CVE List - 2023 / March
Showing 1101 - 1200 of 2488 CVEs for March 2023 (Page 12 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-1433 | 2023-03-16 | SourceCodester Gadget Works Online Ordering System Products unrestricted upload |
| CVE-2021-36821 | 2023-03-16 | WordPress Forminator plugin <= 1.14.11 - Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2023-28104 | 2023-03-16 | silverstripe/graphql Denial of Service vulnerability |
| CVE-2023-28100 | 2023-03-16 | TIOCLINUX can send commands outside sandbox if running on a virtual console |
| CVE-2023-28101 | 2023-03-16 | Flatpak metadata with ANSI control codes can cause misleading terminal output |
| CVE-2023-28110 | 2023-03-16 | JumpServer Koko vulnerable to Command Injection for Kubernetes Connection |
| CVE-2023-28105 | 2023-03-16 | Go-huge-util vulnerable to path traversal when unzipping files |
| CVE-2023-28106 | 2023-03-16 | Pimcore vulnerable to Cross-site Scripting in UrlSlug Data type |
| CVE-2023-28108 | 2023-03-16 | Pimcore has improper quoting of columns when calling methods "getByUuid" & "exists" on UUID Model |
| CVE-2023-28109 | 2023-03-16 | Play With Docker vulnerable to Authorization Bypass Through User-Controlled Key |
| CVE-2023-0811 | 2023-03-16 | Omron CJ1M unit v4.0 and prior has improper access controls... |
| CVE-2023-1256 | 2023-03-16 | CVE-2023-1256 |
| CVE-2023-0598 | 2023-03-16 | GE Digital Proficy Code Injection |
| CVE-2022-43606 | 2023-03-16 | A use-of-uninitialized-pointer vulnerability exists in the Forward Open connection_management_entry functionality... |
| CVE-2022-43441 | 2023-03-16 | A code execution vulnerability exists in the Statement Bindings functionality... |
| CVE-2022-43604 | 2023-03-16 | An out-of-bounds write vulnerability exists in the GetAttributeList attribute_count_request functionality... |
| CVE-2022-43605 | 2023-03-16 | An out-of-bounds write vulnerability exists in the SetAttributeList attribute_count_request functionality... |
| CVE-2023-23935 | 2023-03-16 | Presence of restricted personal Discourse messages may be leaked if tagged with a tag |
| CVE-2023-27494 | 2023-03-16 | Streamlit Cross-site Scripting vulnerability |
| CVE-2023-1436 | 2023-03-16 | Infinite recursion in Jettison leads to denial of service when creating a crafted JSONArray |
| CVE-2023-28531 | 2023-03-17 | ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent... |
| CVE-2023-1463 | 2023-03-17 | Authorization Bypass Through User-Controlled Key in nilsteampassnet/teampass |
| CVE-2023-24678 | 2023-03-17 | A vulnerability in Centralite Pearl Thermostat 0x04075010 allows attackers to... |
| CVE-2023-27253 | 2023-03-17 | A command injection vulnerability in the function restore_rrddata() of Netgate... |
| CVE-2021-21548 | 2023-03-17 | Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC... |
| CVE-2023-1439 | 2023-03-17 | SourceCodester Medicine Tracker System GET Parameter view_details.php sql injection |
| CVE-2023-1440 | 2023-03-17 | SourceCodester Automatic Question Paper Generator System GET Parameter manage_user.php sql injection |
| CVE-2023-1441 | 2023-03-17 | SourceCodester Automatic Question Paper Generator System GET Parameter view_course.php sql injection |
| CVE-2023-1442 | 2023-03-17 | Meizhou Qingyunke QYKCMS Update api.php unrestricted upload |
| CVE-2023-1443 | 2023-03-17 | Filseclab Twister Antivirus IoControlCode fildds.sys 0x80112053 denial of service |
| CVE-2023-1444 | 2023-03-17 | Filseclab Twister Antivirus IoControlCode fildds.sys 0x8011206B denial of service |
