CVE List - 2023 / March
Showing 1201 - 1300 of 2488 CVEs for March 2023 (Page 13 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-48422 | 2023-03-19 | ONLYOFFICE Docs through 7.3 on certain Linux distributions allows local... |
| CVE-2022-48423 | 2023-03-19 | In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate... |
| CVE-2022-48424 | 2023-03-19 | In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate... |
| CVE-2022-48425 | 2023-03-19 | In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid... |
| CVE-2023-1496 | 2023-03-19 | Cross-site Scripting (XSS) - Reflected in imgproxy/imgproxy |
| CVE-2023-26805 | 2023-03-19 | Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via... |
| CVE-2023-26806 | 2023-03-19 | Tenda W20E v15.11.0.6(US_W20EV4.0br_v15.11.0.6(1068_1546_841 is vulnerable to Buffer Overflow via function... |
| CVE-2023-26905 | 2023-03-19 | An issue was discovered in Alphaware - Simple E-Commerce System... |
| CVE-2023-28617 | 2023-03-19 | org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU... |
| CVE-2023-1497 | 2023-03-19 | SourceCodester Simple and Nice Shopping Cart Script uploaderm.php unrestricted upload |
| CVE-2023-1498 | 2023-03-19 | code-projects Responsive Hotel Site Newsletter Log messages.php sql injection |
| CVE-2023-1499 | 2023-03-19 | code-projects Simple Art Gallery adminHome.php sql injection |
| CVE-2023-1500 | 2023-03-19 | code-projects Simple Art Gallery adminHome.php cross site scripting |
| CVE-2023-1501 | 2023-03-19 | RockOA acloudCosAction.php.SQL runAction unrestricted upload |
| CVE-2023-1515 | 2023-03-20 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2023-1517 | 2023-03-20 | Cross-site Scripting (XSS) - DOM in pimcore/pimcore |
| CVE-2015-10096 | 2023-03-20 | Zarthus IRC Twitter Announcer Bot twitter_announcer.rb get_tweets command injection |
| CVE-2022-4933 | 2023-03-20 | ATM Consulting dolibarr_module_quicksupplierprice interface.php upatePrice sql injection |
| CVE-2023-1502 | 2023-03-20 | SourceCodester Alphaware Simple E-Commerce System edit_customer.php sql injection |
| CVE-2023-1503 | 2023-03-20 | SourceCodester Alphaware Simple E-Commerce System admin_index.php sql injection |
| CVE-2023-1248 | 2023-03-20 | Possible XSS in Ticket Actions |
| CVE-2023-1250 | 2023-03-20 | Code execution through ACL creation |
| CVE-2023-1504 | 2023-03-20 | SourceCodester Alphaware Simple E-Commerce System sql injection |
| CVE-2023-1505 | 2023-03-20 | SourceCodester E-Commerce System setDiscount.php sql injection |
| CVE-2023-1506 | 2023-03-20 | SourceCodester E-Commerce System login.php sql injection |
| CVE-2023-25782 | 2023-03-20 | WordPress Service Area Postcode Checker Plugin <= 2.0.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-1507 | 2023-03-20 | SourceCodester E-Commerce System Category Name controller.php cross site scripting |
| CVE-2023-25795 | 2023-03-20 | WordPress Feed Changer Plugin <= 0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25794 | 2023-03-20 | WordPress Nooz Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25064 | 2023-03-20 | WordPress WP htpasswd Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-24381 | 2023-03-20 | WordPress Advanced Social Pixel Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-22681 | 2023-03-20 | WordPress Online Exam Software : eExamhall Plugin <= 4.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-22678 | 2023-03-20 | WordPress Superior FAQ Plugin <= 1.0.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-23718 | 2023-03-20 | WordPress Page Loading Effects Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23721 | 2023-03-20 | WordPress Admin Log Plugin <= 1.50 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-22679 | 2023-03-20 | WordPress WP Better Emails Plugin <= 0.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-22680 | 2023-03-20 | WordPress No API Amazon Affiliate Plugin <= 4.2.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-22682 | 2023-03-20 | WordPress Camera slideshow Plugin <= 1.4.0.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47592 | 2023-03-20 | WordPress MagicForm Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47591 | 2023-03-20 | WordPress Map Multi Marker Plugin <= 3.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-0320 | 2023-03-20 | XSS in UBYS |
| CVE-2023-26513 | 2023-03-20 | Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS |
| CVE-2023-28083 | 2023-03-20 | Potential Cross-Site scripting vulnerability in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). |
| CVE-2023-28118 | 2023-03-20 | kaml has potential denial of service while parsing input with anchors and aliases |
| CVE-2023-28424 | 2023-03-20 | Soko SQL Injection vulnerability |
| CVE-2023-28428 | 2023-03-20 | PDFio vulnerable to Denial Of Service when opening a corrupt PDF file |
| CVE-2023-28429 | 2023-03-20 | Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field |
