CVE List - 2023 / February
Showing 501 - 600 of 2164 CVEs for February 2023 (Page 6 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-21948 | 2023-02-07 | paste: XSS on the image upload function |
| CVE-2022-21953 | 2023-02-07 | Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster |
| CVE-2022-24990 | 2023-02-07 | TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover... |
| CVE-2022-31249 | 2023-02-07 | [RANCHER] OS command injection in Rancher and Fleet |
| CVE-2022-31254 | 2023-02-07 | rmt-server-pubcloud allows to escalate from user _rmt to root |
| CVE-2022-38547 | 2023-02-07 | A post-authentication command injection vulnerability in the CLI command of... |
| CVE-2022-40480 | 2023-02-07 | Nordic Semiconductor, Microchip Technology NRF5340-DK DT100112 was discovered to contain... |
| CVE-2022-43755 | 2023-02-07 | Rancher: Non-random authentication token |
| CVE-2022-43756 | 2023-02-07 | Rancher/Wrangler: Denial of service when processing Git credentials |
| CVE-2022-43757 | 2023-02-07 | Rancher: Exposure of sensitive fields |
| CVE-2022-43758 | 2023-02-07 | Rancher: Command injection in Git package |
| CVE-2022-43759 | 2023-02-07 | Rancher: Privilege escalation via promoted roles |
| CVE-2022-45190 | 2023-02-07 | An issue was discovered on Microchip RN4870 1.43 devices. An... |
| CVE-2022-45191 | 2023-02-07 | An issue was discovered on Microchip RN4870 1.43 devices. An... |
| CVE-2022-45192 | 2023-02-07 | An issue was discovered on Microchip RN4870 1.43 devices. An... |
| CVE-2022-45441 | 2023-02-07 | A cross-site scripting (XSS) vulnerability in Zyxel NBG-418N v2 firmware... |
| CVE-2022-45768 | 2023-02-07 | Command Injection vulnerability in Edimax Technology Co., Ltd. Wireless Router... |
| CVE-2022-46285 | 2023-02-07 | A flaw was found in libXpm. This issue occurs when... |
| CVE-2022-46663 | 2023-02-07 | In GNU Less before 609, crafted data can result in... |
| CVE-2022-4883 | 2023-02-07 | A flaw was found in libXpm. When processing files with... |
| CVE-2023-0698 | 2023-02-07 | Out of bounds read in WebRTC in Google Chrome prior... |
| CVE-2023-0699 | 2023-02-07 | Use after free in GPU in Google Chrome prior to... |
| CVE-2023-0700 | 2023-02-07 | Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77... |
| CVE-2023-0704 | 2023-02-07 | Insufficient policy enforcement in DevTools in Google Chrome prior to... |
| CVE-2023-0705 | 2023-02-07 | Integer overflow in Core in Google Chrome prior to 110.0.5481.77... |
| CVE-2023-0735 | 2023-02-07 | Cross-Site Request Forgery (CSRF) in wallabag/wallabag |
| CVE-2023-0736 | 2023-02-07 | Cross-site Scripting (XSS) - Stored in wallabag/wallabag |
| CVE-2023-22643 | 2023-02-07 | libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls |
| CVE-2023-23011 | 2023-02-07 | Cross Site Scripting (XSS) vulnerability in InvoicePlane 1.6 via filter_product... |
| CVE-2023-23026 | 2023-02-07 | Cross site scripting (XSS) vulnerability in sourcecodester oretnom23 sales management... |
| CVE-2023-24808 | 2023-02-07 | Denial Of Service when opening a corrupt PDF file in pdfio |
| CVE-2023-24827 | 2023-02-07 | Credential disclosure in syft when SYFT_ATTEST_PASSWORD environment variable set in syft |
| CVE-2022-42291 | 2023-02-07 | NVIDIA GeForce Experience contains a vulnerability in the installer, where... |
| CVE-2022-31611 | 2023-02-07 | NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in... |
| CVE-2022-42292 | 2023-02-07 | NVIDIA GeForce Experience contains a vulnerability in the NVContainer component,... |
| CVE-2023-0706 | 2023-02-07 | SourceCodester Medical Certificate Generator App manage_record.php sql injection |
| CVE-2023-23696 | 2023-02-07 | Dell Command Intel vPro Out of Band, versions prior to... |
| CVE-2015-10074 | 2023-02-07 | OpenSeaMap online_chart index.php init cross site scripting |
| CVE-2015-10075 | 2023-02-07 | Custom-Content-Width custom-content-width.php register_settings cross site scripting |
| CVE-2023-0707 | 2023-02-07 | SourceCodester Medical Certificate Generator App function.php delete_record sql injection |
| CVE-2022-40691 | 2023-02-07 | An information disclosure vulnerability exists in the web application functionality... |
| CVE-2022-41311 | 2023-02-07 | A stored cross-site scripting vulnerability exists in the web application... |
| CVE-2022-41312 | 2023-02-07 | A stored cross-site scripting vulnerability exists in the web application... |
| CVE-2022-41313 | 2023-02-07 | A stored cross-site scripting vulnerability exists in the web application... |
| CVE-2022-40224 | 2023-02-07 | A denial of service vulnerability exists in the web server... |
| CVE-2022-40693 | 2023-02-07 | A cleartext transmission vulnerability exists in the web application functionality... |
| CVE-2011-10002 | 2023-02-07 | weblabyrinth labyrinth.inc.php Labyrinth sql injection |
| CVE-2023-24813 | 2023-02-07 | URI validation failure on SVG parsing. Bypass of CVE-2023-23924 |
