrary Command Execution Vulnerability in Mitsubishi Electric proprietary protocol communication of multiple FA products |
| CVE-2023-42669 | 2023-11-06 | Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc |
| CVE-2023-28794 | 2023-11-06 | PAC Files Exposed to Internet Websites |
| CVE-2021-4430 | 2023-11-06 | Ortus Solutions ColdBox Elixir ENV Variable defaultConfig.js information disclosure |
| CVE-2022-47428 | 2023-11-06 | WordPress Booking calendar, Appointment Booking System Plugin <= 3.2.7 is vulnerable to SQL Injection |
| CVE-2022-47420 | 2023-11-06 | WordPress Accessibility Suite by Online ADA Plugin <= 4.12 is vulnerable to SQL Injection |
| CVE-2022-47430 | 2023-11-06 | WordPress The School Management – Education & Learning Management Plugin <= 4.1 is vulnerable to SQL Injection |
| CVE-2022-47432 | 2023-11-06 | WordPress Shortcode IMDB Plugin <= 6.0.8 is vulnerable to SQL Injection |
| CVE-2022-45373 | 2023-11-06 | WordPress Slimstat Analytics Plugin <= 5.0.4 is vulnerable to SQL Injection |
| CVE-2022-46860 | 2023-11-06 | WordPress Short URL Plugin <= 1.6.4 is vulnerable to SQL Injection |
| CVE-2022-46849 | 2023-11-06 | WordPress Coming Soon Plugin <= 1.5.9 is vulnerable to SQL Injection |
| CVE-2023-40207 | 2023-11-06 | WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to SQL Injection |
| CVE-2023-38382 | 2023-11-06 | WordPress Subscribe to Category Plugin <= 2.7.4 is vulnerable to SQL Injection |
| CVE-2023-33924 | 2023-11-06 | WordPress SIS Handball Plugin <= 1.0.45 is vulnerable to SQL Injection |
| CVE-2023-27605 | 2023-11-06 | WordPress WP Reroute Email Plugin <= 1.4.6 is vulnerable to SQL Injection |
| CVE-2023-40609 | 2023-11-06 | WordPress Contact form 7 Custom validation Plugin <= 1.1.3 is vulnerable to SQL Injection |
| CVE-2023-41685 | 2023-11-06 | WordPress Woocommerce Support System Plugin <= 1.2.1 is vulnerable to SQL Injection |
| CVE-2023-45001 | 2023-11-06 | WordPress Seriously Simple Stats Plugin <= 1.5.0 is vulnerable to SQL Injection |
| CVE-2023-45046 | 2023-11-06 | WordPress Pressference Exporter Plugin <= 1.0.3 is vulnerable to SQL Injection |
| CVE-2023-28748 | 2023-11-06 | WordPress Copy Or Move Comments Plugin <= 5.0.4 is vulnerable to SQL Injection |
| CVE-2023-45055 | 2023-11-06 | WordPress MStore API Plugin <= 4.0.6 is vulnerable to SQL Injection |
| CVE-2023-45074 | 2023-11-06 | WordPress Advanced Page Visit Counter Plugin <= 7.1.1 is vulnerable to SQL Injection |