CVE List - 2023 / February
Showing 401 - 500 of 2164 CVEs for February 2023 (Page 5 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-47326 | 2023-02-06 | In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. |
| CVE-2022-47327 | 2023-02-06 | In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. |
| CVE-2022-47328 | 2023-02-06 | In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. |
| CVE-2022-47329 | 2023-02-06 | In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. |
| CVE-2022-47330 | 2023-02-06 | In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. |
| CVE-2022-47450 | 2023-02-06 | In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. |
| CVE-2022-47332 | 2023-02-06 | In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. |
| CVE-2022-47333 | 2023-02-06 | In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. |
| CVE-2022-44421 | 2023-02-06 | In wlan driver, there is a possible missing permission check. This could lead to local In wlan driver, information disclosure. |
| CVE-2022-44447 | 2023-02-06 | In wlan driver, there is a possible null pointer dereference issue due to a missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-47363 | 2023-02-06 | In wlan driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-47364 | 2023-02-06 | In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-47365 | 2023-02-06 | In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-47366 | 2023-02-06 | In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-47367 | 2023-02-06 | In bluetooth driver, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-47368 | 2023-02-06 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| CVE-2022-47369 | 2023-02-06 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| CVE-2022-47370 | 2023-02-06 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| CVE-2022-47371 | 2023-02-06 | In bt driver, there is a thread competition leads to early release of resources to be accessed. This could lead to local denial of service in kernel. |
| CVE-2022-47451 | 2023-02-06 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| CVE-2022-47452 | 2023-02-06 | In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-27628 | 2023-02-06 | WordPress WZone – Lite Version Plugin <= 3.1 Lite is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-29416 | 2023-02-06 | WordPress Afterpay Gateway for WooCommerce Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-0679 | 2023-02-06 | SourceCodester Canteen Management System removeUser.php sql injection |
| CVE-2020-36660 | 2023-02-06 | paxswill EVE Ship Replacement Program User Information api.py information disclosure |
| CVE-2022-2933 | 2023-02-06 | The 0mk Shortener plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on the... |
| CVE-2022-4902 | 2023-02-06 | eXo Chat Application Mention ExoChatMessageComposer.vue cross site scripting |
| CVE-2023-0686 | 2023-02-06 | SourceCodester Online Eyewear Shop HTTP POST Request update_cart sql injection |
| CVE-2022-40196 | 2023-02-06 | Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 and Intel C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow... |
| CVE-2022-38136 | 2023-02-06 | Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler for Windows and Intel Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow... |
| CVE-2022-41342 | 2023-02-06 | Improper buffer restrictions in the Intel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of... |
| CVE-2023-0669 | 2023-02-06 | Fortra GoAnywhere MFT License Response Servlet Command Injection |
| CVE-2023-23944 | 2023-02-06 | Nexcloud Mail app temporarily stores cleartext password in database |
| CVE-2023-0178 | 2023-02-06 | Annual Archive < 1.6.0 - Contributor+ Stored XSS |
| CVE-2022-4577 | 2023-02-06 | Easy Testimonials < 3.9.3 - Contributor+ Stored XSS |
| CVE-2022-4824 | 2023-02-06 | WP Blog and Widget < 2.3.1 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0154 | 2023-02-06 | GamiPress – Vimeo integration < 1.0.9 - Contributor+ Stored XSS |
| CVE-2022-4664 | 2023-02-06 | Logo Slider < 3.6.0 - Contributor+ Stored XSS in Shortcode |
| CVE-2023-0070 | 2023-02-06 | ResponsiveVoice Text To Speech < 1.7.7 - Contributor+ Stored XSS |
| CVE-2022-4756 | 2023-02-06 | YouTube Channel < 3.23.0 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0174 | 2023-02-06 | WP VR < 8.2.7 - Contributor+ Stored XSS |
| CVE-2022-4717 | 2023-02-06 | Strong Testimonials < 3.0.3 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4384 | 2023-02-06 | Stream < 3.9.2 - Subscriber+ Alert Creation |
| CVE-2023-0143 | 2023-02-06 | Send PDF for Contact Form 7 < 0.9.9.2 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4825 | 2023-02-06 | WP-ShowHide < 1.05 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4833 | 2023-02-06 | YourChannel: Everything you want in a YouTube plugin < 1.2.3 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4838 | 2023-02-06 | Clean Login < 1.13.7 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4681 | 2023-02-06 | Hide My WP < 6.2.9 - Unauthenticated SQLi |
| CVE-2023-0236 | 2023-02-06 | Tutor LMS < 2.0.10 - Reflected Cross-Site Scripting |
| CVE-2023-0148 | 2023-02-06 | Gallery Factory Lite <= 2.0.0 - Contributor+ Stored XSS |
| CVE-2023-0095 | 2023-02-06 | Page View Count < 2.6.1 - Contributor+ Stored XSS |
