CVE List - 2023 / November
Showing 701 - 800 of 2443 CVEs for November 2023 (Page 8 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-47228 | 2023-11-08 | WordPress Layer Slider Plugin <= 1.1.9.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47229 | 2023-11-08 | WordPress Download Top 25 Social Icons Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47231 | 2023-11-08 | WordPress ShortCodes UI Plugin <= 1.9.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-5996 | 2023-11-08 | Use after free in WebAudio in Google Chrome prior to... |
| CVE-2023-26221 | 2023-11-08 | TIBCO Spotfire Insufficiently Protected Credential vulnerability |
| CVE-2023-0392 | 2023-11-08 | The LDAP Agent Update service with versions prior to 5.18... |
| CVE-2023-47109 | 2023-11-08 | PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block |
| CVE-2023-47111 | 2023-11-08 | ZITADEL race condition in lockout policy execution |
| CVE-2023-47114 | 2023-11-08 | Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages |
| CVE-2023-47113 | 2023-11-08 | DLL Search Order Hijacking vulnerability in BleachBit for Windows |
| CVE-2023-4632 | 2023-11-08 | An uncontrolled search path vulnerability was reported in Lenovo System... |
| CVE-2023-4706 | 2023-11-08 | A privilege escalation vulnerability was reported in Lenovo preloaded devices... |
| CVE-2023-4891 | 2023-11-08 | A potential use-after-free vulnerability was reported in the Lenovo View... |
| CVE-2023-5075 | 2023-11-08 | A buffer overflow was reported in the FmpSipoCapsuleDriver driver in... |
| CVE-2023-5078 | 2023-11-08 | A vulnerability was reported in some ThinkPad BIOS that could... |
| CVE-2023-5079 | 2023-11-08 | Lenovo LeCloud App improper input validation allows attackers to access... |
| CVE-2023-43567 | 2023-11-08 | A buffer overflow was reported in the LemSecureBootForceKey module in... |
| CVE-2023-43568 | 2023-11-08 | A buffer over-read was reported in the LemSecureBootForceKey module in... |
| CVE-2023-43569 | 2023-11-08 | A buffer overflow was reported in the OemSmi module in... |
| CVE-2023-43570 | 2023-11-08 | A potential vulnerability was reported in the SMI callback function... |
| CVE-2023-43571 | 2023-11-08 | A buffer overflow was reported in the BiosExtensionLoader module in... |
| CVE-2023-43578 | 2023-11-08 | A buffer overflow was reported in the SmiFlash module in... |
| CVE-2023-43579 | 2023-11-08 | A buffer overflow was reported in the SmuV11Dxe driver in... |
| CVE-2023-43580 | 2023-11-08 | A buffer overflow was reported in the SmuV11DxeVMR module in... |
| CVE-2023-43581 | 2023-11-08 | A buffer overflow was reported in the Update_WMI module in... |
| CVE-2023-45075 | 2023-11-08 | A memory leakage vulnerability was reported in the SWSMI_Shadow DXE... |
| CVE-2023-45076 | 2023-11-08 | A memory leakage vulnerability was reported in the 534D0140 DXE... |
| CVE-2023-45077 | 2023-11-08 | A memory leakage vulnerability was reported in the 534D0740 DXE... |
| CVE-2023-45078 | 2023-11-08 | A memory leakage vulnerability was reported in the DustFilterAlertSmm SMM... |
| CVE-2023-45079 | 2023-11-08 | A memory leakage vulnerability was reported in the NvmramSmm SMM... |
| CVE-2023-43572 | 2023-11-08 | A buffer over-read was reported in the BiosExtensionLoader module in... |
| CVE-2023-43573 | 2023-11-08 | A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in... |
| CVE-2023-43574 | 2023-11-08 | A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in... |
| CVE-2023-43575 | 2023-11-08 | A buffer overflow was reported in the UltraFunctionTable module in... |
| CVE-2023-43576 | 2023-11-08 | A buffer overflow was reported in the WMISwSmi module in... |
| CVE-2023-43577 | 2023-11-08 | A buffer overflow was reported in the ReFlash module in... |
| CVE-2023-4249 | 2023-11-08 | Zavio IP Camera Stack-Based Buffer Overflow |
| CVE-2023-39435 | 2023-11-08 | Zavio IP Camera Stack-Based Buffer Overflow |
| CVE-2023-43755 | 2023-11-08 | Zavio IP Camera Stack-Based Buffer Overflow |
| CVE-2023-45225 | 2023-11-08 | Zavio IP Camera Stack-Based Buffer Overflow |
| CVE-2023-3959 | 2023-11-08 | Zavio IP Camera Stack-Based Buffer Overflow |
| CVE-2023-37533 | 2023-11-08 | HCL Connections is vulnerable to reflected cross-site scripting |
| CVE-2023-29975 | 2023-11-09 | An issue discovered in Pfsense CE version 2.6.0 allows attackers... |
| CVE-2023-45884 | 2023-11-09 | Cross Site Request Forgery (CSRF) vulnerability in NASA Open MCT... |
| CVE-2023-45885 | 2023-11-09 | Cross Site Scripting (XSS) vulnerability in NASA Open MCT (aka... |
| CVE-2023-46492 | 2023-11-09 | Cross Site Scripting vulnerability in MLDB.ai v.2017.04.17.0 allows a remote... |
| CVE-2023-46894 | 2023-11-09 | An issue discovered in esptool 4.6.2 allows attackers to view... |
| CVE-2023-47363 | 2023-11-09 | The leakage of channel access token in F.B.P members Line... |
| CVE-2023-47364 | 2023-11-09 | The leakage of channel access token in nagaoka taxi Line... |
| CVE-2023-47365 | 2023-11-09 | The leakage of channel access token in Lil.OFF-PRICE STORE Line... |
