CVE List - 2023 / December
Showing 1501 - 1600 of 2674 CVEs for December 2023 (Page 16 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-48464 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48583 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48543 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48527 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48617 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48451 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48614 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48481 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48452 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48565 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48457 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48532 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48622 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48488 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48624 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48581 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48575 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48550 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48567 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48505 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48591 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48441 | 2023-12-15 | Adobe Experience Manager | Improper Access Control (CWE-284) |
| CVE-2023-48496 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48473 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48538 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48589 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48503 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48454 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48607 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) |
| CVE-2023-48564 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48501 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48468 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2023-48512 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48604 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-48522 | 2023-12-15 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-33217 | 2023-12-15 | Missing integrity check on upgrade package |
| CVE-2023-6553 | 2023-12-15 | The Backup Migration plugin for WordPress is vulnerable to Remote... |
| CVE-2023-33218 | 2023-12-15 | Stack Buffer Overflow in a binary run at upgrade startup |
| CVE-2023-33219 | 2023-12-15 | Stack Buffer Overflow when checking retrofit package |
| CVE-2023-33220 | 2023-12-15 | Stack Buffer Overflow when checking some attributes during retrofit |
| CVE-2023-33221 | 2023-12-15 | Heap Buffer Overflow when reading DESFire card |
| CVE-2023-33222 | 2023-12-15 | Stack buffer overflow when reading DESFire card |
| CVE-2023-49898 | 2023-12-15 | Apache StreamPark (incubating): Authenticated system users could trigger remote command execution |
| CVE-2023-30867 | 2023-12-15 | Apache StreamPark (incubating): Authenticated system users could trigger SQL injection vulnerability |
| CVE-2023-46116 | 2023-12-15 | Remote Code Execution via insufficiently sanitized call to shell.openExternal |
| CVE-2023-50870 | 2023-12-15 | In JetBrains TeamCity before 2023.11.1 a CSRF on login was... |
| CVE-2023-50871 | 2023-12-15 | In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments... |
| CVE-2023-49160 | 2023-12-15 | WordPress Formzu WP Plugin <= 1.6.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48765 | 2023-12-15 | WordPress Email Address Encoder Plugin <= 1.0.22 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49165 | 2023-12-15 | WordPress Client Dash Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49169 | 2023-12-15 | WordPress Ads by datafeedr.com Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49170 | 2023-12-15 | WordPress Forms by CaptainForm Plugin <= 2.5.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49174 | 2023-12-15 | WordPress Responsive Lightbox Plugin <= 2.4.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49175 | 2023-12-15 | WordPress KP Fastest Tawk.to Chat Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49176 | 2023-12-15 | WordPress WP Pocket URLs Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49177 | 2023-12-15 | WordPress which template file Plugin <= 4.9.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49178 | 2023-12-15 | WordPress HDW Player Plugin (Video Player & Video Gallery) Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49179 | 2023-12-15 | WordPress Event post Plugin <= 5.8.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49180 | 2023-12-15 | WordPress Automatic Youtube Video Posts Plugin Plugin <= 5.2.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49181 | 2023-12-15 | WordPress WP Event Manager Plugin <= 3.1.40 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49182 | 2023-12-15 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... |
| CVE-2023-49183 | 2023-12-15 | WordPress NextScripts Plugin <= 4.4.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49184 | 2023-12-15 | WordPress Parallax Slider Block Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49185 | 2023-12-15 | WordPress Doofinder for WooCommerce Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49187 | 2023-12-15 | WordPress Adifier System Plugin < 3.1.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49188 | 2023-12-15 | WordPress Track Geolocation Of Users Using Contact Form 7 Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49189 | 2023-12-15 | WordPress Social Share Buttons & Analytics Plugin – GetSocial.io Plugin <= 4.3.12 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49190 | 2023-12-15 | WordPress Site Offline Plugin <= 1.5.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49191 | 2023-12-15 | WordPress GDPR Cookie Consent by Supsystic Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49747 | 2023-12-15 | WordPress Guest Author Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49767 | 2023-12-15 | WordPress Biteship Plugin <= 2.2.24 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49823 | 2023-12-15 | WordPress Bold Page Builder Plugin <= 4.6.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49829 | 2023-12-15 | WordPress Tutor LMS Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-3511 | 2023-12-15 | Incorrect Authorization in GitLab |
| CVE-2023-49159 | 2023-12-15 | WordPress CommentLuv Plugin <= 3.0.4 is vulnerable to Server Side Request Forgery (SSRF) |
| CVE-2023-49197 | 2023-12-15 | WordPress DoFollow Case by Case Plugin <= 3.4.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49744 | 2023-12-15 | WordPress Gift Up Gift Cards for WordPress and WooCommerce Plugin <= 2.21.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49749 | 2023-12-15 | WordPress SureTriggers Plugin <= 1.0.23 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-6680 | 2023-12-15 | Improper Certificate Validation in GitLab |
| CVE-2023-6051 | 2023-12-15 | Improper Control of Generation of Code ('Code Injection') in GitLab |
| CVE-2023-5512 | 2023-12-15 | Improper Control of Generation of Code ('Code Injection') in GitLab |
| CVE-2023-5061 | 2023-12-15 | Missing Authorization in GitLab |
| CVE-2023-3904 | 2023-12-15 | Improper Validation of Specified Type of Input in GitLab |
| CVE-2023-5310 | 2023-12-15 | Z-Wave Denial of Service caused by Stream of Packets |
| CVE-2023-50720 | 2023-12-15 | XWiki Platform Solr search discloses email addresses of users |
| CVE-2023-50719 | 2023-12-15 | XWiki Platform Solr search discloses password hashes of all users |
| CVE-2023-50721 | 2023-12-15 | XWiki Platform RCE from account through SearchAdmin |
| CVE-2023-50722 | 2023-12-15 | XWiki Platform XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass |
| CVE-2023-50723 | 2023-12-15 | XWiki Platform remote code execution/programming rights with configuration section from any user account |
| CVE-2023-4020 | 2023-12-15 | Unvalidated input in Silicon Labs PSA Attestation service leads to secure memory access from non-secure memory |
| CVE-2023-50264 | 2023-12-15 | Bazarr Arbitrary file read in /system/backup/download/ endpoint |
| CVE-2023-50265 | 2023-12-15 | Bazarr Arbitrary file read in /api/swaggerui/static endpoint |
| CVE-2023-50266 | 2023-12-15 | Bazarr Blind Server-Side Request Forgery (SSRF) in the /test/<protocol>/ endpoint |
| CVE-2023-50728 | 2023-12-15 | Unauthenticated Denial of Service in the octokit/webhooks library |
| CVE-2023-28022 | 2023-12-15 | HCL Connections is vulnerable to sensitive information disclosure |
| CVE-2023-27317 | 2023-12-15 | Information Disclosure Vulnerability in ONTAP 9 |
| CVE-2020-17483 | 2023-12-16 | An improper access control vulnerability exists in Uffizio's GPS Tracker... |
| CVE-2020-17484 | 2023-12-16 | An Open Redirection vulnerability exists in Uffizio's GPS Tracker all... |
| CVE-2020-17485 | 2023-12-16 | A Remote Code Execution vulnerability exist in Uffizio's GPS Tracker... |
| CVE-2021-42794 | 2023-12-16 | An issue was discovered in AVEVA Edge (formerly InduSoft Web... |