CVE List - 2023 / February
Showing 1801 - 1900 of 2164 CVEs for February 2023 (Page 19 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-0868 | 2023-02-23 | Stealing Cookies using Reflected XSS via graph results |
| CVE-2023-23659 | 2023-02-23 | WordPress MainWP Matomo Extension Plugin <= 4.0.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-0867 | 2023-02-23 | Multiple stored and reflected Cross-site Scripting in webapp |
| CVE-2023-0815 | 2023-02-23 | Plaintext Password Present in the Web logs |
| CVE-2023-24384 | 2023-02-23 | WordPress Organization chart Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-24415 | 2023-02-23 | WordPress AI ChatBot plugin <= 4.2.8 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-0986 | 2023-02-23 | SourceCodester Sales Tracker Management System Edit User sql injection |
| CVE-2023-0987 | 2023-02-23 | SourceCodester Online Pizza Ordering System cross site scripting |
| CVE-2023-0988 | 2023-02-23 | SourceCodester Online Pizza Ordering System cross-site request forgery |
| CVE-2022-48342 | 2023-02-23 | In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default... |
| CVE-2022-48343 | 2023-02-23 | In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability... |
| CVE-2022-48344 | 2023-02-23 | In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability... |
| CVE-2023-22476 | 2023-02-23 | MantisBT: Exposure of Private issues' summary to unauthorized users |
| CVE-2023-0755 | 2023-02-23 | The affected products are vulnerable to an improper validation of... |
| CVE-2023-0754 | 2023-02-23 | The affected products are vulnerable to an integer overflow or... |
| CVE-2023-25823 | 2023-02-23 | Gradio contains Use of Hard-coded Credentials |
| CVE-2023-25824 | 2023-02-23 | mod_gnutls contains Infinite Loop on request read timeout |
| CVE-2021-33224 | 2023-02-24 | File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers... |
| CVE-2021-33387 | 2023-02-24 | Cross Site Scripting Vulnerability in MiniCMS v.1.10 allows attacker to... |
| CVE-2021-34167 | 2023-02-24 | Cross Site Request Forgery (CSRF) vulnerability in taoCMS 3.0.2 allows... |
| CVE-2021-34249 | 2023-02-24 | SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers... |
| CVE-2021-35290 | 2023-02-24 | File Upload vulnerability in balerocms-src 0.8.3 allows remote attackers to... |
| CVE-2021-35369 | 2023-02-24 | Arbitrary File Read vulnerability found in Peacexie ImCat v.5.2 fixed... |
| CVE-2021-35370 | 2023-02-24 | An issue found in Peacexie Imcat v5.4 allows attackers to... |
| CVE-2022-44310 | 2023-02-24 | In Development IL ecdh before 0.2.0, an attacker can send... |
| CVE-2022-46440 | 2023-02-24 | ttftool v0.9.2 was discovered to contain a segmentation violation via... |
| CVE-2022-48345 | 2023-02-24 | sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities. |
| CVE-2023-0481 | 2023-02-24 | In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is... |
| CVE-2023-0595 | 2023-02-24 | A CWE-117: Improper Output Neutralization for Logs vulnerability exists that... |
| CVE-2023-0994 | 2023-02-24 | Exposure of Sensitive Information to an Unauthorized Actor in francoisjacquet/rosariosis |
| CVE-2023-0995 | 2023-02-24 | Cross-site Scripting (XSS) - Stored in unilogies/bumsys |
| CVE-2023-22425 | 2023-02-24 | Stored cross-site scripting vulnerability in Schedule function of SHIRASAGI v1.16.2... |
