CVE List - 2023 / March
Showing 2401 - 2488 of 2488 CVEs for March 2023 (Page 25 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-1725 | 2023-03-30 | SSRF in Infoline Project Management System |
| CVE-2023-25076 | 2023-03-30 | A buffer overflow vulnerability exists in the handling of wildcard... |
| CVE-2023-24472 | 2023-03-30 | A denial of service vulnerability exists in the FitsOutput::close() functionality... |
| CVE-2023-22845 | 2023-03-30 | An out-of-bounds read vulnerability exists in the TGAInput::decode_pixel() functionality of... |
| CVE-2023-24473 | 2023-03-30 | An information disclosure vulnerability exists in the TGAInput::read_tga2_header functionality of... |
| CVE-2022-43473 | 2023-03-30 | A blind XML External Entity (XXE) vulnerability exists in the... |
| CVE-2022-23522 | 2023-03-30 | Arbitrary File Write when Extracting Tarballs retrieved from a remote location using in mindsdb |
| CVE-2023-28647 | 2023-03-30 | App pin of the iOS app can be bypassed in Nextcloud iOS |
| CVE-2023-28646 | 2023-03-30 | App lockout in nextcloud Android app can be bypassed via thirdparty apps |
| CVE-2023-26482 | 2023-03-30 | Scope of workflow operations is not validated in nextcloud server |
| CVE-2023-28643 | 2023-03-30 | Potential share collision for recipients when caching is enabled in nextcloud server |
| CVE-2023-28644 | 2023-03-30 | Reference fetch can saturate the server bandwidth for 10 seconds in nextcloud server |
| CVE-2023-28833 | 2023-03-30 | Unrestricted filenames for logo or favicon as admin in the theming settings in nextcloud server |
| CVE-2023-28835 | 2023-03-30 | Insecure randomness for default password in nextcloud |
| CVE-2023-1734 | 2023-03-30 | SourceCodester Young Entrepreneur E-Negosyo System unrestricted upload |
| CVE-2023-1735 | 2023-03-30 | SourceCodester Young Entrepreneur E-Negosyo System passwordrecover.php sql injection |
| CVE-2023-1736 | 2023-03-30 | SourceCodester Young Entrepreneur E-Negosyo System sql injection |
| CVE-2023-28846 | 2023-03-30 | Denial of Service in unpoly-rails |
| CVE-2023-1737 | 2023-03-30 | SourceCodester Young Entrepreneur E-Negosyo System login.php sql injection |
| CVE-2023-1738 | 2023-03-30 | SourceCodester Young Entrepreneur E-Negosyo System sql injection |
| CVE-2023-1739 | 2023-03-30 | SourceCodester Simple and Beautiful Shopping Cart System upload.php unrestricted upload |
| CVE-2022-42452 | 2023-03-30 | HCL Launch is vulnerable to HTML injection. HTML code is... |
| CVE-2023-1740 | 2023-03-30 | SourceCodester Air Cargo Management System GET Parameter manage_user.php sql injection |
| CVE-2023-1741 | 2023-03-30 | jeecg-boot Sleep Command SysDictMapper.java sql injection |
| CVE-2023-1742 | 2023-03-30 | IBOS Report Search getlist sql injection |
| CVE-2023-1743 | 2023-03-30 | SourceCodester Grade Point Average GPA Calculator index.php cross site scripting |
| CVE-2023-1744 | 2023-03-30 | IBOS htaccess unrestricted upload |
| CVE-2023-1745 | 2023-03-30 | KMPlayer SHFOLDER.dll uncontrolled search path |
| CVE-2023-1746 | 2023-03-30 | Dreamer CMS File Upload cross site scripting |
| CVE-2023-1747 | 2023-03-30 | IBOS mark&op=delFromSend sql injection |
| CVE-2023-28464 | 2023-03-31 | hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has... |
| CVE-2023-28756 | 2023-03-31 | A ReDoS issue was discovered in the Time component through... |
| CVE-2022-46021 | 2023-03-31 | X-Man 1.0 has a SQL injection vulnerability, which can cause... |
| CVE-2022-47188 | 2023-03-31 | Improper Input Validation in Generex CS141 |
| CVE-2022-47189 | 2023-03-31 | DoS via file upload vulnerability at Generex CS141 |
| CVE-2022-47190 | 2023-03-31 | RCE via file upload vulnerability in Generex CS141 |
| CVE-2022-47191 | 2023-03-31 | Privilege Escalation via file upload vulnerability at Generex CS141 |
| CVE-2022-47192 | 2023-03-31 | Admin password reset via file upload vulnerability in Generex CS141 |
| CVE-2022-4899 | 2023-03-31 | A vulnerability was found in zstd v1.4.10, where an attacker... |
| CVE-2023-1753 | 2023-03-31 | Weak Password Requirements in thorsten/phpmyfaq |
| CVE-2023-1754 | 2023-03-31 | Improper Neutralization of Input During Web Page Generation in thorsten/phpmyfaq |
| CVE-2023-1755 | 2023-03-31 | Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq |
| CVE-2023-1759 | 2023-03-31 | Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq |
