CVE List - 2023 / March
Showing 301 - 400 of 2488 CVEs for March 2023 (Page 4 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-0076 | 2023-03-06 | Download Attachments < 1.3 - Contributor+ Stored XSS |
| CVE-2023-0328 | 2023-03-06 | WPCode < 2.0.7 - Contributor+ WPCode Library Auth Key Update/Deletion |
| CVE-2022-4265 | 2023-03-06 | Replyable < 2.2.10 - Subscriber+ PHP Object Injection |
| CVE-2023-0165 | 2023-03-06 | Cost Calculator <= 1.8 - Contributor+ Stored XSS |
| CVE-2023-0078 | 2023-03-06 | Resume Builder <= 3.1.1 - Subscriber+ Stored XSS |
| CVE-2023-0063 | 2023-03-06 | Synved Shortcodes <= 1.6.36 - Contributor+ Stored XSS |
| CVE-2023-0068 | 2023-03-06 | Product GTIN (EAN, UPC, ISBN) for WooCommerce <= 1.1.1 - Contributor+ Stored XSS |
| CVE-2023-0212 | 2023-03-06 | Advanced Recent Posts <= 0.6.14 - Contributor+ Stored XSS |
| CVE-2022-4328 | 2023-03-06 | WooCommerce Checkout Field Manager < 18.0 - Unauthenticated Arbitrary File Upload |
| CVE-2023-0377 | 2023-03-06 | Scriptless Social Sharing < 3.2.2 - Contributor+ Stored XSS |
| CVE-2023-0064 | 2023-03-06 | eVision Responsive Column Layout Shortcodes <= 2.3 - Contributor+ Stored XSS |
| CVE-2023-0065 | 2023-03-06 | i2 Pros & Cons <= 1.3.1 - Contributor+ Stored XSS |
| CVE-2023-0069 | 2023-03-06 | WPaudio MP3 Player <= 4.0.2 - Contributor+ Stored XSS |
| CVE-2023-0979 | 2023-03-06 | SQLi in MedDataPACS |
| CVE-2015-10094 | 2023-03-06 | Fastly Plugin api.php post cross site scripting |
| CVE-2022-4930 | 2023-03-06 | nuxsmin sysPass URL cross site scripting |
| CVE-2023-1200 | 2023-03-06 | ehuacui bbs cross site scripting |
| CVE-2023-1203 | 2023-03-06 | Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier allows an authenticated user to access... |
| CVE-2023-27474 | 2023-03-06 | HTML Injection in Password Reset email to custom Reset URL in directus |
| CVE-2023-1201 | 2023-03-06 | Improper access control in the secure messages feature in Devolutions Server 2022.3.12 and below allows an authenticated attacker that possesses the message UUID to access the data it contains. |
| CVE-2023-22481 | 2023-03-06 | Sensitive information exposure in the logs of greader API in FreshRSS |
| CVE-2023-25169 | 2023-03-06 | Yearly Review Plugin leaking anonymised users data in discourse-yearly-review |
| CVE-2023-26054 | 2023-03-06 | Credentials inlined to Git URLs could end up in provenance attestation in BuildKit |
| CVE-2023-27472 | 2023-03-06 | HTML tags in entity names in the tree view are not sanitised in quickentity-editor-next |
| CVE-2023-23939 | 2023-03-06 | Azure/setup-kubectl: Escalation of privilege vulnerability for v3 and lower |
| CVE-2015-10095 | 2023-03-06 | woo-popup Plugin class-woo-popup-admin.php cross site scripting |
| CVE-2008-10004 | 2023-03-06 | Email Registration email_registration.module email_registration_user sql injection |
| CVE-2017-20181 | 2023-03-06 | hgzojer Vocable Trainer VocableTrainerProvider.java path traversal |
| CVE-2023-25230 | 2023-03-07 | A Server-Side Request Forgery (SSRF) in loonflow r2.0.14 allows attackers to force the application to make arbitrary requests via manipulation of the hook_url parameter. |
| CVE-2022-46257 | 2023-03-07 | Information disclosure in GitHub Enterprise Server leading to unauthorized viewing of private repository names |
| CVE-2023-1237 | 2023-03-07 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-1238 | 2023-03-07 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-1239 | 2023-03-07 | Cross-site Scripting (XSS) - Reflected in answerdev/answer |
| CVE-2023-1240 | 2023-03-07 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-1241 | 2023-03-07 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-1242 | 2023-03-07 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-1243 | 2023-03-07 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-1244 | 2023-03-07 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-1245 | 2023-03-07 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-1264 | 2023-03-07 | NULL Pointer Dereference in vim/vim |
| CVE-2023-20620 | 2023-03-07 | In adsp, there is a possible escalation of privilege due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2023-20621 | 2023-03-07 | In tinysys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20623 | 2023-03-07 | In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is... |
| CVE-2023-20624 | 2023-03-07 | In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20625 | 2023-03-07 | In adsp, there is a possible double free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not... |