| CVE-2023-22427 | 2023-02-24 | Stored cross-site scripting vulnerability in Theme switching function of SHIRASAGI... |
| CVE-2023-23205 | 2023-02-24 | An issue was discovered in lib60870 v2.3.2. There is a... |
| CVE-2023-24189 | 2023-02-24 | An XML External Entity (XXE) vulnerability in urule v2.1.7 allows... |
| CVE-2023-0996 | 2023-02-24 | There is a vulnerability in the strided image data parsing... |
| CVE-2022-1607 | 2023-02-24 | Cross Site Scripting vulnerability in NE843 Pulsar Plus Controller |
| CVE-2023-26102 | 2023-02-24 | All versions of the package rangy are vulnerable to Prototype... |
| CVE-2023-0997 | 2023-02-24 | SourceCodester Moosikay E-Commerce System POST Parameter order.php sql injection |
| CVE-2023-0998 | 2023-02-24 | SourceCodester Alphaware Simple E-Commerce System Payment summary.php access control |
| CVE-2023-0999 | 2023-02-24 | SourceCodester Sales Tracker Management System cross-site request forgery |
| CVE-2023-1002 | 2023-02-24 | MuYuCMS index.php path traversal |
| CVE-2023-1003 | 2023-02-24 | Typora WSH JScript code injection |
| CVE-2023-1004 | 2023-02-24 | MarkText WSH JScript code injection |
| CVE-2023-1005 | 2023-02-24 | JP1016 Markdown-Electron code injection |
| CVE-2023-1006 | 2023-02-24 | SourceCodester Medical Certificate Generator App New Record cross site scripting |
| CVE-2023-1007 | 2023-02-24 | Twister Antivirus IoControlCode filmfd.sys 0x801120E4 access control |
| CVE-2023-1008 | 2023-02-24 | Twister Antivirus IoControlCode filmfd.sys 0x801120E4 denial of service |
| CVE-2023-1009 | 2023-02-24 | DrayTek Vigor 2960 Web Management Interface mainfunction.cgi sub_1DF14 path traversal |
| CVE-2023-1010 | 2023-02-24 | vox2png vox2png.c heap-based overflow |
| CVE-2021-4105 | 2023-02-24 | Unauthenticated Remote Code Execution on COSLAT Firewall |
| CVE-2023-25691 | 2023-02-24 | Apache Airflow Google Provider: Google Cloud Sql Provider Remote Command Execution |
| CVE-2023-25692 | 2023-02-24 | Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service |
| CVE-2023-25693 | 2023-02-24 | Sqoop Apache Airflow Provider Remote Code Execution Vulnerability |
| CVE-2023-25696 | 2023-02-24 | Apache Airflow Hive Provider Beeline RCE |
| CVE-2023-25956 | 2023-02-24 | Apache Airflow AWS Provider: Arbitrary file read via AWS provider |
| CVE-2021-3855 | 2023-02-24 | Command Injection in Liman Central Management System |
| CVE-2022-43923 | 2023-02-24 | IBM Maximo Application Suite 8.8.0 and 8.9.0 stores potentially sensitive... |
| CVE-2023-0585 | 2023-02-24 | The All in One SEO Pack plugin for WordPress is... |
| CVE-2023-0586 | 2023-02-24 | The All in One SEO Pack plugin for WordPress is... |
| CVE-2022-4203 | 2023-02-24 | X.509 Name Constraints Read Buffer Overflow |
| CVE-2023-1029 | 2023-02-24 | The WP Meta SEO plugin for WordPress is vulnerable to... |
| CVE-2023-1030 | 2023-02-24 | SourceCodester/code-projects Online Boat Reservation System POST Parameter login.php cross site scripting |
| CVE-2022-23535 | 2023-02-24 | LiteDB contains Deserialization of Untrusted Data |
| CVE-2023-25816 | 2023-02-24 | nextcloud vulnerable to Uncontrolled Resource Consumption |
| CVE-2023-26033 | 2023-02-24 | Gentoo soko contains DoS attack based on SQL Injection |
| CVE-2023-25821 | 2023-02-24 | Nextcloud download permissions can be changed by resharer |
