CVE List - 2023 / December
Showing 1101 - 1200 of 2674 CVEs for December 2023 (Page 12 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-50769 | 2023-12-13 | Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and... |
| CVE-2023-50770 | 2023-12-13 | Jenkins OpenId Connect Authentication Plugin 2.6 and earlier stores a... |
| CVE-2023-50771 | 2023-12-13 | Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines... |
| CVE-2023-50772 | 2023-12-13 | Jenkins Dingding JSON Pusher Plugin 2.0 and earlier stores access... |
| CVE-2023-50773 | 2023-12-13 | Jenkins Dingding JSON Pusher Plugin 2.0 and earlier does not... |
| CVE-2023-50774 | 2023-12-13 | A cross-site request forgery (CSRF) vulnerability in Jenkins HTMLResource Plugin... |
| CVE-2023-50775 | 2023-12-13 | A cross-site request forgery (CSRF) vulnerability in Jenkins Deployment Dashboard... |
| CVE-2023-50776 | 2023-12-13 | Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier stores PaaSLane authentication... |
| CVE-2023-50777 | 2023-12-13 | Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask... |
| CVE-2023-50778 | 2023-12-13 | A cross-site request forgery (CSRF) vulnerability in Jenkins PaaSLane Estimate... |
| CVE-2023-50779 | 2023-12-13 | Missing permission checks in Jenkins PaaSLane Estimate Plugin 1.0.4 and... |
| CVE-2023-6765 | 2023-12-13 | SourceCodester Online Tours & Travels Management System email_setup.php prepare sql injection |
| CVE-2023-6766 | 2023-12-13 | PHPGurukul Teacher Subject Allocation Management System Delete Course course.php cross-site request forgery |
| CVE-2023-6767 | 2023-12-13 | SourceCodester Wedding Guest e-Book add-guest.php cross site scripting |
| CVE-2023-6790 | 2023-12-13 | PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface |
| CVE-2023-6792 | 2023-12-13 | PAN-OS: OS Command Injection Vulnerability in the XML API |
| CVE-2023-6794 | 2023-12-13 | PAN-OS: File Upload Vulnerability in the Web Interface |
| CVE-2023-43813 | 2023-12-13 | glpi Authenticated SQL Injection |
| CVE-2023-6795 | 2023-12-13 | PAN-OS: OS Command Injection Vulnerability in the Web Interface |
| CVE-2023-46726 | 2023-12-13 | GLPI Remote code execution from LDAP server configuration form on PHP 7.4 |
| CVE-2023-6789 | 2023-12-13 | PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface |
| CVE-2023-46727 | 2023-12-13 | GLPI SQL injection through inventory agent request |
| CVE-2023-6791 | 2023-12-13 | PAN-OS: Plaintext Disclosure of External System Integration Credentials |
| CVE-2023-6771 | 2023-12-13 | SourceCodester Simple Student Attendance System actions.class.php save_attendance sql injection |
| CVE-2023-6793 | 2023-12-13 | PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator |
| CVE-2023-6772 | 2023-12-13 | OTCMS ind_backstage.php sql injection |
| CVE-2023-6773 | 2023-12-13 | CodeAstro POS and Inventory Management System User Creation register_account access control |
| CVE-2023-46247 | 2023-12-13 | Vyper has incorrect storage layout for contracts containing large arrays |
| CVE-2023-49296 | 2023-12-13 | Arduino Create Agent vulnerable to Reflected Cross-Site Scripting |
| CVE-2023-6774 | 2023-12-13 | CodeAstro POS and Inventory Management System register_account cross site scripting |
| CVE-2023-6775 | 2023-12-13 | CodeAstro POS and Inventory Management System item_con cross site scripting |
| CVE-2023-49877 | 2023-12-13 | IBM System Storage Virtualization Engine information disclosure |
| CVE-2023-49878 | 2023-12-13 | IBM System Storage Virtualization Engine information disclosure |
| CVE-2023-50246 | 2023-12-13 | jq has heap-buffer-overflow vulnerability in the function decToString in decNumber.c |
| CVE-2023-50248 | 2023-12-13 | CKAN out of memory error when submitting the dataset form with a specially-crafted field |
| CVE-2023-50268 | 2023-12-13 | jq has stack-based buffer overflow in decNaNs |
| CVE-2023-50262 | 2023-12-13 | Dompdf possible DoS caused by infinite recursion when parsing SVG images |
| CVE-2023-48702 | 2023-12-13 | Jellyfin Possible Remote Code Execution via custom FFmpeg binary |
| CVE-2023-47619 | 2023-12-13 | Audiobookshelf Server-Side Request Forgery and Arbitrary File Read Vulnerability |
| CVE-2023-47624 | 2023-12-13 | Audiobookshelf Arbitrary File Read Vulnerability |
| CVE-2023-47623 | 2023-12-13 | Scrypted reflected Cross-site Scripting vulnerability |
| CVE-2023-47620 | 2023-12-13 | Scrypted reflected Cross-site Scripting vulnerability |
| CVE-2023-50709 | 2023-12-13 | Denial of service attack on the cube-api endpoint |
| CVE-2023-43583 | 2023-12-13 | Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App... |
| CVE-2023-43585 | 2023-12-13 | Improper access control in Zoom Mobile App for iOS and... |
| CVE-2023-43586 | 2023-12-13 | Path traversal in Zoom Desktop Client for Windows, Zoom VDI... |
| CVE-2023-49646 | 2023-12-13 | Improper authentication in some Zoom clients before version 5.16.5 may... |
| CVE-2023-45166 | 2023-12-13 | IBM AIX privilege escalation |
| CVE-2023-45174 | 2023-12-13 | IBM AIX privilege escalation |
