CVE List - 2023 / January
Showing 501 - 600 of 2351 CVEs for January 2023 (Page 6 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2016-15016 | 2023-01-08 | mrtnmtth joomla_mod_einsatz_stats helper.php getStatsByType sql injection |
| CVE-2021-36603 | 2023-01-09 | Cross Site Scripting (XSS) in Tasmota firmware 6.5.0 allows remote... |
| CVE-2022-36925 | 2023-01-09 | Insecure key generation for Zoom Rooms for macOS Clients |
| CVE-2022-36926 | 2023-01-09 | Local Privilege Escalation in Zoom Rooms for macOS Clients |
| CVE-2022-36927 | 2023-01-09 | Local Privilege Escalation in Zoom Rooms for macOS Clients |
| CVE-2022-36928 | 2023-01-09 | Path Traversal in Zoom for Android Clients |
| CVE-2022-36929 | 2023-01-09 | Local Privilege Escalation in Zoom Rooms for Windows Clients |
| CVE-2022-36930 | 2023-01-09 | Local Privilege Escalation in Zoom Rooms for Windows Installers |
| CVE-2022-43970 | 2023-01-09 | Buffer overflow in Linksys WRT54GL |
| CVE-2022-43971 | 2023-01-09 | Arbitrary code execution in Linksys WUMC710 |
| CVE-2022-43972 | 2023-01-09 | Null pointer dereference in Linksys WRT54GL |
| CVE-2022-43973 | 2023-01-09 | Arbitrary code execution in Linksys WRT54GL |
| CVE-2022-43974 | 2023-01-09 | MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13.... |
| CVE-2022-46258 | 2023-01-09 | Incorrect Authorization in GitHub Enterprise Server leads to Action Workflow modifications without Workflow Scope |
| CVE-2022-46603 | 2023-01-09 | An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary... |
| CVE-2022-47790 | 2023-01-09 | Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL... |
| CVE-2022-45126 | 2023-01-09 | Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. |
| CVE-2022-43662 | 2023-01-09 | Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. |
| CVE-2023-0035 | 2023-01-09 | softbus_client_stub in communication subsystem has an authentication bypass vulnerability which allows an "SA relay attack". |
| CVE-2023-0036 | 2023-01-09 | platform_callback_stub in misc subsystem has an authentication bypass vulnerability which allows an "SA relay attack". |
| CVE-2022-25890 | 2023-01-09 | All versions of the package wifey are vulnerable to Command... |
| CVE-2010-10004 | 2023-01-09 | Information Cards Module cross site scripting |
| CVE-2021-4310 | 2023-01-09 | 01-Scripts 01-Artikelsystem 01article.php cross site scripting |
| CVE-2015-10032 | 2023-01-09 | HealthMateWeb createaccount.php cross site scripting |
| CVE-2022-4882 | 2023-01-09 | kaltura mwEmbed Share Plugin share.js cross site scripting |
| CVE-2017-20165 | 2023-01-09 | debug-js debug node.js useColors redos |
| CVE-2022-46769 | 2023-01-09 | Apache Sling App CMS: XSS in CMS Site Group Detail |
| CVE-2022-2196 | 2023-01-09 | Speculative execution attacks in KVM VMX |
| CVE-2021-4311 | 2023-01-09 | Talend Open Studio for MDM XML xml external entity reference |
| CVE-2022-23508 | 2023-01-09 | GitOps Run allows for Kubernetes workload injection |
| CVE-2022-23509 | 2023-01-09 | Weave Gitops Run vulnerable to insecure communication |
| CVE-2023-22472 | 2023-01-09 | Nextcloud Deck Desktop Client is vulnerable to Cross-Site Request Forgery (CSRF) via malicious link |
| CVE-2023-22473 | 2023-01-09 | Passcode bypass on Talk-Android app |
| CVE-2023-22477 | 2023-01-09 | Mercurius is vulnerable to denial of service (DoS) when using subscriptions |
| CVE-2022-4884 | 2023-01-09 | Path-Traversal in MKP storing |
| CVE-2015-10033 | 2023-01-09 | jvvlee MerlinsBoard Grade improper authorization |
| CVE-2015-10034 | 2023-01-09 | j-nowak workout-organizer sql injection |
| CVE-2015-10035 | 2023-01-09 | gperson angular-test-reporter data-server.js addTest sql injection |
| CVE-2014-125071 | 2023-01-09 | lukehutch Gribbit HttpRequestHandler.java messageReceived missing origin validation in websockets |
| CVE-2023-0125 | 2023-01-09 | Control iD Gerencia Web Web Interface cross site scripting |
| CVE-2014-125072 | 2023-01-09 | CherishSin klattr sql injection |
| CVE-2022-4310 | 2023-01-09 | Slimstat Analytics < 4.9.3 - Unauthenticated Stored XSS |
| CVE-2022-3343 | 2023-01-09 | WPQA < 5.9.3 - Missing validation lead to functionality abuse |
| CVE-2022-3416 | 2023-01-09 | WPtouch < 4.3.45 - Admin+ Arbitrary File Upload |
| CVE-2022-4392 | 2023-01-09 | iPanorama 360 WordPress Virtual Tour Builder <= 1.6.29 - Contributor+ Stored XSS |
| CVE-2022-4393 | 2023-01-09 | ImageLinks Interactive Image Builder for WordPress <= 1.5.3 - Contributor+ Stored XSS |
| CVE-2022-4043 | 2023-01-09 | WP Custom Admin Interface < 7.29 - Admin+ PHP Object Injection |
| CVE-2022-3417 | 2023-01-09 | WPtouch < 4.3.45 - Admin+ PHP Object Injection |
