CVE List - 2023 / March
Showing 201 - 300 of 2488 CVEs for March 2023 (Page 3 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2014-125090 | 2023-03-04 | Media Downloader Plugin getfile.php dl_file_resumable cross site scripting |
| CVE-2014-125091 | 2023-03-04 | codepeople cp-polls Plugin cp-admin-int-message-list.inc.php sql injection |
| CVE-2023-0734 | 2023-03-05 | Improper Authorization in wallabag/wallabag |
| CVE-2023-1181 | 2023-03-05 | Cross-site Scripting (XSS) - Stored in icret/easyimages2.0 |
| CVE-2023-22335 | 2023-03-05 | Improper access control vulnerability in SS1 Ver.13.0.0.40 and earlier and... |
| CVE-2023-22336 | 2023-03-05 | Path traversal vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku... |
| CVE-2023-22344 | 2023-03-05 | Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier... |
| CVE-2023-22419 | 2023-03-05 | Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former... |
| CVE-2023-22421 | 2023-03-05 | Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former... |
| CVE-2023-22424 | 2023-03-05 | Use-after-free vulnerability exists in Kostac PLC Programming Software (Former name:... |
| CVE-2023-22432 | 2023-03-05 | Open redirect vulnerability exists in web2py versions prior to 2.23.1.... |
| CVE-2023-22438 | 2023-03-05 | Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series... |
| CVE-2023-22838 | 2023-03-05 | Cross-site scripting vulnerability in Product List Screen and Product Detail... |
| CVE-2023-25077 | 2023-03-05 | Cross-site scripting vulnerability in Authentication Key Settings of EC-CUBE 4.0.0... |
| CVE-2023-26510 | 2023-03-05 | Ghost 5.35.0 allows authorization bypass: contributors can view draft posts... |
| CVE-2023-27635 | 2023-03-05 | debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell... |
| CVE-2023-27641 | 2023-03-05 | The REPORT (after z but before a) parameter in wa.exe... |
| CVE-2008-10002 | 2023-03-05 | cfire24 ajaxlife cross site scripting |
| CVE-2008-10003 | 2023-03-05 | iGamingModules flashgames game.php sql injection |
| CVE-2015-10088 | 2023-03-05 | ayttm proxy.c http_connect format string |
| CVE-2023-1179 | 2023-03-05 | SourceCodester Computer Parts Sales and Inventory System Add Supplier cross site scripting |
| CVE-2023-1180 | 2023-03-05 | SourceCodester Health Center Patient Record Management System hematology_print.php cross site scripting |
| CVE-2015-10089 | 2023-03-05 | flame.js cross site scripting |
| CVE-2021-4329 | 2023-03-05 | json-logic-js logic.js command injection |
| CVE-2022-4927 | 2023-03-05 | ualbertalib NEOSDiscovery _refworks.html.erb reverse tabnabbing |
| CVE-2006-10001 | 2023-03-05 | Subscribe to Comments Plugin subscribe-to-comments.php cross site scripting |
| CVE-2014-125092 | 2023-03-05 | MaxButtons Plugin maxbuttons-button.php maxbuttons_strip_px cross site scripting |
| CVE-2015-10090 | 2023-03-05 | Landing Pages Plugin cross site scripting |
| CVE-2022-46395 | 2023-03-06 | An issue was discovered in the Arm Mali GPU Kernel... |
| CVE-2022-4904 | 2023-03-06 | A flaw was found in the c-ares package. The ares_set_sortlist... |
| CVE-2023-0330 | 2023-03-06 | Qemu: lsi53c895a: dma reentrancy issue leads to stack overflow |
| CVE-2023-24733 | 2023-03-06 | PMB v7.4.6 was discovered to contain a reflected cross-site scripting... |
| CVE-2023-24734 | 2023-03-06 | An arbitrary file upload vulnerability in the camera_upload.php component of... |