| CVE-2023-1445 | 2023-03-17 | Filseclab Twister Antivirus IoControlCode fildds.sys 0x80112053 denial of service |
| CVE-2023-1446 | 2023-03-17 | Watchdog Anti-Virus IoControlCode wsdk-driver.sys 0x80002008 denial of service |
| CVE-2023-1447 | 2023-03-17 | SourceCodester Medicine Tracker System cross site scripting |
| CVE-2023-1448 | 2023-03-17 | GPAC mpegts.c gf_m2ts_process_sdt heap-based overflow |
| CVE-2023-1449 | 2023-03-17 | GPAC av_parsers.c gf_av1_reset_state double free |
| CVE-2023-1450 | 2023-03-17 | MP4v2 mp4trackdump.cpp DumpTrack denial of service |
| CVE-2023-1451 | 2023-03-17 | MP4v2 mp4track.cpp GetSampleFileOffset denial of service |
| CVE-2023-1452 | 2023-03-17 | GPAC load_text.c buffer overflow |
| CVE-2023-1453 | 2023-03-17 | Watchdog Anti-Virus IoControlCode wsdk-driver.sys 0x80002008 access control |
| CVE-2023-1454 | 2023-03-17 | jeecg-boot qurestSql sql injection |
| CVE-2023-1455 | 2023-03-17 | SourceCodester Online Pizza Ordering System Login Page sql injection |
| CVE-2023-1459 | 2023-03-17 | SourceCodester Canteen Management System changeUsername.php sql injection |
| CVE-2023-1460 | 2023-03-17 | SourceCodester Online Pizza Ordering System Password Change improper authentication |
| CVE-2023-1461 | 2023-03-17 | SourceCodester Canteen Management System createCategories.php query sql injection |
| CVE-2023-1152 | 2023-03-17 | SQLi in Utarit Persolus |
| CVE-2023-1464 | 2023-03-17 | SourceCodester Medicine Tracker System improper authentication |
| CVE-2023-1466 | 2023-03-17 | SourceCodester Student Study Center Desk Management System view_student sql injection |
| CVE-2023-1467 | 2023-03-17 | SourceCodester Student Study Center Desk Management System POST Parameter path traversal |
| CVE-2023-1468 | 2023-03-17 | SourceCodester Student Study Center Desk Management System Report sql injection |
| CVE-2023-1172 | 2023-03-17 | The Bookly plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2023-1469 | 2023-03-17 | The WP Express Checkout plugin for WordPress is vulnerable to... |
| CVE-2023-1471 | 2023-03-17 | The WP Popup Banners plugin for WordPress is vulnerable to... |
| CVE-2023-1470 | 2023-03-17 | The eCommerce Product Catalog plugin for WordPress is vulnerable to... |
| CVE-2022-43461 | 2023-03-17 | WordPress Slideshow SE Plugin <= 2.5.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-45814 | 2023-03-17 | WordPress WP Calendar Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-45817 | 2023-03-17 | WordPress GC Testimonials Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23622 | 2023-03-17 | Discourse: Presence of read restricted topics may be leaked if tagged with a tag that is visible to all users |
| CVE-2023-1472 | 2023-03-17 | The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable... |
| CVE-2023-1474 | 2023-03-17 | SourceCodester Automatic Question Paper Generator System GET Parameter manage_question_paper.php sql injection |
| CVE-2023-1475 | 2023-03-17 | SourceCodester Canteen Management System createuser.php query sql injection |
| CVE-2023-26040 | 2023-03-17 | Discourse chat messages susceptible to Cross-site Scripting through chat excerpts |
| CVE-2022-46854 | 2023-03-17 | WordPress Launchpad – Coming Soon & Maintenance Mode Plugin Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-46867 | 2023-03-17 | WordPress Universal Star Rating Plugin <= 2.1.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-25172 | 2023-03-17 | Discourse vulnerable to Cross-site Scripting - user name displayed on post |
| CVE-2023-28107 | 2023-03-17 | Discourse vulnerable to multisite DoS by spamming backups |
