CVE List - 2023 / December
Showing 2101 - 2200 of 2673 CVEs for December 2023 (Page 22 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-49086 | 2023-12-21 | Cacti is vulnerable to cross-Site scripting (XSS) DOM |
| CVE-2022-47532 | 2023-12-22 | FileRun 20220519 allows SQL Injection via the "dir" parameter in a /?module=users§ion=cpanel&page=list request. |
| CVE-2023-24609 | 2023-12-22 | Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates... |
| CVE-2023-43116 | 2023-12-22 | A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH... |
| CVE-2023-43741 | 2023-12-22 | A time-of-check-time-of-use race condition vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to bypass a symbolic link check for the PIPELINE_PATH... |
| CVE-2023-45957 | 2023-12-22 | A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via $e->getMessage() error mishandling. |
| CVE-2023-49391 | 2023-12-22 | An issue was discovered in free5GC version 3.3.0, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) on AMF component via crafted NGAP message. |
| CVE-2023-50147 | 2023-12-22 | There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. |
| CVE-2023-51011 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanPriDns parameter’ of the setLanConfig interface of the cstecgi .cgi |
| CVE-2023-51012 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi. |
| CVE-2023-51013 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi. |
| CVE-2023-51014 | 2023-12-22 | TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi |
| CVE-2023-51015 | 2023-12-22 | TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi |
| CVE-2023-51016 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi. |
| CVE-2023-51017 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi. |
| CVE-2023-51019 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi. |
| CVE-2023-51020 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi. |
| CVE-2023-51021 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi. |
| CVE-2023-51022 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langFlag’ parameter of the setLanguageCfg interface of the cstecgi .cgi. |
| CVE-2023-51023 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi. |
| CVE-2023-51024 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi. |
| CVE-2023-51025 | 2023-12-22 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi. |
| CVE-2023-51026 | 2023-12-22 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi. |
| CVE-2023-51027 | 2023-12-22 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi. |
| CVE-2023-51028 | 2023-12-22 | TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi. |
| CVE-2023-51033 | 2023-12-22 | TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi setOpModeCfg interface. |
| CVE-2023-51034 | 2023-12-22 | TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface. |
| CVE-2023-51035 | 2023-12-22 | TOTOLINK EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface. |
| CVE-2023-51708 | 2023-12-22 | Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB... |
| CVE-2023-42465 | 2023-12-22 | Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a... |
| CVE-2023-49356 | 2023-12-22 | A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592. |
| CVE-2023-51018 | 2023-12-22 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘opmode’ parameter of the setWiFiApConfig interface of the cstecgi .cgi. |
| CVE-2023-51704 | 2023-12-22 | An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group-*-member messages can result in XSS on Special:log/rights. |
| CVE-2023-51707 | 2023-12-22 | MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected. |
| CVE-2023-51713 | 2023-12-22 | make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics. |
| CVE-2023-7052 | 2023-12-22 | PHPGurukul Online Notes Sharing System profile.php cross-site request forgery |
| CVE-2023-7053 | 2023-12-22 | PHPGurukul Online Notes Sharing System signup.php weak password |
| CVE-2023-7054 | 2023-12-22 | PHPGurukul Online Notes Sharing System add-notes.php unrestricted upload |
| CVE-2023-7055 | 2023-12-22 | PHPGurukul Online Notes Sharing System Contact Information profile.php access control |
| CVE-2023-7056 | 2023-12-22 | code-projects Faculty Management System subjects.php cross site scripting |
| CVE-2023-7057 | 2023-12-22 | code-projects Faculty Management System yearlevel.php cross site scripting |
| CVE-2023-7058 | 2023-12-22 | SourceCodester Simple Student Attendance System path traversal |
| CVE-2023-7059 | 2023-12-22 | SourceCodester School Visitor Log e-Book log-book.php cross site scripting |
| CVE-2023-7075 | 2023-12-22 | code-projects Point of Sales and Inventory Management System checkout.php cross site scripting |
| CVE-2023-7076 | 2023-12-22 | slawkens MyAAC bugtracker.php cross site scripting |
| CVE-2023-51661 | 2023-12-22 | Filesystem sandbox not enforced in wasmer-cli |
| CVE-2022-39337 | 2023-12-22 | Permission bypass due to incorrect configuration in github.com/dromara/hertzbeat |
| CVE-2023-48704 | 2023-12-22 | Unauthenticated heap buffer overflow in Gorrila codec decompression |
| CVE-2023-45165 | 2023-12-22 | IBM AIX denial of service |