| CVE-2023-24735 | 2023-03-06 | PMB v7.4.6 was discovered to contain an open redirect vulnerability... |
| CVE-2023-24736 | 2023-03-06 | PMB v7.4.6 was discovered to contain a remote code execution... |
| CVE-2023-24737 | 2023-03-06 | PMB v7.4.6 was discovered to contain a reflected cross-site scripting... |
| CVE-2023-25304 | 2023-03-06 | An issue in Prism Launcher up to v6.1 allows attackers... |
| CVE-2019-8720 | 2023-03-06 | A vulnerability was found in WebKit. The flaw is triggered... |
| CVE-2021-20251 | 2023-03-06 | A flaw was found in samba. A race condition in... |
| CVE-2021-35377 | 2023-03-06 | Cross Site Scripting vulnerability found in VICIdial v2.14-610c and v.2.10-415c... |
| CVE-2021-36392 | 2023-03-06 | In Moodle, an SQL injection risk was identified in the... |
| CVE-2021-36393 | 2023-03-06 | In Moodle, an SQL injection risk was identified in the... |
| CVE-2021-36394 | 2023-03-06 | In Moodle, a remote code execution risk was identified in... |
| CVE-2021-36395 | 2023-03-06 | In Moodle, the file repository's URL parsing required additional recursion... |
| CVE-2021-36396 | 2023-03-06 | In Moodle, insufficient redirect handling made it possible to blindly... |
| CVE-2021-36397 | 2023-03-06 | In Moodle, insufficient capability checks meant message deletions were not... |
| CVE-2021-36398 | 2023-03-06 | In moodle, ID numbers displayed in the web service token... |
| CVE-2021-36399 | 2023-03-06 | In Moodle, ID numbers displayed in the quiz override screens... |
| CVE-2021-36400 | 2023-03-06 | In Moodle, insufficient capability checks made it possible to remove... |
| CVE-2021-36401 | 2023-03-06 | In Moodle, ID numbers exported in HTML data formats required... |
| CVE-2021-36402 | 2023-03-06 | In Moodle, Users' names required additional sanitizing in the account... |
| CVE-2021-36403 | 2023-03-06 | In Moodle, in some circumstances, email notifications of messages could... |
| CVE-2021-36713 | 2023-03-06 | Cross Site Scripting (XSS) vulnerability in the DataTables plug-in 1.9.2... |
| CVE-2022-3277 | 2023-03-06 | An uncontrolled resource consumption flaw was found in openstack-neutron. This... |
| CVE-2022-3424 | 2023-03-06 | A use-after-free flaw was found in the Linux kernel’s SGI... |
| CVE-2022-3707 | 2023-03-06 | A double-free memory flaw was found in the Linux kernel.... |
| CVE-2022-3854 | 2023-03-06 | A flaw was found in Ceph, relating to the URL... |
| CVE-2022-4134 | 2023-03-06 | A flaw was found in openstack-glance. This issue could allow... |
| CVE-2022-42248 | 2023-03-06 | QlikView 12.60.2 was discovered to contain a stored cross-site scripting... |
| CVE-2022-44875 | 2023-03-06 | KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank... |
| CVE-2022-45141 | 2023-03-06 | Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was... |
| CVE-2022-45142 | 2023-03-06 | The fix for CVE-2022-3437 included changing memcmp to be constant... |
| CVE-2022-48364 | 2023-03-06 | The undo_mark_statuses_as_sensitive method in app/services/approve_appeal_service.rb in Mastodon 3.5.x before 3.5.3... |
| CVE-2023-0093 | 2023-03-06 | Okta Advanced Server Access Client versions 1.13.1 through 1.65.0 are... |
| CVE-2023-1161 | 2023-03-06 | ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0... |
| CVE-2023-1197 | 2023-03-06 | Cross-site Scripting (XSS) - Stored in uvdesk/community-skeleton |