| CVE-2023-0027 | 2023-03-17 | Rockwell Automation Modbus TCP AOI Server Could Leak Sensitive Information |
| CVE-2023-28111 | 2023-03-17 | Discourse vulnerable to SSRF protection bypass possible with IPv4-mapped IPv6 addresses |
| CVE-2023-28112 | 2023-03-17 | Discourse's SSRF protection missing for some FastImage requests |
| CVE-2023-27592 | 2023-03-17 | Stored XSS in Miniflux when opening a broken image due to unescaped ServerError in proxy handler |
| CVE-2023-27591 | 2023-03-17 | Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics |
| CVE-2023-27593 | 2023-03-17 | cilium-agent container can access the host via `hostPath` mount |
| CVE-2023-27594 | 2023-03-17 | Cilium vulnerable to potential network policy bypass when routing IPv6 traffic |
| CVE-2023-25069 | 2023-03-17 | TXOne StellarOne has an improper access control privilege escalation vulnerability... |
| CVE-2023-27595 | 2023-03-17 | Cilium eBPF filters may be temporarily removed during agent restart |
| CVE-2023-28115 | 2023-03-17 | Snappy vulnerable to PHAR deserialization, allowing remote code execution |
| CVE-2023-28116 | 2023-03-17 | Buffer overflow in L2CAP due to misconfigured MTU |
| CVE-2021-46877 | 2023-03-18 | jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1... |
| CVE-2023-24278 | 2023-03-18 | Squidex before 7.4.0 was discovered to contain a squid.svg cross-site... |
| CVE-2023-28606 | 2023-03-18 | js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node... |
| CVE-2023-28607 | 2023-03-18 | js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph... |
| CVE-2023-28609 | 2023-03-18 | api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication. |
| CVE-2023-26113 | 2023-03-18 | Versions of the package collection.js before 6.8.1 are vulnerable to... |
| CVE-2023-1479 | 2023-03-18 | SourceCodester Simple Music Player save_music.php unrestricted upload |
| CVE-2023-1480 | 2023-03-18 | SourceCodester Monitoring of Students Cyber Accounts System POST Parameter login.php sql injection |
| CVE-2023-1481 | 2023-03-18 | SourceCodester Monitoring of Students Cyber Accounts System POST Parameter cross site scripting |
| CVE-2023-1482 | 2023-03-18 | HkCms External Plugin code injection |
| CVE-2023-1483 | 2023-03-18 | XiaoBingBy TeaCMS getallarticleinfo sql injection |
| CVE-2023-1484 | 2023-03-18 | xzjie cms upload unrestricted upload |
| CVE-2023-1485 | 2023-03-18 | SourceCodester Young Entrepreneur E-Negosyo System GET Parameter index.php cross site scripting |
| CVE-2023-1486 | 2023-03-18 | Lespeed WiseCleaner Wise Force Deleter IoControlCode WiseUnlock64.sys 0x220004 access control |
| CVE-2023-1487 | 2023-03-18 | Lespeed WiseCleaner Wise System Monitor IoControlCode WiseHDInfo64.dll 0x9C40A0E0 denial of service |
| CVE-2023-1488 | 2023-03-18 | Lespeed WiseCleaner Wise System Monitor IoControlCode WiseHDInfo64.dll 0x9C40A0E0 denial of service |
| CVE-2023-1489 | 2023-03-18 | Lespeed WiseCleaner Wise System Monitor IoControlCode WiseHDInfo64.dll 0x9C402088 access control |
| CVE-2023-1490 | 2023-03-18 | Max Secure Anti Virus Plus IoControlCode SDActMon.sys 0x220020 access control |
| CVE-2023-1491 | 2023-03-18 | Max Secure Anti Virus Plus IoControlCode MaxCryptMon.sys 0x220020 access control |
| CVE-2023-1492 | 2023-03-18 | Max Secure Anti Virus Plus IoControlCode MaxProc64.sys 0x220019 denial of service |
| CVE-2023-1493 | 2023-03-18 | Max Secure Anti Virus Plus IoControlCode MaxProctetor64.sys 0x220019 denial of service |
| CVE-2023-1494 | 2023-03-18 | IBOS ApiController.php sql injection |
| CVE-2023-1495 | 2023-03-18 | Rebuild list queryListOfConfig sql injection |