| CVE-2023-48670 | 2023-12-22 | Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading... |
| CVE-2023-42017 | 2023-12-22 | IBM Planning Analytics file upload |
| CVE-2023-49085 | 2023-12-22 | Cacti SQL Injection vulnerability |
| CVE-2023-49088 | 2023-12-22 | Cacti has incomplete fix for CVE-2023-39515 |
| CVE-2023-49790 | 2023-12-22 | App PIN code can be bypassed in Nextcloud Files iOS |
| CVE-2023-49791 | 2023-12-22 | Workflows do not require password confirmation on API level |
| CVE-2023-51662 | 2023-12-22 | Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL) |
| CVE-2023-49792 | 2023-12-22 | Bruteforce protection can be bypassed with misconfigured proxy |
| CVE-2023-50250 | 2023-12-22 | Cross-Site Scripting vulnerability when Import xml template file |
| CVE-2023-51448 | 2023-12-22 | SQL Injection vulnerability when managing SNMP Notification Receivers |
| CVE-2023-51649 | 2023-12-22 | Nautobot missing object-level permissions enforcement when running Job Buttons |
| CVE-2023-50254 | 2023-12-22 | Deepin Reader RCE vulnerability due to a design flaw |
| CVE-2023-50258 | 2023-12-22 | Blind SSRF in `/home/testdiscord` endpoint |
| CVE-2023-50259 | 2023-12-22 | Blind SSRF in /home/testslack endpoint |
| CVE-2023-39251 | 2023-12-22 | Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system. |
| CVE-2023-43088 | 2023-12-22 | Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary... |
| CVE-2023-50708 | 2023-12-22 | yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation |
| CVE-2023-50714 | 2023-12-22 | The Oauth2 PKCE implementation is vulnerable |
| CVE-2023-50712 | 2023-12-22 | Improper Neutralization of Alternate XSS Syntax in iris-web |
| CVE-2023-50725 | 2023-12-22 | Resque vulnerable to reflected XSS in resque-web failed and queues lists |
| CVE-2023-50727 | 2023-12-22 | Resque vulnerable to reflected XSS in Queue Endpoint |
| CVE-2023-50730 | 2023-12-22 | Grackle has StackOverflowError in GraphQL query processing |
| CVE-2023-50924 | 2023-12-22 | Stored XSS in Overview and Output fields |
| CVE-2023-50731 | 2023-12-22 | MindsDB has arbitrary file write in file.py |
| CVE-2023-51387 | 2023-12-22 | Expression Injection Vulnerability in Hertzbeat |
| CVE-2023-51650 | 2023-12-22 | Unauthorized access vulnerability on three interfaces |
| CVE-2023-51449 | 2023-12-22 | Make the `/file` secure against file traversal attacks |
| CVE-2023-50928 | 2023-12-22 | sandbox-accounts-for-events security misconfiguration leads to budget exceed |
| CVE-2023-51451 | 2023-12-22 | SSRF in symbolicator via invalid protocol |
| CVE-2023-51651 | 2023-12-22 | Potential URI resolution path traversal in the AWS SDK for PHP |
| CVE-2023-51386 | 2023-12-22 | Sandbox Accounts for Events vulnerable to privilege escalation to read running events data |
| CVE-2023-6972 | 2023-12-23 | The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP... |
| CVE-2023-6971 | 2023-12-23 | The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to... |
| CVE-2023-7002 | 2023-12-23 | The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with... |
| CVE-2023-5961 | 2023-12-23 | ioLogik E1200 Series: Cross-Site Request Forgery (CSRF) Vulnerability |
| CVE-2023-5962 | 2023-12-23 | ioLogik E1200 Series: Weak Cryptographic Algorithm Vulnerability |
| CVE-2023-6744 | 2023-12-23 | The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'et_pb_text' shortcode in all versions up to, and including, 4.23.1 due to insufficient input sanitization and... |
| CVE-2020-36769 | 2023-12-23 | The Widget Settings Importer/Exporter Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wp_ajax_import_widget_dataparameter AJAX action in versions up to, and including, 1.5.3 due to insufficient input sanitization... |
| CVE-2023-7008 | 2023-12-23 | Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes |
| CVE-2014-125108 | 2023-12-23 | w3c online-spellchecker-py spellchecker cross site scripting |
| CVE-2016-15036 | 2023-12-23 | Deis Workflow Manager race condition |
| CVE-2023-49594 | 2023-12-23 | An information disclosure vulnerability exists in the challenge functionality of instipod DuoUniversalKeycloakAuthenticator 1.0.7 plugin. A specially crafted HTTP request can lead to a disclosure of sensitive information. A user logging... |
| CVE-2023-7090 | 2023-12-23 | Sudo: improper handling of ipa_hostname leads to privilege mismanagement |
| CVE-2023-51714 | 2023-12-24 | An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer... |
| CVE-2023-51763 | 2023-12-24 | csv_builder.rb in ActiveAdmin (aka Active Admin) before 3.2.0 allows CSV injection. |
| CVE-2023-51765 | 2023-12-24 | sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of... |
| CVE-2023-51764 | 2023-12-24 | Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to... |
| CVE-2023-51766 | 2023-12-24 | Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass... |
| CVE-2023-51767 | 2023-12-24 | OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips... |
| CVE-2023-7091 | 2023-12-24 | Dreamer CMS uploadFile unrestricted upload |
| CVE-2023-7101 | 2023-12-24 | Arbitrary Code Execution (ACE) Vulnerability |