| CVE-2023-1211 | 2023-03-06 | SQL Injection in phpipam/phpipam |
| CVE-2023-1212 | 2023-03-06 | Cross-site Scripting (XSS) - Stored in phpipam/phpipam |
| CVE-2023-24217 | 2023-03-06 | AgileBio Electronic Lab Notebook v4.234 was discovered to contain a... |
| CVE-2023-24763 | 2023-03-06 | In the module "Xen Forum" (xenforum) for PrestaShop, an authenticated... |
| CVE-2023-24776 | 2023-03-06 | Funadmin v3.2.0 was discovered to contain a remote code execution... |
| CVE-2023-24789 | 2023-03-06 | jeecg-boot v3.4.4 was discovered to contain an authenticated SQL injection... |
| CVE-2023-26600 | 2023-03-06 | ManageEngine ServiceDesk Plus through 14104, ServiceDesk Plus MSP through 14000,... |
| CVE-2023-26601 | 2023-03-06 | Zoho ManageEngine ServiceDesk Plus through 14104, Asset Explorer through 6987,... |
| CVE-2023-26949 | 2023-03-06 | An arbitrary file upload vulnerability in the component /admin1/config/update of... |
| CVE-2023-27891 | 2023-03-06 | rami.io pretix before 4.17.1 allows OAuth application authorization from a... |
| CVE-2022-4928 | 2023-03-06 | icplayer presenter.js AddonText_Selection_create cross site scripting |
| CVE-2022-4929 | 2023-03-06 | icplayer tts-utils.js cross site scripting |
| CVE-2015-10091 | 2023-03-06 | ByWater Solutions bywater-koha-xslt systempreferences.pl StringSearch sql injection |
| CVE-2023-26106 | 2023-03-06 | All versions of the package dot-lens are vulnerable to Prototype... |
| CVE-2023-26111 | 2023-03-06 | All versions of the package @nubosoftware/node-static; all versions of the... |
| CVE-2023-26107 | 2023-03-06 | All versions of the package sketchsvg are vulnerable to Arbitrary... |
| CVE-2023-26108 | 2023-03-06 | Versions of the package @nestjs/core before 9.0.5 are vulnerable to... |
| CVE-2015-10092 | 2023-03-06 | Qtranslate Slug Plugin class-qtranslate-slug.php add_slug_meta_box cross site scripting |
| CVE-2023-22856 | 2023-03-06 | Stored cross-site scripting in BlogEngine.NET version 3.3.8.0 |
| CVE-2023-22857 | 2023-03-06 | Stored cross-site scripting in BlogEngine.NET version 3.3.8.0 |
| CVE-2015-10093 | 2023-03-06 | Mark User as Spammer Plugin plugin.php user_row_actions cross site scripting |
| CVE-2023-22858 | 2023-03-06 | Stored cross-site scripting in BlogEngine.NET version 3.3.8.0 |
| CVE-2023-1184 | 2023-03-06 | ECshop Backup Database database.php unrestricted upload |
| CVE-2023-1185 | 2023-03-06 | ECshop New Product unrestricted upload |
| CVE-2023-0839 | 2023-03-06 | Improper Error Handling in inSCADA |
| CVE-2023-1186 | 2023-03-06 | FabulaTech Webcam for Remote Desktop IOCTL ftwebcam.sys 0x222018 null pointer dereference |
| CVE-2023-1187 | 2023-03-06 | FabulaTech Webcam for Remote Desktop Global Variable ftwebcam.sys denial of service |
| CVE-2023-1188 | 2023-03-06 | FabulaTech Webcam for Remote Desktop IoControlCode ftwebcam.sys 0x222018 denial of service |
| CVE-2023-1189 | 2023-03-06 | WiseCleaner Wise Folder Hider IoControlCode WiseFs64.sys 0x222410 denial of service |
| CVE-2023-1190 | 2023-03-06 | xiaozhuai imageinfo imageinfo.hpp buffer overflow |
| CVE-2023-1191 | 2023-03-06 | fastcms ZIP File TemplateController.java path traversal |
| CVE-2017-20180 | 2023-03-06 | Zerocoin libzerocoin Proof CoinSpend.cpp CoinSpend data authenticity |
| CVE-2022-3284 | 2023-03-06 | Insecure way of passing a download key |
| CVE-2022-4862 | 2023-03-06 | XSS vulnerability in M-Files Web |