CVE List - 2023 / March
Showing 1401 - 1500 of 2488 CVEs for March 2023 (Page 15 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-28666 | 2023-03-22 | The InPost Gallery WordPress plugin, in versions < 2.2.2, is... |
| CVE-2023-28667 | 2023-03-22 | The Lead Generated WordPress Plugin, version <= 1.23, was affected... |
| CVE-2023-27857 | 2023-03-22 | Rockwell Automation ThinManager ThinServer Heap-Based Buffer Overflow |
| CVE-2023-28708 | 2023-03-22 | Apache Tomcat: JSESSIONID Cookie missing secure attribute in some configurations |
| CVE-2023-1562 | 2023-03-22 | Full name revealed via /plugins/focalboard/api/v2/users |
| CVE-2023-1556 | 2023-03-22 | SourceCodester Judging Management System summary_results.php sql injection |
| CVE-2023-1557 | 2023-03-22 | SourceCodester E-Commerce System Username access control |
| CVE-2023-1558 | 2023-03-22 | Simple and Beautiful Shopping Cart System uploadera.php unrestricted upload |
| CVE-2023-1559 | 2023-03-22 | SourceCodester Storage Unit Rental Management System unrestricted upload |
| CVE-2023-1560 | 2023-03-22 | TinyTIFF File tinytiffreader.c buffer overflow |
| CVE-2023-1561 | 2023-03-22 | code-projects Simple Online Hotel Reservation System add_room.php unrestricted upload |
| CVE-2023-1572 | 2023-03-22 | DataGear Plugin cross site scripting |
| CVE-2023-1563 | 2023-03-22 | SourceCodester Student Study Center Desk Management System assign.php sql injection |
| CVE-2023-1564 | 2023-03-22 | SourceCodester Air Cargo Management System GET Parameter update_status.php sql injection |
| CVE-2023-1574 | 2023-03-22 | Information disclosure in the user creation feature of a MSSQL... |
| CVE-2023-1565 | 2023-03-22 | FeiFeiCMS Extension Tool slide_add.html cross site scripting |
| CVE-2023-1281 | 2023-03-22 | UAF in Linux kernel's tcindex (traffic control index filter) implementation |
| CVE-2023-1566 | 2023-03-22 | SourceCodester Medical Certificate Generator App action.php sql injection |
| CVE-2023-1567 | 2023-03-22 | SourceCodester Student Study Center Desk Management System assign.php cross site scripting |
| CVE-2023-1568 | 2023-03-22 | SourceCodester Student Study Center Desk Management System GET Parameter index.php cross site scripting |
| CVE-2023-1569 | 2023-03-22 | SourceCodester E-Commerce System cross site scripting |
| CVE-2023-1570 | 2023-03-22 | syoyo tinydng tiny_dng_loader.h __interceptor_memcpy heap-based overflow |
| CVE-2023-1571 | 2023-03-22 | DataGear pagingQueryData sql injection |
| CVE-2023-1573 | 2023-03-22 | DataGear Graph Dataset cross site scripting |
| CVE-2023-0464 | 2023-03-22 | Excessive Resource Usage Verifying X.509 Policy Constraints |
| CVE-2023-1580 | 2023-03-22 | Uncontrolled resource consumption in the logging feature in Devolutions Gateway... |
| CVE-2023-0870 | 2023-03-22 | Form Can Be Manipulated with Cross-Site Request Forgery (CSRF) |
| CVE-2023-25820 | 2023-03-22 | Nextcloud Server and Enterprise Server missing brute force protection on password confirmation modal |
| CVE-2023-28114 | 2023-03-22 | `cilium-cli` disables etcd authorization for clustermesh clusters |
| CVE-2023-28117 | 2023-03-22 | Sentry SDK leaks sensitive session information when `sendDefaultPII` is set to `True` |
| CVE-2023-28119 | 2023-03-22 | crewjam/saml vulnerable to Denial Of Service Via Deflate Decompression Bomb |
| CVE-2023-28431 | 2023-03-22 | Frontier's modexp precompile is slow for even modulus |
| CVE-2023-28432 | 2023-03-22 | Minio Information Disclosure in Cluster Deployment |
| CVE-2023-28433 | 2023-03-22 | Minio Privilege Escalation on Windows via Path separator manipulation |
| CVE-2023-28434 | 2023-03-22 | MinIO is vulnerable to privilege escalation on Linux/MacOS |
| CVE-2023-28438 | 2023-03-22 | Pimcore vulnerable to improper quoting of filters in Custom Reports |
| CVE-2023-28439 | 2023-03-22 | ckeditor4 plugins vulnerable to cross-site scripting caused by the editor instance destroying process |
| CVE-2022-43863 | 2023-03-22 | IBM QRadar SIEM privilege escalation |
| CVE-2023-26283 | 2023-03-22 | IBM WebSphere Application Server cross-site scripting |
| CVE-2023-0590 | 2023-03-23 | A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in... |
| CVE-2023-1289 | 2023-03-23 | A vulnerability was discovered in ImageMagick where a specially created... |
| CVE-2023-1402 | 2023-03-23 | Moodle: course participation report shows roles the user should not see |
| CVE-2023-1544 | 2023-03-23 | Qemu: pvrdma: out-of-bounds read in pvrdma_ring_next_elem_read() |
| CVE-2023-20027 | 2023-03-23 | Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability |
| CVE-2023-20029 | 2023-03-23 | Cisco IOS XE Software Privilege Escalation Vulnerability |
| CVE-2023-20035 | 2023-03-23 | Cisco IOS XE SD-WAN Software Command Injection Vulnerability |
| CVE-2023-20055 | 2023-03-23 | Cisco DNA Center Privilege Escalation Vulnerability |
| CVE-2023-20056 | 2023-03-23 | Cisco Access Point Software Denial of Service Vulnerability |
| CVE-2023-20059 | 2023-03-23 | Cisco DNA Center Information Disclosure Vulnerability |