| CVE-2023-1760 | 2023-03-31 | Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq |
| CVE-2023-1761 | 2023-03-31 | Cross-site Scripting in thorsten/phpmyfaq |
| CVE-2023-1762 | 2023-03-31 | Improper Privilege Management in thorsten/phpmyfaq |
| CVE-2023-23594 | 2023-03-31 | An authentication bypass vulnerability in the web client interface for... |
| CVE-2023-26829 | 2023-03-31 | An authentication bypass vulnerability in the Password Reset component of... |
| CVE-2023-26830 | 2023-03-31 | An unrestricted file upload vulnerability in the administrative portal branding... |
| CVE-2023-26858 | 2023-03-31 | SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a... |
| CVE-2023-26925 | 2023-03-31 | An information disclosure vulnerability exists in the Syslog functionality of... |
| CVE-2023-27159 | 2023-03-31 | Appwrite up to v1.2.1 was discovered to contain a Server-Side... |
| CVE-2023-27160 | 2023-03-31 | forem up to v2022.11.11 was discovered to contain a Server-Side... |
| CVE-2023-27162 | 2023-03-31 | openapi-generator up to v6.4.0 was discovered to contain a Server-Side... |
| CVE-2023-27163 | 2023-03-31 | request-baskets up to v1.2.1 was discovered to contain a Server-Side... |
| CVE-2023-28755 | 2023-03-31 | A ReDoS issue was discovered in the URI component through... |
| CVE-2023-28862 | 2023-03-31 | An issue was discovered in LemonLDAP::NG before 2.16.1. Weak session... |
| CVE-2023-28877 | 2023-03-31 | The VTEX [email protected] GraphQL API module does not properly restrict... |
| CVE-2023-28879 | 2023-03-31 | In Artifex Ghostscript through 10.01.0, there is a buffer overflow... |
| CVE-2023-29137 | 2023-03-31 | An issue was discovered in the GrowthExperiments extension for MediaWiki... |
| CVE-2023-29139 | 2023-03-31 | An issue was discovered in the CheckUser extension for MediaWiki... |
| CVE-2023-29140 | 2023-03-31 | An issue was discovered in the GrowthExperiments extension for MediaWiki... |
| CVE-2023-29141 | 2023-03-31 | An issue was discovered in MediaWiki before 1.35.10, 1.36.x through... |
| CVE-2023-28726 | 2023-03-31 | Panasonic AiSEG2 versions 2.80F through 2.93A allows remote attackers to... |
| CVE-2023-28727 | 2023-03-31 | Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass... |
| CVE-2023-1258 | 2023-03-31 | Flow-X disclosure of sensitive information to unauthenticated users |
| CVE-2023-1060 | 2023-03-31 | XSS in YKM CRM |
| CVE-2023-1769 | 2023-03-31 | SourceCodester Grade Point Average GPA Calculator index.php information disclosure |
| CVE-2023-1770 | 2023-03-31 | SourceCodester Grade Point Average GPA Calculator Master.php get_scale sql injection |
| CVE-2023-1774 | 2023-03-31 | Unauthorized email invite to a private channel |
| CVE-2023-1775 | 2023-03-31 | Unsanitized events sent over Websocket to regular users in a High Availability environment |
| CVE-2023-1776 | 2023-03-31 | Stored XSS via SVG attachment on Boards |
| CVE-2023-1771 | 2023-03-31 | SourceCodester Grade Point Average GPA Calculator Master.php get_scale cross site scripting |
| CVE-2023-1772 | 2023-03-31 | DataGear Diagram Type cross site scripting |
| CVE-2023-1777 | 2023-03-31 | Information disclosure in linked message previews |
| CVE-2023-1773 | 2023-03-31 | Rockoa Configuration File webmainConfig.php code injection |
| CVE-2023-0343 | 2023-03-31 | CVE-2023-0343 |
| CVE-2023-0344 | 2023-03-31 | CVE-2023-0344 |
| CVE-2023-0432 | 2023-03-31 | CVE-2023-0432 |
| CVE-2022-3192 | 2023-03-31 | Improper Check for Unusual or Exceptional Conditions |
| CVE-2023-28843 | 2023-03-31 | Improper neutralization of SQL parameter in PayPal module for PrestaShop |
| CVE-2023-1784 | 2023-03-31 | jeecg-boot API Documentation improper authentication |
| CVE-2023-1785 | 2023-03-31 | SourceCodester Earnings and Expense Tracker App manage_user.php sql injection |
| CVE-2023-26485 | 2023-03-31 | Quadratic complexity may lead to a denial of service in cmark-gfm |
| CVE-2023-24824 | 2023-03-31 | Quadratic complexity may lead to a denial of service in cmark-gfm |
| CVE-2023-28645 | 2023-03-31 | Secure view can be bypassed by using internal API endpoint in Nextcloud richdocuments |
| CVE-2023-28844 | 2023-03-31 | User without download rights can download older version of that file in nextcloud server |
| CVE-2023-28845 | 2023-03-31 | Chat room membership disclosed via autocompletion in Nextcloud talk |