| CVE-2023-24814 | 2023-02-07 | Persisted Cross-Site Scripting in Frontend Rendering in typo3 |
| CVE-2023-22735 | 2023-02-07 | User uploads proxied from S3 lack `Content-Security-Policy` headers, may be served with `Content-Disposition: inline` in zulip |
| CVE-2023-25194 | 2023-02-07 | Apache Kafka Connect API: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration using Kafka Connect |
| CVE-2022-47412 | 2023-02-07 | ONLYOFFICE Workspace Search Stored XSS |
| CVE-2023-0732 | 2023-02-07 | SourceCodester Online Eyewear Shop POST Request Users.php registration cross site scripting |
| CVE-2023-23931 | 2023-02-07 | Cipher.update_into can corrupt memory in pyca cryptography |
| CVE-2011-10003 | 2023-02-07 | XpressEngine Update Query sql injection |
| CVE-2023-0728 | 2023-02-07 | The Wicked Folders plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-0713 | 2023-02-07 | The Wicked Folders plugin for WordPress is vulnerable to authorization... |
| CVE-2022-47415 | 2023-02-07 | LogicalDOC Messaging Stored XSS |
| CVE-2022-47413 | 2023-02-07 | Given a malicious document provided by an attacker, the OpenKM... |
| CVE-2022-47414 | 2023-02-07 | If an attacker has access to the console for OpenKM... |
| CVE-2022-47416 | 2023-02-07 | LogicalDOC Chat Stored XSS |
| CVE-2022-47419 | 2023-02-07 | Mayan EDMS Tag XSS |
| CVE-2022-47417 | 2023-02-07 | LogicalDOC Document File Name Stored XSS |
| CVE-2022-47418 | 2023-02-07 | LogicalDOC Document Version Comment Stored XSS |
| CVE-2023-0731 | 2023-02-07 | The Interactive Geo Maps plugin for WordPress is vulnerable to... |
| CVE-2023-0727 | 2023-02-07 | The Wicked Folders plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-0730 | 2023-02-07 | The Wicked Folders plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-0719 | 2023-02-07 | The Wicked Folders plugin for WordPress is vulnerable to authorization... |
| CVE-2023-0712 | 2023-02-07 | The Wicked Folders plugin for WordPress is vulnerable to authorization... |
| CVE-2023-0723 | 2023-02-07 | The Wicked Folders plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-0718 | 2023-02-07 | The Wicked Folders plugin for WordPress is vulnerable to authorization... |
| CVE-2023-24828 | 2023-02-07 | Use of Cryptographically Weak Pseudo-Random Number Generator in Onedev |
| CVE-2022-38777 | 2023-02-08 | An issue was discovered in the rollback feature of Elastic... |
| CVE-2022-38778 | 2023-02-08 | A flaw (CVE-2022-38900) was discovered in one of Kibana’s third... |
| CVE-2022-45526 | 2023-02-08 | SQL Injection vulnerability in Future-Depth Institutional Management Website (IMS) 1.0,... |
| CVE-2022-45527 | 2023-02-08 | File upload vulnerability in Future-Depth Institutional Management Website (IMS) 1.0,... |
| CVE-2022-45755 | 2023-02-08 | Cross-site scripting (XSS) vulnerability in EyouCMS v1.6.0 allows attackers to... |
| CVE-2022-45982 | 2023-02-08 | thinkphp 6.0.0~6.0.13 and 6.1.0~6.1.1 contains a deserialization vulnerability. This vulnerability... |
| CVE-2022-47648 | 2023-02-08 | An Improper Access Control vulnerability allows an attacker to access... |
| CVE-2023-0739 | 2023-02-08 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in answerdev/answer |
| CVE-2023-0740 | 2023-02-08 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-0741 | 2023-02-08 | Cross-site Scripting (XSS) - DOM in answerdev/answer |
| CVE-2023-0742 | 2023-02-08 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-0743 | 2023-02-08 | Cross-site Scripting (XSS) - Generic in answerdev/answer |
| CVE-2023-0744 | 2023-02-08 | Improper Access Control in answerdev/answer |
| CVE-2023-0747 | 2023-02-08 | Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver |
| CVE-2023-0748 | 2023-02-08 | Open Redirect in btcpayserver/btcpayserver |
| CVE-2023-25396 | 2023-02-08 | Privilege escalation in the MSI repair functionality in Caphyon Advanced... |
| CVE-2023-0716 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to authorization... |
| CVE-2023-0720 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to authorization... |
| CVE-2023-0685 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-0724 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-0725 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-0717 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to authorization... |
| CVE-2023-0711 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to authorization... |
| CVE-2023-0715 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to authorization... |
| CVE-2023-0684 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to authorization... |
| CVE-2023-0722 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2023-0726 | 2023-02-08 | The Wicked Folders plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2022-2094 | 2023-02-08 | Yellow Yard Searchbar < 2.8.2 - Reflected Cross-Site Scripting |