| CVE-2023-20626 | 2023-03-07 | In msdc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20627 | 2023-03-07 | In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20628 | 2023-03-07 | In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not... |
| CVE-2023-20630 | 2023-03-07 | In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20632 | 2023-03-07 | In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20633 | 2023-03-07 | In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20634 | 2023-03-07 | In widevine, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2023-20635 | 2023-03-07 | In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed... |
| CVE-2023-20636 | 2023-03-07 | In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-20637 | 2023-03-07 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20638 | 2023-03-07 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20639 | 2023-03-07 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20640 | 2023-03-07 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20641 | 2023-03-07 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20642 | 2023-03-07 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20643 | 2023-03-07 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20644 | 2023-03-07 | In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-20645 | 2023-03-07 | In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-20646 | 2023-03-07 | In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-20647 | 2023-03-07 | In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-20648 | 2023-03-07 | In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-20649 | 2023-03-07 | In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-20650 | 2023-03-07 | In apu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20651 | 2023-03-07 | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-22847 | 2023-03-07 | Information disclosure vulnerability exists in pg_ivm versions prior to 1.5.1. An Incrementally Maintainable Materialized View (IMMV) created by pg_ivm may reflect rows with Row-Level Security that the owner of the... |
| CVE-2023-23554 | 2023-03-07 | Uncontrolled search path element vulnerability exists in pg_ivm versions prior to 1.5.1. When refreshing an IMMV, pg_ivm executes functions without specifying schema names. Under certain conditions, pg_ivm may be tricked... |
| CVE-2023-24775 | 2023-03-07 | Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php. |
| CVE-2023-24780 | 2023-03-07 | Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns. |
| CVE-2023-24781 | 2023-03-07 | Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\MemberLevel.php. |
| CVE-2023-25223 | 2023-03-07 | CRMEB <=1.3.4 is vulnerable to SQL Injection via /api/admin/user/list. |
| CVE-2023-26953 | 2023-03-07 | onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Administrator module. |
| CVE-2023-26954 | 2023-03-07 | onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the User Group module. |
| CVE-2023-26955 | 2023-03-07 | onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Admin Group module. |
| CVE-2022-47460 | 2023-03-07 | In gpu device, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel. |
| CVE-2022-47461 | 2023-03-07 | In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed. |
| CVE-2022-47462 | 2023-03-07 | In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed. |
| CVE-2022-47472 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-47473 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-47471 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-47474 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-47475 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-47476 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-47477 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-47478 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-47479 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-47480 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed. |
| CVE-2022-47481 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed. |
| CVE-2022-47482 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed. |
| CVE-2022-47483 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed. |
| CVE-2022-47484 | 2023-03-07 | In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed. |
| CVE-2022-47453 | 2023-03-07 | In wcn service, there is a possible missing params check. This could lead to local denial of service in wcn service. |
| CVE-2022-47454 | 2023-03-07 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| CVE-2022-47455 | 2023-03-07 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| CVE-2022-47456 | 2023-03-07 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| CVE-2022-47457 | 2023-03-07 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |