CVE List - 2023 / February
Showing 1601 - 1700 of 2164 CVEs for February 2023 (Page 17 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-25805 | 2023-02-20 | versionn Command Injection Vulnerability |
| CVE-2023-24998 | 2023-02-20 | Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive parts |
| CVE-2015-10081 | 2023-02-20 | arnoldle submitByMailPlugin edit_list.php cross-site request forgery |
| CVE-2022-46303 | 2023-02-20 | Command injection in SMS notifications |
| CVE-2022-46836 | 2023-02-20 | PHP code injection in watolib |
| CVE-2022-47909 | 2023-02-20 | LQL Injection in Livestatus HTTP headers |
| CVE-2022-48321 | 2023-02-20 | SSRF in agent-receiver API |
| CVE-2022-48317 | 2023-02-20 | Insecure Termination of RestAPI Session Tokens |
| CVE-2022-48318 | 2023-02-20 | Insecure access control mechanisms for RestAPI documentation |
| CVE-2022-48319 | 2023-02-20 | Host secret disclosed in Checkmk logs |
| CVE-2022-48320 | 2023-02-20 | CSRF in add-visual endpoint |
| CVE-2016-15027 | 2023-02-20 | meta4creations Post Duplicator Plugin notices.php mtphr_post_duplicator_notice cross site scripting |
| CVE-2019-25104 | 2023-02-20 | rtcwcoop Team Command ai_cast_script.c AICast_ScriptLoad denial of service |
| CVE-2022-3901 | 2023-02-20 | Visioweb.js - Prototype Pollution can results in XSS |
| CVE-2022-38779 | 2023-02-21 | An open redirect issue was discovered in Kibana that could... |
| CVE-2023-22984 | 2023-02-21 | A Vulnerability was discovered in Axis 207W network camera. There... |
| CVE-2022-31394 | 2023-02-21 | Hyperium Hyper before 0.14.19 does not allow for customization of... |
| CVE-2022-45564 | 2023-02-21 | SQL Injection vulnerability in znfit Home improvement ERP management system... |
| CVE-2022-45677 | 2023-02-21 | SQL Injection Vulnerability in tanujpatra228 Tution Management System (TMS) via... |
| CVE-2022-46637 | 2023-02-21 | Prolink router PRS1841 was discovered to contain hardcoded credentials for... |
| CVE-2022-48340 | 2023-02-21 | In Gluster GlusterFS 11.0, there is an xlators/cluster/dht/src/dht-common.c dht_setxattr_mds_cbk use-after-free. |
| CVE-2023-0934 | 2023-02-21 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-20855 | 2023-02-21 | VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability.... |
| CVE-2023-20858 | 2023-02-21 | VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x... |
| CVE-2023-22920 | 2023-02-21 | A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware... |
| CVE-2023-23009 | 2023-02-21 | Libreswan 4.9 allows remote attackers to cause a denial of... |
| CVE-2023-24080 | 2023-02-21 | A lack of rate limiting on the password reset endpoint... |
| CVE-2023-24081 | 2023-02-21 | Multiple stored cross-site scripting (XSS) vulnerabilities in Redrock Software TutorTrac... |
| CVE-2023-24184 | 2023-02-21 | TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... |
| CVE-2023-24320 | 2023-02-21 | An access control issue in Axcora POS #0~gitf77ec09 allows unauthenticated... |
| CVE-2023-26242 | 2023-02-21 | afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has... |
| CVE-2023-26249 | 2023-02-21 | Knot Resolver before 5.6.0 enables attackers to consume its resources,... |
| CVE-2023-26253 | 2023-02-21 | In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based... |