| CVE-2023-27586 | 2023-03-20 | CairoSVG improperly processes SVG files loaded from external resources |
| CVE-2023-22288 | 2023-03-20 | Email HTML Injection |
| CVE-2022-3894 | 2023-03-20 | WP OAuth Server < 4.2.5 - Arbitrary Post Deletion via CSRF |
| CVE-2023-0876 | 2023-03-20 | WP Meta SEO < 4.5.3 - Subscriber+ Improper Authorization causing Arbitrary Redirect |
| CVE-2023-0175 | 2023-03-20 | Smart Logo Showcase Lite <= 1.1.9 - Contributor+ Stored XSS |
| CVE-2023-0365 | 2023-03-20 | React Webcam <= 1.2.0 - Contributor+ Stored XSS |
| CVE-2023-0631 | 2023-03-20 | Paid Memberships Pro < 2.9.12 - Subscriber+ SQL Injection |
| CVE-2023-0369 | 2023-03-20 | GoToWP <= 5.1.1 - Contributor+ Stored XSS |
| CVE-2023-0145 | 2023-03-20 | Saan World Clock <= 1.8 - Contributor+ Stored XSS |
| CVE-2023-0630 | 2023-03-20 | Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection |
| CVE-2023-0364 | 2023-03-20 | real.Kit < 5.1.1 - Contributor+ Stored XSS |
| CVE-2023-0865 | 2023-03-20 | WooCommerce Multiple Customer Addresses & Shipping < 21.7 - Arbitrary Address Creation/Deletion/Access/Update via IDOR |
| CVE-2023-0890 | 2023-03-20 | Shortcodes Ultimate < 5.12.8 - Subscriber+ Arbitrary Post Access |
| CVE-2023-0940 | 2023-03-20 | ProfileGrid < 5.3.1 - Subscriber+ Arbitrary Password Reset |
| CVE-2023-0167 | 2023-03-20 | GetResponse for WordPress <= 5.5.31 - Contributor+ Stored XSS |
| CVE-2023-0937 | 2023-03-20 | VK All in One Expansion Unit < 9.87.1.0 - Reflected XSS |
| CVE-2023-0370 | 2023-03-20 | WPB Advanced FAQ <= 1.0.6 - Contributor+ Stored XSS |
| CVE-2022-4148 | 2023-03-20 | WP OAuth Server < 4.3.0 - Subscriber+ Arbitrary Client Deletion |
| CVE-2023-0273 | 2023-03-20 | Custom Content Shortcode <= 4.0.2 - Contributor+ Stored XSS |
| CVE-2023-0875 | 2023-03-20 | WP Meta SEO < 4.5.3 - Subscriber+ SQLi |
| CVE-2023-0340 | 2023-03-20 | Custom Content Shortcode <= 4.0.2 - Contributor+ LFI |
| CVE-2023-0911 | 2023-03-20 | Shortcodes Ultimate < 5.12.8 - Subscriber+ User Meta Disclosure |
| CVE-2023-0681 | 2023-03-20 | Rapid7 Nexpose Uncontrolled URL Redirect |
| CVE-2023-27578 | 2023-03-20 | Galaxy vulnerable to unauthorized modification of pages/visualizations due to insufficient permission check |
| CVE-2023-28425 | 2023-03-20 | Specially crafted MSETNX command can lead to denial-of-service |
| CVE-2022-45124 | 2023-03-20 | An information disclosure vulnerability exists in the User authentication functionality... |
| CVE-2022-43663 | 2023-03-20 | An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality... |
| CVE-2012-10009 | 2023-03-20 | 404like Plugin 404Like.php checkPage sql injection |
| CVE-2022-42331 | 2023-03-21 | x86: speculative vulnerability in 32bit SYSCALL path Due to an... |
| CVE-2022-42332 | 2023-03-21 | x86 shadow plus log-dirty mode use-after-free In environments where host... |
| CVE-2022-42333 | 2023-03-21 | x86/HVM pinned cache attributes mis-handling T[his CNA information record relates... |
| CVE-2022-42334 | 2023-03-21 | x86/HVM pinned cache attributes mis-handling T[his CNA information record relates... |
| CVE-2022-45635 | 2023-03-21 | An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS... |
| CVE-2022-45636 | 2023-03-21 | An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS... |
| CVE-2022-45637 | 2023-03-21 | An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+... |
| CVE-2023-1527 | 2023-03-21 | Cross-site Scripting (XSS) - Generic in tsolucio/corebos |
| CVE-2023-1535 | 2023-03-21 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-1536 | 2023-03-21 | Cross-site Scripting (XSS) - Stored in answerdev/answer |
| CVE-2023-1537 | 2023-03-21 | Authentication Bypass by Capture-replay in answerdev/answer |
| CVE-2023-1538 | 2023-03-21 | Observable Timing Discrepancy in answerdev/answer |
| CVE-2023-1539 | 2023-03-21 | Improper Restriction of Excessive Authentication Attempts in answerdev/answer |
| CVE-2023-1540 | 2023-03-21 | Observable Response Discrepancy in answerdev/answer |
| CVE-2023-1541 | 2023-03-21 | Business Logic Errors in answerdev/answer |
| CVE-2023-1542 | 2023-03-21 | Business Logic Errors in answerdev/answer |
| CVE-2023-1543 | 2023-03-21 | Insufficient Session Expiration in answerdev/answer |
| CVE-2023-1545 | 2023-03-21 | SQL Injection in nilsteampassnet/teampass |
| CVE-2023-24709 | 2023-03-21 | An issue found in Paradox Security Systems IPR512 allows attackers... |
| CVE-2023-25134 | 2023-03-21 | McAfee Total Protection prior to 16.0.50 may allow an adversary... |
| CVE-2023-26497 | 2023-03-21 | An issue was discovered in Samsung Baseband Modem Chipset for... |
| CVE-2023-27087 | 2023-03-21 | Permissions vulnerabiltiy found in Xuxueli xxl-job v2.2.0, v 2.3.0 and... |
| CVE-2023-27569 | 2023-03-21 | The eo_tags package before 1.3.0 for PrestaShop allows SQL injection... |
| CVE-2023-27570 | 2023-03-21 | The eo_tags package before 1.4.19 for PrestaShop allows SQL injection... |
| CVE-2023-27842 | 2023-03-21 | Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15... |