CVE List - 2023 / March
Showing 2001 - 2100 of 2488 CVEs for March 2023 (Page 21 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-24907 | 2023-03-28 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-24908 | 2023-03-28 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-24972 | 2023-03-28 | This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is not required to exploit this vulnerability. The... |
| CVE-2022-24973 | 2023-03-28 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is required to exploit this vulnerability. The specific... |
| CVE-2022-45460 | 2023-03-28 | Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow an unauthenticated and remote user to exploit a stack-based buffer overflow and crash the web server, resulting in a... |
| CVE-2022-46387 | 2023-03-28 | ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control characters, which allows an attacker to change the title and then execute it as commands. |
| CVE-2022-46397 | 2023-03-28 | FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode. |
| CVE-2023-20903 | 2023-03-28 | This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity provider is linked to the UAA, a refresh token is issued to... |
| CVE-2023-23330 | 2023-03-28 | amano Xparc parking solutions 7.1.3879 was discovered to be vulnerable to local file inclusion. |
| CVE-2023-24304 | 2023-03-28 | Improper input validation in the PDF.dll plugin of IrfanView v4.60 allows attackers to execute arbitrary code via opening a crafted PDF file. |
| CVE-2023-24308 | 2023-03-28 | A potential memory vulnerability due to insufficient input validation in PDFXEditCore.x64.dll in PDF-XChange Editor version 9.3 by Tracker Software may allow attackers to execute code when a user opens a... |
| CVE-2023-25260 | 2023-03-28 | Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion. |
| CVE-2023-25262 | 2023-03-28 | Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery (SSRF). TThe Reporting Designer (Web) offers the possibility to embed sources from external locations. If the user... |
| CVE-2023-25721 | 2023-03-28 | Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and... |
| CVE-2023-25722 | 2023-03-28 | A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in... |
| CVE-2023-25879 | 2023-03-28 | ZDI-CAN-19389: Adobe Dimension OBJ File Improper Input Validation Remote Code Execution |
| CVE-2023-25880 | 2023-03-28 | ZDI-CAN-19412: Adobe Dimension GLTF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-25881 | 2023-03-28 | ZDI-CAN-19390: Adobe Dimension OBJ File Improper Input Validation Remote Code Execution |
| CVE-2023-25882 | 2023-03-28 | ZDI-CAN-19385: Adobe Dimension OBJ File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-25883 | 2023-03-28 | ZDI-CAN-19386: Adobe Dimension FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-25884 | 2023-03-28 | ZDI-CAN-19411: Adobe Dimension GLTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-25885 | 2023-03-28 | ZDI-CAN-19480: Adobe Dimension USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-25886 | 2023-03-28 | ZDI-CAN-19452: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-25887 | 2023-03-28 | ZDI-CAN-19450: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-25888 | 2023-03-28 | ZDI-CAN-19451: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-25889 | 2023-03-28 | ZDI-CAN-19466: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-25890 | 2023-03-28 | ZDI-CAN-19493: Adobe Dimension USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-25891 | 2023-03-28 | ZDI-CAN-19542: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-25892 | 2023-03-28 | ZDI-CAN-19523: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-25893 | 2023-03-28 | ZDI-CAN-19539: Adobe Dimension USD File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-25894 | 2023-03-28 | ZDI-CAN-19543: Adobe Dimension USD File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-25895 | 2023-03-28 | ZDI-CAN-19540: Adobe Dimension USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-25896 | 2023-03-28 | ZDI-CAN-19541: Adobe Dimension USD File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-25897 | 2023-03-28 | ZDI-CAN-19520: Adobe Dimension USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-25898 | 2023-03-28 | ZDI-CAN-19521: Adobe Dimension USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-25899 | 2023-03-28 | ZDI-CAN-19522: Adobe Dimension USD File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-25900 | 2023-03-28 | ZDI-CAN-19559: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-25901 | 2023-03-28 | ZDI-CAN-19508: Adobe Dimension USD File Improper Input Validation Remote Code Execution Vulnerability |
| CVE-2023-25902 | 2023-03-28 | ZDI-CAN-19560: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-25903 | 2023-03-28 | Adobe Dimension USDZ files Integer Overflow or Wraparound Arbitrary code execution |
| CVE-2023-25904 | 2023-03-28 | Adobe Dimension Out-of-bounds Read USDZ file Arbitrary code execution |
| CVE-2023-25905 | 2023-03-28 | ZDI-CAN-20031: Adobe Dimension OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-25906 | 2023-03-28 | ZDI-CAN-20046: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-25907 | 2023-03-28 | ZDI-CAN-20216: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-26071 | 2023-03-28 | An issue was discovered in MCUBO ICT through 10.12.4 (aka 6.0.2). An Observable Response Discrepancy can occur under the login web page. In particular, the web application provides different responses... |