| CVE-2023-26265 | 2023-02-21 | The Borg theme before 1.1.19 for Backdrop CMS does not... |
| CVE-2023-26266 | 2023-02-21 | In AFL++ 4.05c, the CmpLog component uses the current working... |
| CVE-2023-26267 | 2023-02-21 | php-saml-sp before 1.1.1 and 2.x before 2.1.1 allows reading arbitrary... |
| CVE-2014-125089 | 2023-02-21 | cention-chatserver InternalChatProtocol.fe _formatBody cross site scripting |
| CVE-2023-24575 | 2023-02-21 | Dell Multifunction Printer E525w Driver and Software Suite, versions prior... |
| CVE-2015-10082 | 2023-02-21 | UIKit0 libplist XML xplist.c plist_from_xml xml external entity reference |
| CVE-2023-0380 | 2023-02-21 | Easy Digital Downloads < 3.1.0.5 - Contributor+ Stored XSS |
| CVE-2023-0271 | 2023-02-21 | WP Font Awesome < 1.7.9 - Contributor+ Stored XSS |
| CVE-2020-36656 | 2023-02-21 | Spectra < 1.15.0 - Contributor+ Stored Cross-Side Scripting |
| CVE-2023-0375 | 2023-02-21 | Easy Affiliate Links < 3.7.1 - Contributor+ Stored XSS |
| CVE-2023-0231 | 2023-02-21 | ShopLentor < 2.5.4 - Contributor+ Stored XSS |
| CVE-2022-4669 | 2023-02-21 | Page Builder: Live Composer < 1.5.23 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4385 | 2023-02-21 | Intuitive Custom Post Order < 3.1.4 - Subscriber+ Arbitrary Menu Order Update |
| CVE-2023-0067 | 2023-02-21 | Timed Content < 2.73 - Contributor+ Stored XSS |
| CVE-2022-4777 | 2023-02-21 | Bootstrap Shortcodes <= 3.4.0 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0285 | 2023-02-21 | Real Media Library < 4.18.29 - Author+ Stored XSS |
| CVE-2023-0378 | 2023-02-21 | Greenshift < 5.0 - Contributor+ Stored XSS |
| CVE-2022-4761 | 2023-02-21 | Post Views Count <= 3.0.2 - Contributor+ Stored XSS in Shortcode |
| CVE-2022-4750 | 2023-02-21 | WP Responsive Testimonials Slider And Widget <= 1.5 - Contributor+ Stored XSS |
| CVE-2022-4785 | 2023-02-21 | Download Video Sidebar Widgets <= 6.1 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0559 | 2023-02-21 | GS Portfolio for Envato < 1.4.0 - Contributor+ Stored XSS |
| CVE-2023-0492 | 2023-02-21 | GS Products Slider for WooCommerce < 1.5.9 - Contributor+ Stored XSS |
| CVE-2022-4622 | 2023-02-21 | Login Logout Menu <= 1.3.3 - Contributor+ Stored XSS in Shortcode |
| CVE-2023-0372 | 2023-02-21 | EmbedStories < 0.7.5 - Contributor+ Stored XSS |
| CVE-2022-4784 | 2023-02-21 | Hueman Addons <= 2.3.3 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4897 | 2023-02-21 | BackupBuddy < 8.8.3 - Multiple Reflected Cross-Site Scripting |
| CVE-2022-4791 | 2023-02-21 | Product Slider and Carousel with Category for WooCommerce < 2.8 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0371 | 2023-02-21 | EmbedSocial < 1.1.28 - Contributor+ Stored XSS |
| CVE-2022-4752 | 2023-02-21 | Opening Hours <= 2.3.0 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0453 | 2023-02-21 | WP Private Message < 1.0.6 - Private Message Disclosure via IDOR |
| CVE-2023-0541 | 2023-02-21 | GS Books Showcase < 1.3.1 - Contributor+ Stored XSS |
| CVE-2022-4764 | 2023-02-21 | Simple File Downloader <= 1.0.4 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0428 | 2023-02-21 | Watu Quiz < 3.3.8.2 - Reflected XSS |