| CVE-2023-47366 | 2023-11-09 | The leakage of channel access token in craft_members Line 13.6.1... |
| CVE-2023-47367 | 2023-11-09 | The leakage of channel access token in platinum clinic Line... |
| CVE-2023-47368 | 2023-11-09 | The leakage of channel access token in taketorinoyu Line 13.6.1... |
| CVE-2023-47369 | 2023-11-09 | The leakage of channel access token in best_training_member Line 13.6.1... |
| CVE-2023-47370 | 2023-11-09 | The leakage of channel access token in bluetrick Line 13.6.1... |
| CVE-2023-47372 | 2023-11-09 | The leakage of channel access token in UPDATESALON C-LOUNGE Line... |
| CVE-2023-47373 | 2023-11-09 | The leakage of channel access token in DRAGON FAMILY Line... |
| CVE-2023-47488 | 2023-11-09 | Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a... |
| CVE-2023-47489 | 2023-11-09 | CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973... |
| CVE-2023-20902 | 2023-11-09 | Timing attack risk in Harbor |
| CVE-2023-26156 | 2023-11-09 | Versions of the package chromedriver before 119.0.1 are vulnerable to... |
| CVE-2023-47613 | 2023-11-09 | A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion... |
| CVE-2023-47248 | 2023-11-09 | PyArrow, PyArrow: Arbitrary code execution when loading a malicious data file |
| CVE-2023-4218 | 2023-11-09 | XXE in eclipse.platform / Eclipse IDE |
| CVE-2023-47612 | 2023-11-09 | A CWE-552: Files or Directories Accessible to External Parties vulnerability... |
| CVE-2023-47616 | 2023-11-09 | A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor... |
| CVE-2023-6052 | 2023-11-09 | Tongda OA 2017 delete.php sql injection |
| CVE-2023-47615 | 2023-11-09 | A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability... |
| CVE-2023-4612 | 2023-11-09 | MFA bypass in Apereo CAS |
| CVE-2023-43791 | 2023-11-09 | Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session Tokens |
| CVE-2023-41138 | 2023-11-09 | The AppsAnywhere macOS client-privileged helper can be tricked into executing... |
| CVE-2023-40054 | 2023-11-09 | SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability |
| CVE-2023-40055 | 2023-11-09 | SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability |
| CVE-2023-41137 | 2023-11-09 | Symmetric encryption used to protect messages between the AppsAnywhere server... |
| CVE-2023-6039 | 2023-11-09 | Kernel: use-after-free in drivers/net/usb/lan78xx.c in lan78xx_disconnect |
| CVE-2023-47110 | 2023-11-09 | Any value can be changed in the configuration table by an employee having access to block reassurance module |
| CVE-2023-46743 | 2023-11-09 | The same file cannot be opened with different rights |
| CVE-2023-25994 | 2023-11-09 | WordPress Publish to Schedule Plugin <= 4.4.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-36688 | 2023-11-09 | WordPress Simple Site Verify Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45283 | 2023-11-09 | Insecure parsing of Windows paths with a \??\ prefix in path/filepath |
| CVE-2023-45284 | 2023-11-09 | Incorrect detection of reserved device names on Windows in path/filepath |
| CVE-2023-47610 | 2023-11-09 | A CWE-120: Buffer Copy without Checking Size of Input vulnerability... |
| CVE-2023-25975 | 2023-11-09 | WordPress Etsy Shop Plugin <= 3.0.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-34002 | 2023-11-09 | WordPress WP Inventory Manager Plugin <= 2.1.0.13 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-31087 | 2023-11-09 | WordPress JS Job Manager Plugin <=2.0.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-34386 | 2023-11-09 | WordPress WPC Smart Wishlist for WooCommerce Plugin <= 4.7.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-46614 | 2023-11-09 | WordPress WP Helper Premium Plugin <= 4.5.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-47237 | 2023-11-09 | WordPress WP Google My Business Auto Publish Plugin <= 3.7 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-47238 | 2023-11-09 | WordPress Top 10 Plugin <= 3.3.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-34371 | 2023-11-09 | WordPress Download SpamReferrerBlock Plugin <= 2.22 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-6053 | 2023-11-09 | Tongda OA 2017 delete.php sql injection |
| CVE-2023-6054 | 2023-11-09 | Tongda OA 2017 lock.php sql injection |
| CVE-2023-34182 | 2023-11-09 | WordPress LH Password Changer Plugin <= 1.55 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-34181 | 2023-11-09 | WordPress WP-Cirrus Plugin <= 0.6.11 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-34178 | 2023-11-09 | WordPress Groundhogg Plugin <= 2.7.11 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-5539 | 2023-11-09 | Moodle: authenticated remote code execution risk in lesson |
| CVE-2023-34177 | 2023-11-09 | WordPress WP-Cache.com Plugin <= 1.1.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-39198 | 2023-11-09 | Kernel: qxl: race condition leading to use-after-free in qxl_mode_dumb_create() |
| CVE-2023-5540 | 2023-11-09 | Moodle: authenticated remote code execution risk in imscp |
| CVE-2023-5541 | 2023-11-09 | Moodle: xss risk when using csv grade import method |