| CVE-2023-26327 | 2023-03-28 | ZDI-CAN-20217: Adobe Dimension GLTF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26328 | 2023-03-28 | ZDI-CAN-20212: Adobe Dimension USD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-26329 | 2023-03-28 | ZDI-CAN-20213: Adobe Dimension OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26330 | 2023-03-28 | ZDI-CAN-20146: Adobe Dimension USD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-26331 | 2023-03-28 | ZDI-CAN-20145: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26332 | 2023-03-28 | ZDI-CAN-20144: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26333 | 2023-03-28 | ZDI-CAN-20214: Adobe Dimension USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-26334 | 2023-03-28 | ZDI-CAN-20149: Adobe Dimension USD File Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| CVE-2023-26335 | 2023-03-28 | ZDI-CAN-20215: Adobe Dimension USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-26336 | 2023-03-28 | ZDI-CAN-20275: Adobe Dimension USD File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-26337 | 2023-03-28 | ZDI-CAN-20285: Adobe Dimension USDA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-26338 | 2023-03-28 | ZDI-CAN-19410: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26339 | 2023-03-28 | ZDI-CAN-19388: Adobe Dimension OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26340 | 2023-03-28 | ZDI-CAN-19387: Adobe Dimension OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26341 | 2023-03-28 | ZDI-CAN-19391: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26342 | 2023-03-28 | ZDI-CAN-19413: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26343 | 2023-03-28 | ZDI-CAN-19465: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26344 | 2023-03-28 | ZDI-CAN-19467: Adobe Dimension USD File Access of Uninitialized Pointer Information Disclosure Vulnerability |
| CVE-2023-26345 | 2023-03-28 | ZDI-CAN-19494: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26346 | 2023-03-28 | ZDI-CAN-19495: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26348 | 2023-03-28 | ZDI-CAN-19518: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26349 | 2023-03-28 | ZDI-CAN-20218: Adobe Dimension USDZ File Parsing Use-After-Free Information Disclosure Vulnerability |
| CVE-2023-26350 | 2023-03-28 | ZDI-CAN-19510: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26351 | 2023-03-28 | ZDI-CAN-19507: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26352 | 2023-03-28 | ZDI-CAN-19509: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26353 | 2023-03-28 | ZDI-CAN-19511: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26354 | 2023-03-28 | ZDI-CAN-19519: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26355 | 2023-03-28 | ZDI-CAN-19512: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26356 | 2023-03-28 | ZDI-CAN-19506: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-26923 | 2023-03-28 | Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that occurs when reading misconfigured midi files. If attacker can additional information, attacker can execute arbitrary code. |
| CVE-2023-27008 | 2023-03-28 | A Cross-site scripting (XSS) vulnerability in the function encrypt_password() in login.tmpl.php in ATutor 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter. |
| CVE-2023-27229 | 2023-03-28 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg. |
| CVE-2023-27231 | 2023-03-28 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg. |
| CVE-2023-27232 | 2023-03-28 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg. |
| CVE-2023-27246 | 2023-03-28 | An arbitrary file upload vulnerability in the Virtual Disk of MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted .htaccess file. |
| CVE-2023-27247 | 2023-03-28 | Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens. |
| CVE-2023-27700 | 2023-03-28 | MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component /accessory/picdel.html. |
| CVE-2023-27701 | 2023-03-28 | MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component /database/sqldel.html. |
| CVE-2023-27821 | 2023-03-28 | Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the mockDataScript parameter. |
| CVE-2022-45825 | 2023-03-28 | WordPress WPComplete Plugin <= 2.9.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-45831 | 2023-03-28 | WordPress Image Hover Effects - Caption Hover with Carousel Plugin <= 2.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-46848 | 2023-03-28 | WordPress Visualizer Plugin <= 3.9.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-46855 | 2023-03-28 | WordPress Responsive Pricing Table Plugin <= 5.1.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-46863 | 2023-03-28 | WordPress Quick Event Manager Plugin <= 9.6.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47170 | 2023-03-28 | WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.48 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25704 | 2023-03-28 | WordPress Interactive SVG Image Map Builder Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25195 | 2023-03-28 | Apache Fineract: SSRF template type vulnerability in certain authenticated users |
| CVE-2023-25196 | 2023-03-28 | Apache Fineract: SQL injection vulnerability |
| CVE-2023-25197 | 2023-03-28 | apache fineract: SQL injection vulnerability in certain procedure calls |
| CVE-2022-3682 | 2023-03-28 | SDM600 file permission validation |
| CVE-2022-3683 | 2023-03-28 | SDM600 API web services authorization validation |
| CVE-2023-28326 | 2023-03-28 | Apache OpenMeetings: allows user impersonation |
| CVE-2022-3684 | 2023-03-28 | SDM600 endpoint vulnerability |
| CVE-2022-3686 | 2023-03-28 | SDM600 API permission check |
| CVE-2022-3685 | 2023-03-28 | SDM600 software privilege level |