| CVE-2022-4674 | 2023-02-06 | Ibtana – WordPress Website Builder < 1.1.8.8 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0282 | 2023-02-06 | YourChannel < 1.2.2 - Subscriber+ Stored XSS |
| CVE-2022-4459 | 2023-02-06 | WP Show Posts < 1.1.4 - Contributor+ Stored XSS |
| CVE-2023-0144 | 2023-02-06 | Event Manager and Tickets Selling Plugin for WooCommerce < 3.8.0 - Contributor+ Stored XSS |
| CVE-2022-4321 | 2023-02-06 | PDF Generator for WordPress < 1.1.2 - Reflected XSS |
| CVE-2023-0153 | 2023-02-06 | Vimeo Video Autoplay Automute <= 1.0 - Contributor+ Stored XSS |
| CVE-2023-0082 | 2023-02-06 | ExactMetrics < 7.12.1 - Contributor+ Stored XSS |
| CVE-2023-0149 | 2023-02-06 | WordPrezi < 0.9 - Contributor+ Strored XSS |
| CVE-2022-4747 | 2023-02-06 | Post Category Image With Grid and Slider < 1.4.8 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0173 | 2023-02-06 | WPFunnels < 2.6.9 - Contributor+ Stored XSS |
| CVE-2023-0234 | 2023-02-06 | SiteGround Security < 1.3.1 - Admin+ SQLi |
| CVE-2023-0062 | 2023-02-06 | EAN for WooCommerce < 4.4.3 - Contributor+ Stored XSS |
| CVE-2023-0170 | 2023-02-06 | Html5 Audio Player < 2.1.12 - Contributor+ Stored XSS |
| CVE-2023-0146 | 2023-02-06 | Naver Map <= 1.1.0 - Contributor+ Stored XSS |
| CVE-2023-0150 | 2023-02-06 | Cloak Front End Email < 1.9.2 - Contributor+ Stored XSS |
| CVE-2023-0081 | 2023-02-06 | MonsterInsights < 8.12.1 - Contributor+ Stored XSS |
| CVE-2022-4836 | 2023-02-06 | Breadcrumb < 1.5.33 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0096 | 2023-02-06 | Happyforms < 1.22.0 - Contributor+ Stored XSS |
| CVE-2022-4677 | 2023-02-06 | Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) < 3.12.7 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0147 | 2023-02-06 | Flexible Captcha <= 4.1 - Contributor+ Stored XSS |
| CVE-2023-0171 | 2023-02-06 | jQuery T(-) Countdown Widget < 2.3.24 - Contributor+ Stored XSS |
| CVE-2022-4657 | 2023-02-06 | Restaurant Menu < 2.3.6 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4670 | 2023-02-06 | PDF.js Viewer < 2.1.8 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4762 | 2023-02-06 | Materialis Companion < 1.3.40 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4826 | 2023-02-06 | Simple Tooltips < 2.1.4 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0176 | 2023-02-06 | Giveaways and Contests by RafflePress < 1.11.3 - Contributor+ Stored XSS |
| CVE-2023-0072 | 2023-02-06 | WC Vendors Marketplace < 2.4.5 - Contributor+ Stored XSS |
| CVE-2022-4489 | 2023-02-06 | WOOF - Products Filter for WooCommerce < 1.3.2 - Admin+ PHP Object Injection |
| CVE-2023-0252 | 2023-02-06 | Contextual Related Posts < 3.3.1 - Contributor+ Stored XSS |
| CVE-2022-4626 | 2023-02-06 | PPWP – WordPress Password Protect Page < 1.8.6 - Contributor+ Stored XSS in Shortcode |
| CVE-2015-10073 | 2023-02-06 | tinymighty WikiSEO Meta Property Tag WikiSEO.body.php modifyHTML cross site scripting |
| CVE-2017-20177 | 2023-02-06 | WangGuard Plugin WGG User List wangguard-user-info.php wangguard_users_info cross site scripting |
| CVE-2022-41731 | 2023-02-06 | IBM Watson Knowledge Catalog on Cloud Pak SQL injection |
| CVE-2023-23943 | 2023-02-06 | Blind SSRF via server URL input in the Nextcloud Mail app |
| CVE-2023-23942 | 2023-02-06 | Self reflected HTML injection in Desktop client |
| CVE-2022-42439 | 2023-02-06 | IBM App Connect Enterprise information disclosure |
| CVE-2022-42444 | 2023-02-06 | IBM App Connect Enterprise denial of service |
| CVE-2022-3229 | 2023-02-06 | Because the web management interface for Unified Intents' Unified Remote solution does not itself require authentication, a remote, unauthenticated attacker can change or disable authentication requirements for the Unified Remote... |
| CVE-2022-45544 | 2023-02-07 | Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload arbitrary files and execute arbitrary code via the tristao parameter. NOTE: this is disputed by the... |
| CVE-2022-45854 | 2023-02-07 | An improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6.50(ABTG.0)C0, which could allow a LAN attacker to cause a temporary denial-of-service (DoS) by sending crafted VLAN... |
| CVE-2023-0696 | 2023-02-07 | Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2023-0697 | 2023-02-07 | Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML... |
| CVE-2023-0701 | 2023-02-07 | Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption... |
| CVE-2023-0702 | 2023-02-07 | Type confusion in Data Transfer in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption... |
| CVE-2023-0703 | 2023-02-07 | Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via... |
| CVE-2021-36471 | 2023-02-07 | Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs. Note: AdminLTE developers dispute that this a weakness with... |
| CVE-2021-37491 | 2023-02-07 | An issue discovered in src/wallet/wallet.cpp in Dogecoin Project Dogecoin Core 1.14.3 and earlier allows attackers to view sensitive information via CWallet::CreateTransaction() function. |
| CVE-2021-37492 | 2023-02-07 | An issue discovered in src/wallet/wallet.cpp in Ravencoin Core 4.3.2.1 and earlier allows attackers to view sensitive information via CWallet::CreateTransactionAll() function. |
| CVE-2022-21948 | 2023-02-07 | paste: XSS on the image upload function |