| CVE-2023-45170 | 2023-12-13 | IBM AIX privilege escalation |
| CVE-2023-21751 | 2023-12-13 | Azure DevOps Server Spoofing Vulnerability |
| CVE-2023-31546 | 2023-12-14 | Cross Site Scripting (XSS) vulnerability in DedeBIZ v6.0.3 allows attackers... |
| CVE-2023-44709 | 2023-12-14 | PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an... |
| CVE-2023-45894 | 2023-12-14 | The Remote Application Server in Parallels RAS before 19.2.23975 does... |
| CVE-2023-46348 | 2023-12-14 | SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows... |
| CVE-2023-47261 | 2023-12-14 | Dokmee ECM 7.4.6 allows remote code execution because the response... |
| CVE-2023-48049 | 2023-12-14 | A SQL injection vulnerability in Cybrosys Techno Solutions Website Blog... |
| CVE-2023-48084 | 2023-12-14 | Nagios XI before version 5.11.3 was discovered to contain a... |
| CVE-2023-48925 | 2023-12-14 | SQL injection vulnerability in Buy Addons bavideotab before version 1.0.6,... |
| CVE-2023-49933 | 2023-12-14 | An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and... |
| CVE-2023-49934 | 2023-12-14 | An issue was discovered in SchedMD Slurm 23.11.x. There is... |
| CVE-2023-49935 | 2023-12-14 | An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x.... |
| CVE-2023-49936 | 2023-12-14 | An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and... |
| CVE-2023-49937 | 2023-12-14 | An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and... |
| CVE-2023-49938 | 2023-12-14 | An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x.... |
| CVE-2023-50011 | 2023-12-14 | PopojiCMS version 2.0.1 is vulnerable to remote command execution in... |
| CVE-2023-50017 | 2023-12-14 | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request... |
| CVE-2023-50073 | 2023-12-14 | EmpireCMS v7.5 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-50100 | 2023-12-14 | JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2023-50101 | 2023-12-14 | JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2023-50102 | 2023-12-14 | JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS). |
| CVE-2023-50137 | 2023-12-14 | JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) in... |
| CVE-2023-50471 | 2023-12-14 | cJSON v1.7.16 was discovered to contain a segmentation violation via... |
| CVE-2023-50472 | 2023-12-14 | cJSON v1.7.16 was discovered to contain a segmentation violation via... |
| CVE-2023-50563 | 2023-12-14 | Semcms v4.8 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-50564 | 2023-12-14 | An arbitrary file upload vulnerability in the component /inc/modules_install.php of... |
| CVE-2023-50565 | 2023-12-14 | A cross-site scripting (XSS) vulnerability in the component /logs/dopost.html in... |
| CVE-2023-50566 | 2023-12-14 | A stored cross-site scripting (XSS) vulnerability in EyouCMS-V1.6.5-UTF8-SP1 allows attackers... |
| CVE-2023-41151 | 2023-12-14 | An uncaught exception issue discovered in Softing OPC UA C++... |
| CVE-2023-48085 | 2023-12-14 | Nagios XI before version 5.11.3 was discovered to contain a... |
| CVE-2022-43843 | 2023-12-14 | IBM Spectrum Scale information disclosure |
| CVE-2023-43042 | 2023-12-14 | IBM Storage Virtualize information disclosure |
| CVE-2023-45184 | 2023-12-14 | IBM i Access Client Solutions |
| CVE-2023-41720 | 2023-12-14 | A vulnerability exists on all versions of Ivanti Connect Secure... |
| CVE-2023-41719 | 2023-12-14 | A vulnerability exists on all versions of Ivanti Connect Secure... |
| CVE-2023-5629 | 2023-12-14 | A CWE-601:URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability exists... |
| CVE-2023-5630 | 2023-12-14 | A CWE-494: Download of Code Without Integrity Check vulnerability exists... |
| CVE-2023-6407 | 2023-12-14 | A CWE-22: Improper Limitation of a Pathname to a Restricted... |
| CVE-2023-25648 | 2023-12-14 | Weak Folder Permission Vulnerability in ZTE ZXCLOUD iRAI |
| CVE-2023-25650 | 2023-12-14 | Arbitrary File Download Vulnerability in ZTE ZXCLOUD iRAI |
| CVE-2023-25651 | 2023-12-14 | SQL Injection Vulnerability in Some ZTE Mobile Internet Products |
| CVE-2023-25642 | 2023-12-14 | Two Vulnerabilities in Some ZTE Mobile Internet Products |
| CVE-2023-25643 | 2023-12-14 | Two Vulnerabilities in Some ZTE Mobile Internet Products |
| CVE-2023-1904 | 2023-12-14 | In affected versions of Octopus Server it is possible for... |
| CVE-2023-25644 | 2023-12-14 | Denial of Service Vulnerability in Some ZTE Mobile Internet Products |
| CVE-2023-46750 | 2023-12-14 | Apache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Shiro. |
| CVE-2023-40655 | 2023-12-14 | Extension - mooj.org - Reflected XSS in Proforms Basic component for Joomla <= 1.6.0 |
| CVE-2023-40630 | 2023-12-14 | Extension - joomcode.com - Unauthenticated LFI/SSRF in JCDashboards component for Joomla 1.0.0-1.1.30 |
| CVE-2023-40657 | 2023-12-14 | Extension - artio.net - Reflected XSS in Joomdoc component for Joomla 1.0.0-4.0.5 |
| CVE-2023-49707 | 2023-12-14 | Extension - joomlart.com - SQLi vulnerability in S5 Register module for Joomla 1.0.0-3.0.0 |