| CVE-2023-0429 | 2023-02-21 | Watu Quiz < 3.3.8.3 - Admin+ Stored XSS |
| CVE-2023-0540 | 2023-02-21 | GS Filterable Portfolio < 1.6.1 - Contributor+ Stored XSS |
| CVE-2022-4786 | 2023-02-21 | Video.js - HTML5 Video Player for WordPress <= 4.5.0 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0366 | 2023-02-21 | Loan Comparison < 1.5.3 - Contributor+ Stored XSS via shortcode |
| CVE-2023-0059 | 2023-02-21 | Youzify < 1.2.2 - Contributor+ Stored XSS |
| CVE-2022-4666 | 2023-02-21 | Markup <= 4.8.1 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0232 | 2023-02-21 | ShopLentor < 2.5.4 - PHP Object Injection |
| CVE-2022-4386 | 2023-02-21 | Intuitive Custom Post Order < 3.1.4 - Arbitrary Menu Order Update via CSRF |
| CVE-2022-4754 | 2023-02-21 | Easy Social Box <= 4.1.2 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4714 | 2023-02-21 | WP Dark Mode < 4.0.0 - Contributor+ Stored XSS in Shortcode |
| CVE-2023-0419 | 2023-02-21 | Shortcode for Font Awesome < 1.4.1 - Contributor+ Stored XSS |
| CVE-2023-0442 | 2023-02-21 | Loan Comparison < 1.5.2 - Reflected XSS via shortcode |
| CVE-2023-0935 | 2023-02-21 | DolphinPHP Incomplete Fix CVE-2021-46097 common.php os command injection |
| CVE-2023-0936 | 2023-02-21 | TP-Link Archer C50 Web Management Interface denial of service |
| CVE-2023-0938 | 2023-02-21 | SourceCodester Music Gallery Site GET Request music_list.php sql injection |
| CVE-2022-3353 | 2023-02-21 | IEC 61850 MMS-Server Vulnerability in multiple Hitachi Energy Products |
| CVE-2023-25928 | 2023-02-21 | IBM InfoSphere Information Server cross-site scripting |
| CVE-2015-10083 | 2023-02-21 | harrystech Dynosaur-Rails application_controller.rb basic_auth improper authentication |
| CVE-2015-10084 | 2023-02-21 | irontec klear-library BaseController.php _prepareWhere sql injection |
| CVE-2015-10085 | 2023-02-21 | GoPistolet MTA denial of service |
| CVE-2017-20178 | 2023-02-21 | Codiad process.php saveJSON information disclosure |
| CVE-2022-48282 | 2023-02-21 | Deserializing compromised object with MongoDB .NET/C# Driver may cause remote code execution |
| CVE-2023-0942 | 2023-02-21 | The Japanized For WooCommerce plugin for WordPress is vulnerable to... |
| CVE-2023-0943 | 2023-02-21 | SourceCodester Best POS Management System Image save_settings unrestricted upload |
| CVE-2023-0945 | 2023-02-21 | SourceCodester Best POS Management System cross site scripting |
| CVE-2023-0946 | 2023-02-21 | SourceCodester Best POS Management System sql injection |
| CVE-2017-20179 | 2023-02-21 | InSTEDD Pollit tour_controller.rb TourController Privilege Escalation |
| CVE-2023-25812 | 2023-02-21 | Allowed DELETE on resources on object locked buckets under Governance mode in Minio |
| CVE-2023-25810 | 2023-02-21 | Persistent Cross site scripting (XSS) through description in status page in Uptime Kuma |
| CVE-2023-25811 | 2023-02-21 | Persistent Cross site scripting (XSS) in Uptime Kuma |
| CVE-2023-25657 | 2023-02-21 | Remote code execution in Jinja2 template rendering in Nautobot |
| CVE-2023-25158 | 2023-02-21 | Unfiltered SQL Injection in Geotools |
| CVE-2023-25157 | 2023-02-21 | Unfiltered SQL Injection Vulnerabilities in Geoserver |
| CVE-2022-41565 | 2023-02-22 | TIBCO EBX Cross Site Scripting (XSS) Vulnerability |