| CVE-2022-4468 | 2023-01-09 | WP Recipe Maker < 8.6.1 - Contributor+ Stored XSS |
| CVE-2022-4491 | 2023-01-09 | WP Table Reloaded <= 1.9.4 - Contributor+ Stored XSS |
| CVE-2022-4479 | 2023-01-09 | Table of Contents Plus < 2212 - Contributor+ Stored XSS |
| CVE-2022-4394 | 2023-01-09 | iPages Flipbook For WordPress <= 1.4.6 - Contributor+ Stored XSS |
| CVE-2022-3923 | 2023-01-09 | ActiveCampaign for WooCommerce < 1.9.8 - Subscriber+ Error Log Cleanup |
| CVE-2022-4497 | 2023-01-09 | Jetpack CRM < 5.5 - Contributor+ Stored XSS |
| CVE-2022-4301 | 2023-01-09 | Sunshine Photo Cart < 2.9.15 - Reflected XSS |
| CVE-2022-4103 | 2023-01-09 | Royal Elementor Addons < 1.3.56 - Subscriber+ Arbitrary Post Creation |
| CVE-2022-4374 | 2023-01-09 | Bg Bible References <= 3.8.14 - Reflected XSS |
| CVE-2022-4196 | 2023-01-09 | Multi Step Form < 1.7.8 - Admin+ Stored XSS |
| CVE-2022-4102 | 2023-01-09 | Royal Elementor Addons < 1.3.56 - Subscriber+ Arbitrary Post Deletion |
| CVE-2022-4426 | 2023-01-09 | Mautic Integration For WooCommerce < 1.0.3 - Arbitrary Options Update via CSRF |
| CVE-2022-3855 | 2023-01-09 | 404 to Start <= 1.6.1 - Admin+ Stored XSS |
| CVE-2022-3679 | 2023-01-09 | Starter Templates by Kadence WP < 1.2.17 - Admin+ PHP Object Injection |
| CVE-2022-4368 | 2023-01-09 | WP CSV <= 1.8.0.0 - Reflected XSS via CSV Import |
| CVE-2022-4391 | 2023-01-09 | Vision Interactive For WordPress <= 1.5.3 - Contributor+ Stored XSS |
| CVE-2022-4325 | 2023-01-09 | Post Status Notifier Lite < 1.10.1 - Reflected XSS |
| CVE-2022-4337 | 2023-01-10 | An out-of-bounds read in Organization Specific TLV was found in... |
| CVE-2022-4338 | 2023-01-10 | An integer underflow in Organization Specific TLV was found in... |
| CVE-2022-47083 | 2023-01-10 | A PHP Object Injection vulnerability in the unserialize() function Spitfire... |
| CVE-2022-48251 | 2023-01-10 | The AES instructions on the ARMv8 platform do not have... |
| CVE-2023-0139 | 2023-01-10 | Insufficient validation of untrusted input in Downloads in Google Chrome... |
| CVE-2023-0140 | 2023-01-10 | Inappropriate implementation in in File System API in Google Chrome... |
| CVE-2023-21525 | 2023-01-10 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-21527 | 2023-01-10 | Windows iSCSI Service Denial of Service Vulnerability |
| CVE-2023-21531 | 2023-01-10 | Azure Service Fabric Container Elevation of Privilege Vulnerability |
| CVE-2023-21532 | 2023-01-10 | Windows GDI Elevation of Privilege Vulnerability |
| CVE-2023-21535 | 2023-01-10 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
| CVE-2023-21536 | 2023-01-10 | Event Tracing for Windows Information Disclosure Vulnerability |
| CVE-2023-21537 | 2023-01-10 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability |
| CVE-2023-21538 | 2023-01-10 | .NET Denial of Service Vulnerability |
| CVE-2023-21539 | 2023-01-10 | Windows Authentication Remote Code Execution Vulnerability |
| CVE-2023-21540 | 2023-01-10 | Windows Cryptographic Information Disclosure Vulnerability |
| CVE-2023-21541 | 2023-01-10 | Windows Task Scheduler Elevation of Privilege Vulnerability |
| CVE-2023-21542 | 2023-01-10 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2023-21543 | 2023-01-10 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
| CVE-2023-21546 | 2023-01-10 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
| CVE-2023-21547 | 2023-01-10 | Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability |
| CVE-2023-21548 | 2023-01-10 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
| CVE-2023-21549 | 2023-01-10 | Windows SMB Witness Service Elevation of Privilege Vulnerability |
| CVE-2023-21550 | 2023-01-10 | Windows Cryptographic Information Disclosure Vulnerability |
| CVE-2023-21551 | 2023-01-10 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability |
| CVE-2023-21552 | 2023-01-10 | Windows GDI Elevation of Privilege Vulnerability |
| CVE-2023-21555 | 2023-01-10 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
| CVE-2023-21556 | 2023-01-10 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
| CVE-2023-21557 | 2023-01-10 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability |
| CVE-2023-21558 | 2023-01-10 | Windows Error Reporting Service Elevation of Privilege Vulnerability |
| CVE-2023-21559 | 2023-01-10 | Windows Cryptographic Information Disclosure Vulnerability |
| CVE-2023-21560 | 2023-01-10 | Windows Boot Manager Security Feature Bypass Vulnerability |
| CVE-2023-21561 | 2023-01-10 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability |
| CVE-2023-21563 | 2023-01-10 | BitLocker Security Feature Bypass Vulnerability |
| CVE-2023-21674 | 2023-01-10 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability |