CVE List - 2023 / March
Showing 101 - 200 of 2488 CVEs for March 2023 (Page 2 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-26046 | 2023-03-02 | teler-waf subject to bypass of common web attack threat rule with HTML entities payload |
| CVE-2023-0053 | 2023-03-02 | SAUTER Controls Nova 200–220 Series Cleartext Transmission of Sensitive Information |
| CVE-2023-0193 | 2023-03-02 | NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where... |
| CVE-2023-0196 | 2023-03-02 | NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where... |
| CVE-2023-0228 | 2023-03-02 | Improper authentication vulnerability in S+ Operations |
| CVE-2023-25155 | 2023-03-02 | Integer Overflow in several Redis commands can lead to denial of service. |
| CVE-2023-25806 | 2023-03-02 | Time discrepancy in authentication responses in OpenSearch |
| CVE-2023-26053 | 2023-03-02 | Gradle usage of long IDs for PGP keys opens potential for collision attacks |
| CVE-2023-1151 | 2023-03-02 | SourceCodester Electronic Medical Records System Cookie administrator.php sql injection |
| CVE-2021-45477 | 2023-03-02 | IDOR in Yordam Library Automation System |
| CVE-2021-45478 | 2023-03-02 | IDOR in Yordam Library Automation System |
| CVE-2021-45479 | 2023-03-02 | XSS in Yordam Library Automation System |
| CVE-2021-3854 | 2023-03-02 | SQLi in Glox Technology's Useroam Hotspot |
| CVE-2023-25536 | 2023-03-02 | Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to... |
| CVE-2023-0085 | 2023-03-02 | The Metform Elementor Contact Form Builder plugin for WordPress is... |
| CVE-2023-1155 | 2023-03-02 | The Cost Calculator plugin for WordPress is vulnerable to Stored... |
| CVE-2023-26480 | 2023-03-02 | XWiki-Platform vulnerable to stored Cross-site Scripting via the HTML displayer in Live Data |
| CVE-2023-26479 | 2023-03-02 | org.xwiki.platform:xwiki-platform-rendering-parser vulnerable to Improper Handling of Exceptional Conditions |
| CVE-2023-26478 | 2023-03-02 | org.xwiki.platform:xwiki-platform-store-filesystem-oldcore has Exposed Dangerous Method or Function |
| CVE-2023-26477 | 2023-03-02 | org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability |
| CVE-2023-26476 | 2023-03-02 | Two XWiki Platform UIs Expose Sensitive Information to an Unauthorized Actor |
| CVE-2023-26475 | 2023-03-02 | XWiki Platform vulnerable to Remote Code Execution in Annotations |
| CVE-2023-1156 | 2023-03-02 | SourceCodester Health Center Patient Record Management System fecalysis_form.php cross site scripting |
| CVE-2023-26474 | 2023-03-02 | XWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author |
| CVE-2023-1157 | 2023-03-02 | finixbit elf-parser elf_parser.cpp get_segments denial of service |
| CVE-2023-26473 | 2023-03-02 | XWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vm |
| CVE-2023-26472 | 2023-03-02 | XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile |
| CVE-2021-4328 | 2023-03-02 | 狮子鱼CMS ApiController.class.php goods_detail sql injection |
| CVE-2023-26471 | 2023-03-02 | XWiki Platform users may execute anything with superadmin right through comments and async macro |
| CVE-2023-26051 | 2023-03-02 | Saleor is vulnerable to staff-authenticated error message information disclosure vulnerability via Python exceptions |
| CVE-2023-0084 | 2023-03-02 | The Metform Elementor Contact Form Builder plugin for WordPress is... |
| CVE-2023-26470 | 2023-03-02 | In XWiki Platform, saving a document with a large object number leads to persistent OOM errors |
| CVE-2023-26056 | 2023-03-02 | XWiki Platform allows macro execution as any user without programming rights through the context macro |
| CVE-2023-26055 | 2023-03-02 | XWiki Commons may allow privilege escalation to programming rights via user's first name |
| CVE-2023-26052 | 2023-03-02 | Saleor is vulnerable to unauthenticated information disclosure via Python exceptions |
| CVE-2022-35645 | 2023-03-02 | IBM Maximo Asset Management cross-site scripting |
| CVE-2023-24975 | 2023-03-02 | IBM Spectrum Symphony HOST header injection |
| CVE-2023-22381 | 2023-03-02 | Code injection in GitHub Enterprise Server leading to arbitrary environment variables in GitHub Actions |
| CVE-2022-40633 | 2023-03-02 | Rittal CMC III Improper Access Control |
| CVE-2023-20061 | 2023-03-03 | Cisco Unified Intelligence Center Vulnerabilities |
| CVE-2023-20062 | 2023-03-03 | Cisco Unified Intelligence Center Vulnerabilities |
| CVE-2023-20069 | 2023-03-03 | Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability |
| CVE-2023-20078 | 2023-03-03 | Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities |
| CVE-2023-20079 | 2023-03-03 | Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities |
| CVE-2023-20088 | 2023-03-03 | Cisco Finesse Reverse Proxy VPN-less Access to Finesse Desktop Denial of Service Vulnerability |
| CVE-2023-20104 | 2023-03-03 | Cisco Webex App for Web Cross-Site Scripting Vulnerability |
| CVE-2023-27561 | 2023-03-03 | runc through 1.1.4 has Incorrect Access Control leading to Escalation... |
| CVE-2021-36689 | 2023-03-03 | An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0.99.96i... |
