CVE List - 2023 / March
Showing 2301 - 2400 of 2488 CVEs for March 2023 (Page 24 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-43648 | 2023-03-29 | This vulnerability allows network-adjacent attackers to execute arbitrary code on... |
| CVE-2022-43649 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on... |
| CVE-2022-43650 | 2023-03-29 | This vulnerability allows remote attackers to disclose sensitive information on... |
| CVE-2022-44368 | 2023-03-29 | NASM v2.16 was discovered to contain a null pointer deference... |
| CVE-2022-44369 | 2023-03-29 | NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference... |
| CVE-2023-0664 | 2023-03-29 | A flaw was found in the QEMU Guest Agent service... |
| CVE-2023-0836 | 2023-03-29 | An information leak vulnerability was discovered in HAProxy 2.1, 2.2... |
| CVE-2023-1652 | 2023-03-29 | A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in... |
| CVE-2023-1701 | 2023-03-29 | Cross-site Scripting (XSS) - Reflected in pimcore/pimcore |
| CVE-2023-1702 | 2023-03-29 | Cross-site Scripting (XSS) - Generic in pimcore/pimcore |
| CVE-2023-1703 | 2023-03-29 | Cross-site Scripting (XSS) - Generic in pimcore/pimcore |
| CVE-2023-1704 | 2023-03-29 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2023-26968 | 2023-03-29 | In Atrocore 1.5.25, the Create Import Feed option with glyphicon-glyphicon-paperclip... |
| CVE-2023-26982 | 2023-03-29 | Trudesk v1.2.6 was discovered to contain a stored cross-site scripting... |
| CVE-2023-26984 | 2023-03-29 | An issue in the password reset function of Peppermint v0.2.4... |
| CVE-2023-27167 | 2023-03-29 | Suprema BioStar 2 v2.8.16 was discovered to contain a SQL... |
| CVE-2023-1683 | 2023-03-29 | Xunrui CMS system_log.html information disclosure |
| CVE-2023-1684 | 2023-03-29 | HadSky unrestricted upload |
| CVE-2023-23355 | 2023-03-29 | QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances), QVR |
| CVE-2023-1685 | 2023-03-29 | HadSky Installation Interface index.php command injection |
| CVE-2023-1686 | 2023-03-29 | SourceCodester Young Entrepreneur E-Negosyo System GET Parameter index.php cross site scripting |
| CVE-2023-1687 | 2023-03-29 | SourceCodester Simple Task Allocation System cross site scripting |
| CVE-2023-1688 | 2023-03-29 | SourceCodester Earnings and Expense Tracker App cross site scripting |
| CVE-2023-1689 | 2023-03-29 | SourceCodester Earnings and Expense Tracker App cross site scripting |
| CVE-2023-1509 | 2023-03-29 | The GMAce plugin for WordPress is vulnerable to Cross-Site Request... |
| CVE-2023-0213 | 2023-03-29 | Local Elevation of Privilege in M-Files |
| CVE-2023-1690 | 2023-03-29 | SourceCodester Earnings and Expense Tracker App cross site scripting |
| CVE-2022-48430 | 2023-03-29 | In JetBrains IntelliJ IDEA before 2023.1 file content could be... |
| CVE-2022-48431 | 2023-03-29 | In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle... |
| CVE-2022-48432 | 2023-03-29 | In JetBrains IntelliJ IDEA before 2023.1 the bundled version of... |
| CVE-2022-48433 | 2023-03-29 | In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could... |
| CVE-2022-38077 | 2023-03-29 | WordPress Popup Anything Plugin <= 2.2.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-28158 | 2023-03-29 | Apache Archiva privilege escalation |
| CVE-2022-47433 | 2023-03-29 | WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47438 | 2023-03-29 | WordPress Booking calendar, Appointment Booking System Plugin <= 3.2.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47444 | 2023-03-29 | WordPress ProfilePress Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23861 | 2023-03-29 | WordPress GMAce Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-1663 | 2023-03-29 | Authenticated Resources Accessible via Forced Browsing |
| CVE-2023-1680 | 2023-03-29 | Xunrui CMS main.html information disclosure |
| CVE-2023-1575 | 2023-03-29 | The Mega Main Menu plugin for WordPress is vulnerable to... |
| CVE-2022-47596 | 2023-03-29 | WordPress Media Library Categories Plugin <= 1.9.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-26290 | 2023-03-29 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... |
| CVE-2023-26291 | 2023-03-29 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... |
| CVE-2023-26292 | 2023-03-29 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... |
| CVE-2023-1550 | 2023-03-29 | NGINX Agent vulnerability CVE-2023-1550 |
| CVE-2023-28642 | 2023-03-29 | AppArmor bypass with symlinked /proc in runc |
| CVE-2023-25809 | 2023-03-29 | rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc |
| CVE-2023-27489 | 2023-03-29 | Stored cross site scripting via SVG file upload in Kiwi TCMS |
| CVE-2022-45355 | 2023-03-29 | WordPress WP Pipes Plugin <= 1.33 is vulnerable to SQL Injection (SQLi) |