| CVE-2023-20065 | 2023-03-23 | A vulnerability in the Cisco IOx application hosting subsystem of... |
| CVE-2023-20066 | 2023-03-23 | Cisco IOS XE Software Web UI Path Traversal Vulnerability |
| CVE-2023-20067 | 2023-03-23 | Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability |
| CVE-2023-20072 | 2023-03-23 | Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability |
| CVE-2023-20080 | 2023-03-23 | Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability |
| CVE-2023-20081 | 2023-03-23 | Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability |
| CVE-2023-20082 | 2023-03-23 | Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability |
| CVE-2023-20097 | 2023-03-23 | Cisco Access Point Software Command Injection Vulnerability |
| CVE-2023-20100 | 2023-03-23 | Cisco IOS XE Software for Wireless LAN Controllers CAPWAP Join Denial of Service Vulnerability |
| CVE-2023-20107 | 2023-03-23 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability |
| CVE-2023-20112 | 2023-03-23 | Cisco Access Point Software Association Request Denial of Service Vulnerability |
| CVE-2023-20113 | 2023-03-23 | Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability |
| CVE-2023-28329 | 2023-03-23 | Moodle: authenticated sql injection via availability check |
| CVE-2023-28330 | 2023-03-23 | Moodle: authenticated arbitrary file read through malformed backup file |
| CVE-2023-28332 | 2023-03-23 | Moodle: algebra filter xss when filter is misconfigured |
| CVE-2023-28333 | 2023-03-23 | Moodle: pix helper potential mustache code injection risk |
| CVE-2023-28334 | 2023-03-23 | Moodle: users' name enumeration possible via idor on learning plans page |
| CVE-2023-28335 | 2023-03-23 | Moodle: csrf risk in resetting all templates of a database activity |
| CVE-2023-28336 | 2023-03-23 | Moodle: teacher can access names of users they do not have permission to access |
| CVE-2020-19786 | 2023-03-23 | File upload vulnerability in CSKaza CSZ CMS v.1.2.2 fixed in... |
| CVE-2020-24857 | 2023-03-23 | Cross Site Scripting vulnerabilty found in IXPManager v.5.6.0 allows attackers... |
| CVE-2022-28491 | 2023-03-23 | TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 contains a command injection vulnerability... |
| CVE-2022-28492 | 2023-03-23 | TOTOLINK Technology CPE with firmware V6.3c.566 ,allows remote attackers to... |
| CVE-2022-28493 | 2023-03-23 | A vulnerability in TOTOLINK CP900 V6.3c.566 allows attackers to start... |
| CVE-2022-28494 | 2023-03-23 | TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a... |
| CVE-2022-28496 | 2023-03-23 | TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 discovered to contain a command... |
| CVE-2022-28497 | 2023-03-23 | TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a... |
| CVE-2022-30037 | 2023-03-23 | XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and... |
| CVE-2022-3101 | 2023-03-23 | A flaw was found in tripleo-ansible. Due to an insecure... |
| CVE-2022-3146 | 2023-03-23 | A flaw was found in tripleo-ansible. Due to an insecure... |
| CVE-2022-36413 | 2023-03-23 | Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a... |
| CVE-2023-0056 | 2023-03-23 | An uncontrolled resource consumption vulnerability was discovered in HAProxy which... |
| CVE-2023-1249 | 2023-03-23 | A use-after-free flaw was found in the Linux kernel’s core... |
| CVE-2023-1252 | 2023-03-23 | A use-after-free flaw was found in the Linux kernel’s Ext4... |
| CVE-2023-1513 | 2023-03-23 | A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS... |
| CVE-2023-1605 | 2023-03-23 | Denial of Service in radareorg/radare2 |
| CVE-2023-20859 | 2023-03-23 | In Spring Vault, versions 3.0.x prior to 3.0.2 and versions... |
| CVE-2023-20861 | 2023-03-23 | In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25,... |
| CVE-2023-23192 | 2023-03-23 | IS Decisions UserLock MFA 11.01 is vulnerable to authentication bypass... |
| CVE-2023-24295 | 2023-03-23 | A stack overfow in SoftMaker Software GmbH FlexiPDF v3.0.3.0 allows... |
| CVE-2023-24655 | 2023-03-23 | Simple Customer Relationship Management System v1.0 was discovered to contain... |
| CVE-2023-24788 | 2023-03-23 | NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-26088 | 2023-03-23 | In Malwarebytes before 4.5.23, a symbolic link may be used... |
| CVE-2023-26359 | 2023-03-23 | Adobe ColdFusion Deserialization of Untrusted Data Arbitrary code execution |
| CVE-2023-26360 | 2023-03-23 | Adobe ColdFusion Improper Access Control Arbitrary code execution |
| CVE-2023-26361 | 2023-03-23 | Adobe ColdFusion Directory Traversal Arbitrary file system read Vulnerability |
| CVE-2023-26496 | 2023-03-23 | An issue was discovered in Samsung Baseband Modem Chipset for... |
| CVE-2023-26498 | 2023-03-23 | An issue was discovered in Samsung Baseband Modem Chipset for... |
| CVE-2023-27034 | 2023-03-23 | PrestaShop jmsblog 2.5.5 was discovered to contain a SQL injection... |
| CVE-2023-27077 | 2023-03-23 | Stack Overflow vulnerability found in 360 D901 allows a remote... |
| CVE-2023-27078 | 2023-03-23 | A command injection issue was found in TP-Link MR3020 v.1_150921... |