| CVE-2022-2024 | 2023-02-25 | OS Command Injection in gogs/gogs |
| CVE-2022-48362 | 2023-02-25 | Zoho ManageEngine Desktop Central and Desktop Central MSP before 10.1.2137.2... |
| CVE-2023-1033 | 2023-02-25 | Cross-Site Request Forgery (CSRF) in froxlor/froxlor |
| CVE-2023-1034 | 2023-02-25 | Path Traversal: '\..\filename' in salesagility/suitecrm |
| CVE-2023-26544 | 2023-02-25 | In the Linux kernel 6.0.8, there is a use-after-free in... |
| CVE-2023-26545 | 2023-02-25 | In the Linux kernel before 6.1.13, there is a double... |
| CVE-2023-26550 | 2023-02-25 | A SQL injection vulnerability in BMC Control-M before 9.0.20.214 allows... |
| CVE-2023-25825 | 2023-02-25 | ZoneMinder contains Cross-site Scripting via log viewing |
| CVE-2023-26032 | 2023-02-25 | ZoneMinder contains SQL injection via malicious Jason Web Token |
| CVE-2023-26034 | 2023-02-25 | ZoneMinder SQL Injection |
| CVE-2023-26035 | 2023-02-25 | ZoneMinder vulnerable to Missing Authorization |
| CVE-2023-26036 | 2023-02-25 | ZoneMinder contains Local File Inclusion vulnerability |
| CVE-2023-26037 | 2023-02-25 | ZoneMinder contains SQL Injection via report_event_audit |
| CVE-2023-26038 | 2023-02-25 | ZoneMinder contains Local File Inclusion vulnerability via `web/ajax/modal.php` |
| CVE-2023-26039 | 2023-02-25 | ZoneMinder vulnerable to OS Command injection in daemonControl() API |
| CVE-2023-26103 | 2023-02-25 | Versions of the package deno before 1.31.0 are vulnerable to... |
| CVE-2023-26104 | 2023-02-25 | All versions of the package lite-web-server are vulnerable to Denial... |
| CVE-2023-1035 | 2023-02-25 | SourceCodester Clinics Patient Management System update_user.php sql injection |
| CVE-2021-3329 | 2023-02-26 | DOS: Incorrect handling of the initial HCI ACL_MTU handshake packet leads to crash of bluetooth host layer |
| CVE-2022-48363 | 2023-02-26 | In MPD before 0.23.8, as used on Automotive Grade Linux... |
| CVE-2023-26091 | 2023-02-26 | The frp_form_answers (aka Forms Export) extension before 3.1.2, and 4.x... |
| CVE-2023-26602 | 2023-02-26 | ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to... |
| CVE-2023-26605 | 2023-02-26 | In the Linux kernel 6.0.8, there is a use-after-free in... |
| CVE-2023-26606 | 2023-02-26 | In the Linux kernel 6.0.8, there is a use-after-free in... |
| CVE-2023-26607 | 2023-02-26 | In the Linux kernel 6.0.8, there is an out-of-bounds read... |
| CVE-2019-25105 | 2023-02-26 | dro.pm fileman.php cross site scripting |
| CVE-2023-1036 | 2023-02-26 | SourceCodester Dental Clinic Appointment Reservation System POST Parameter signup.php cross site scripting |
| CVE-2023-1037 | 2023-02-26 | SourceCodester Dental Clinic Appointment Reservation System POST Parameter login.php sql injection |
| CVE-2023-1038 | 2023-02-26 | SourceCodester Online Reviewer Management System questions-view.php sql injection |
| CVE-2023-1039 | 2023-02-26 | SourceCodester Class and Exam Timetabling System POST Parameter index3.php sql injection |
| CVE-2023-1040 | 2023-02-26 | SourceCodester Online Graduate Tracer System add_acc.php sql injection |
| CVE-2023-1041 | 2023-02-26 | SourceCodester Simple Responsive Tourism Website rate_review.php cross site scripting |
| CVE-2023-1042 | 2023-02-26 | SourceCodester Online Pet Shop We App update_status.php cross site scripting |