| CVE-2022-2835 | 2023-03-03 | A flaw was found in coreDNS. This flaw allows a... |
| CVE-2022-2837 | 2023-03-03 | A flaw was found in coreDNS. This flaw allows a... |
| CVE-2022-41862 | 2023-03-03 | In PostgreSQL, a modified, unauthenticated server can send an unterminated... |
| CVE-2022-45551 | 2023-03-03 | An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router... |
| CVE-2022-45552 | 2023-03-03 | An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626... |
| CVE-2022-45553 | 2023-03-03 | An issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router... |
| CVE-2022-45988 | 2023-03-03 | starsoftcomm CooCare 5.304 allows local attackers to escalate privileges and... |
| CVE-2022-4645 | 2023-03-03 | LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948,... |
| CVE-2022-46973 | 2023-03-03 | Report v0.9.8.6 was discovered to contain a Server-Side Request Forgery... |
| CVE-2022-47664 | 2023-03-03 | Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse |
| CVE-2022-47665 | 2023-03-03 | Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int,... |
| CVE-2023-1160 | 2023-03-03 | Use of Platform-Dependent Third Party Components in cockpit-hq/cockpit |
| CVE-2023-1170 | 2023-03-03 | Heap-based Buffer Overflow in vim/vim |
| CVE-2023-23313 | 2023-03-03 | Certain Draytek products are vulnerable to Cross Site Scripting (XSS)... |
| CVE-2023-24641 | 2023-03-03 | Judging Management System v1.0 was discovered to contain a SQL... |
| CVE-2023-24642 | 2023-03-03 | Judging Management System v1.0 was discovered to contain a SQL... |
| CVE-2023-24643 | 2023-03-03 | Judging Management System v1.0 was discovered to contain a SQL... |
| CVE-2023-25402 | 2023-03-03 | CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is... |
| CVE-2023-25403 | 2023-03-03 | CleverStupidDog yf-exam v 1.8.0 is vulnerable to Authentication Bypass. The... |
| CVE-2023-26213 | 2023-03-03 | On Barracuda CloudGen WAN Private Edge Gateway devices before 8... |
| CVE-2023-26604 | 2023-03-03 | systemd before 247 does not adequately block local privilege escalation... |
| CVE-2023-26779 | 2023-03-03 | CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can... |
| CVE-2023-27560 | 2023-03-03 | Math/PrimeField.php in phpseclib 3.x before 3.0.19 has an infinite loop... |
| CVE-2023-27566 | 2023-03-03 | Cubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write... |
| CVE-2023-27567 | 2023-03-03 | In OpenBSD 7.2, a TCP packet with destination port 0... |
| CVE-2023-27574 | 2023-03-03 | ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS. |
| CVE-2023-0457 | 2023-03-03 | Information Disclosure Vulnerability in MELSEC Series |
| CVE-2023-1162 | 2023-03-03 | DrayTek Vigor 2960 Web Management Interface mainfunction.cgi command injection |
| CVE-2023-1163 | 2023-03-03 | DrayTek Vigor 2960 Web Management Interface mainfunction.cgi getSyslogFile path traversal |
| CVE-2023-0577 | 2023-03-03 | Multiple XSS in ASOS Information Technologies' Sobiad |
| CVE-2023-1164 | 2023-03-03 | KylinSoft kylin-activation File Import improper authorization |
| CVE-2023-0578 | 2023-03-03 | Multiple XSS in ASOS Information Technologies' Book Cites |
| CVE-2023-0957 | 2023-03-03 | An issue was discovered in Gitpod versions prior to release-2022.11.2.16.... |
| CVE-2023-1165 | 2023-03-03 | Zhong Bang CRMEB Java list sql injection |
| CVE-2023-26488 | 2023-03-03 | OpenZeppelin Contracts contains Incorrect Calculation |
| CVE-2023-0968 | 2023-03-03 | The Watu Quiz plugin for WordPress is vulnerable to Reflected... |
| CVE-2023-26492 | 2023-03-03 | Directus vulnerable to Server-Side Request Forgery On File Import |
| CVE-2023-23927 | 2023-03-03 | Craft CMS stored cross-site scripting vulnerability |
| CVE-2023-26483 | 2023-03-03 | gosaml2 vulnerable to Denial of Service via deflate decompression bomb |
| CVE-2023-27290 | 2023-03-03 | IBM Observability with Instana missing authentication |
| CVE-2023-26491 | 2023-03-03 | RSSHub is vulnerable to cross-site scripting (XSS) via unvalidated URL parameters |
| CVE-2023-26047 | 2023-03-03 | teler-waf contains detection rule bypass via entities payload |
| CVE-2023-26490 | 2023-03-03 | mailcow is vulnerable to shell command injection via xoauth2 authentication in imapsync |
| CVE-2023-23929 | 2023-03-03 | Refresh tokens do not expire in Vantage6 |
| CVE-2023-26487 | 2023-03-03 | Vega has cross-site scripting vulnerability in `lassoAppend` function |
| CVE-2023-26486 | 2023-03-03 | Vega `scale` expression function cross site scripting |
| CVE-2023-1175 | 2023-03-04 | Incorrect Calculation of Buffer Size in vim/vim |
| CVE-2023-25819 | 2023-03-04 | Discourse tags with no visibility are leaking into og:article:tag |
| CVE-2023-26481 | 2023-03-04 | Insufficient user check in FlowTokens by Email stage |
| CVE-2020-36663 | 2023-03-04 | Artesãos SEOTools OpenGraph.php makeTag redirect |
| CVE-2020-36664 | 2023-03-04 | Artesãos SEOTools SEOMeta.php setTitle redirect |
| CVE-2020-36665 | 2023-03-04 | Artesãos SEOTools TwitterCards.php eachValue redirect |