| CVE-2022-47613 | 2023-03-29 | WordPress AI ChatBot Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47610 | 2023-03-29 | WordPress Simple Image Popup Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47607 | 2023-03-29 | WordPress Usersnap Plugin <= 4.16 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47603 | 2023-03-29 | WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47602 | 2023-03-29 | WordPress WP Table Manager Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-22705 | 2023-03-29 | WordPress Welcart e-Commerce Plugin <= 2.8.10 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28501 | 2023-03-29 | Heap buffer overflow in unirpcd |
| CVE-2023-1656 | 2023-03-29 | When the LDAP connector is started with StartTLS configured, LDAP BIND credentials are transmitted insecurely, prior to establishing the TLS connection. |
| CVE-2023-28502 | 2023-03-29 | Stack buffer overflow in UniRPC's udadmin_server service |
| CVE-2023-28503 | 2023-03-29 | Authentication bypass in UniRPC's udadmin service |
| CVE-2023-28504 | 2023-03-29 | Stack buffer overflow in UniRPC library function |
| CVE-2023-28505 | 2023-03-29 | Buffer overflow in UniRPC library function |
| CVE-2023-28506 | 2023-03-29 | Stack buffer overflow in UniRPC service |
| CVE-2023-28507 | 2023-03-29 | Memory exhaustion in LZ4 decompression in UniRPC daemon |
| CVE-2023-28508 | 2023-03-29 | Heap corruption in UniRPC service |
| CVE-2023-28509 | 2023-03-29 | Weak encryption in UniRPC protocol |
| CVE-2023-27533 | 2023-03-30 | A vulnerability in input validation exists in curl <8.0 during... |
| CVE-2023-27535 | 2023-03-30 | An authentication bypass vulnerability exists in libcurl <8.0.0 in the... |
| CVE-2023-27537 | 2023-03-30 | A double free vulnerability exists in libcurl <8.0.0 when sharing... |
| CVE-2023-27538 | 2023-03-30 | An authentication bypass vulnerability exists in libcurl prior to v8.0.0... |
| CVE-2022-30350 | 2023-03-30 | Avanquest Software RAD PDF (PDFEscape Online) 3.19.2.2 is vulnerable to... |
| CVE-2022-30351 | 2023-03-30 | PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows... |
| CVE-2022-4744 | 2023-03-30 | A double-free flaw was found in the Linux kernel’s TUN/TAP... |
| CVE-2022-47542 | 2023-03-30 | Red Gate SQL Monitor 11.0.14 through 12.1.46 has Incorrect Access... |
| CVE-2023-1393 | 2023-03-30 | A flaw was found in X.Org Server Overlay Window. A... |
| CVE-2023-1670 | 2023-03-30 | A flaw use after free in the Linux kernel Xircom... |
| CVE-2023-1712 | 2023-03-30 | Use of Hard-coded, Security-relevant Constants in deepset-ai/haystack |
| CVE-2023-26692 | 2023-03-30 | ZCBS Zijper Collectie Beheer Systeem (ZCBS), Zijper Publication Management System... |
| CVE-2023-27534 | 2023-03-30 | A path traversal vulnerability exists in curl <8.0.0 SFTP implementation... |
| CVE-2023-27536 | 2023-03-30 | An authentication bypass vulnerability exists libcurl <8.0.0 in the connection... |
| CVE-2023-28462 | 2023-03-30 | A JNDI rebind operation in the default ORB listener in... |
| CVE-2023-29059 | 2023-03-30 | 3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited... |
| CVE-2023-25000 | 2023-03-30 | Vault Vulnerable to Cache-Timing Attacks During Seal and Unseal Operations |
| CVE-2023-0665 | 2023-03-30 | Vault PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata |
| CVE-2023-0620 | 2023-03-30 | Vault Vulnerable to SQL Injection When Configuring the Microsoft SQL Database Storage Backend |
| CVE-2023-26117 | 2023-03-30 | Versions of the package angular from 1.0.0 are vulnerable to... |
| CVE-2023-26118 | 2023-03-30 | Versions of the package angular from 1.4.9 are vulnerable to... |
| CVE-2023-26116 | 2023-03-30 | Versions of the package angular from 1.2.21 are vulnerable to... |
| CVE-2023-1013 | 2023-03-30 | XSS in Vira-Investing |
| CVE-2023-1014 | 2023-03-30 | Information disclosure in Vira-Investing |
| CVE-2023-28935 | 2023-03-30 | Apache UIMA DUCC: DUCC (EOL) allows RCE |
| CVE-2023-1699 | 2023-03-30 | Rapid7 Nexpose Forced Browsing |
| CVE-2023-23670 | 2023-03-30 | WordPress Fancy Comments WordPress Plugin <= 1.2.10 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23675 | 2023-03-30 | WordPress WP Smart Preloader Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23677 | 2023-03-30 | WordPress GTmetrix for WordPress Plugin <= 0.4.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23681 | 2023-03-30 | WordPress Image Hover Effects For WPBakery Page Builder Plugin <= 4.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25040 | 2023-03-30 | WordPress Shortcodes Ultimate Plugin <= 5.12.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-24399 | 2023-03-30 | WordPress Ocean Extra Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28731 | 2023-03-30 | Unauthenticated RCE affecting the AcyMailing plugin for Joomla |
| CVE-2023-28732 | 2023-03-30 | Missing access control affecting the AcyMailing plugin for Joomla |
| CVE-2023-28733 | 2023-03-30 | Stored XSS affecting the AcyMailing plugin for Joomla |