CVE List - 2023 / April
Showing 1 - 100 of 2302 CVEs for April 2023 (Page 1 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-1789 | 2023-04-01 | Improper Input Validation in firefly-iii/firefly-iii |
| CVE-2023-26822 | 2023-04-01 | D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection... |
| CVE-2023-0208 | 2023-04-01 | NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server... |
| CVE-2023-0180 | 2023-04-01 | NVIDIA GPU Display Driver for Linux contains a vulnerability in... |
| CVE-2023-0181 | 2023-04-01 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2023-0182 | 2023-04-01 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2023-0183 | 2023-04-01 | NVIDIA GPU Display Driver for Linux contains a vulnerability in... |
| CVE-2023-0185 | 2023-04-01 | NVIDIA GPU Display Driver for Linux contains a vulnerability in... |
| CVE-2023-0186 | 2023-04-01 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2023-0187 | 2023-04-01 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2023-0188 | 2023-04-01 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2023-0189 | 2023-04-01 | NVIDIA GPU Display Driver for Linux contains a vulnerability in... |
| CVE-2023-0191 | 2023-04-01 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2023-0192 | 2023-04-01 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2023-0194 | 2023-04-01 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2023-0195 | 2023-04-01 | NVIDIA GPU Display Driver for Windows contains a vulnerability in... |
| CVE-2023-0197 | 2023-04-01 | NVIDIA vGPU software contains a vulnerability in the Virtual GPU... |
| CVE-2023-0198 | 2023-04-01 | NVIDIA GPU Display Driver for Linux contains a vulnerability in... |
| CVE-2023-1790 | 2023-04-01 | SourceCodester Simple Task Allocation System index.php information disclosure |
| CVE-2023-27025 | 2023-04-02 | An arbitrary file download vulnerability in the background management module... |
| CVE-2023-1791 | 2023-04-02 | SourceCodester Simple Task Allocation System manage_user.php sql injection |
| CVE-2023-1792 | 2023-04-02 | SourceCodester Simple Mobile Comparison Website GET Parameter manage_field.php sql injection |
| CVE-2023-1793 | 2023-04-02 | SourceCodester Police Crime Record Management System GET Parameter assigncase.php sql injection |
| CVE-2023-1794 | 2023-04-02 | SourceCodester Police Crime Record Management System GET Parameter casedetails.php cross site scripting |
| CVE-2023-1795 | 2023-04-02 | SourceCodester Gadget Works Online Ordering System GET Parameter index.php cross site scripting |
| CVE-2023-1796 | 2023-04-02 | SourceCodester Employee Payslip Generator Create News cross site scripting |
| CVE-2023-1797 | 2023-04-02 | OTCMS unrestricted upload |
| CVE-2023-1798 | 2023-04-02 | EyouCMS login.php cross site scripting |
| CVE-2023-1799 | 2023-04-02 | EyouCMS login.php cross site scripting |
| CVE-2023-1800 | 2023-04-02 | sjqzhang go-fastdfs File Upload uploa upload path traversal |
| CVE-2022-27665 | 2023-04-03 | Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress... |
| CVE-2022-36440 | 2023-04-03 | A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in... |
| CVE-2022-38922 | 2023-04-03 | BluePage CMS thru 3.9 processes an insufficiently sanitized HTTP Header... |
| CVE-2022-38923 | 2023-04-03 | BluePage CMS thru v3.9 processes an insufficiently sanitized HTTP Header... |
| CVE-2023-0225 | 2023-04-03 | A flaw was found in Samba. An incomplete access check... |
| CVE-2023-0614 | 2023-04-03 | The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919... |
| CVE-2023-0922 | 2023-04-03 | The Samba AD DC administration tool, when operating against a... |
| CVE-2023-1579 | 2023-04-03 | Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. |
| CVE-2023-1611 | 2023-04-03 | A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in... |
| CVE-2023-24724 | 2023-04-03 | A stored cross site scripting (XSS) vulnerability was discovered in... |
| CVE-2023-26916 | 2023-04-03 | libyang from v2.0.164 to v2.1.30 was discovered to contain a... |
| CVE-2023-28836 | 2023-04-03 | Wagtail vulnerable to stored Cross-site Scripting attack via ModelAdmin views |
| CVE-2023-29218 | 2023-04-03 | The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause... |
| CVE-2023-26112 | 2023-04-03 | All versions of the package configobj are vulnerable to Regular... |
| CVE-2023-26119 | 2023-04-03 | Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0... |
| CVE-2023-26269 | 2023-04-03 | Apache James server: Privilege escalation through unauthenticated JMX |
| CVE-2023-26529 | 2023-04-03 | WordPress DupeOff Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28625 | 2023-04-03 | mod_auth_openidc core dump when OIDCStripCookies is set and an empty Cookie header is supplied |
| CVE-2023-1765 | 2023-04-03 | SQLi in Panon |
| CVE-2023-1766 | 2023-04-03 | XSS in Panon |
| CVE-2023-0820 | 2023-04-03 | User Role by BestWebSoft < 1.6.7 - Privilege Escalation via CSRF |
| CVE-2023-1124 | 2023-04-03 | Shopping Cart & eCommerce Store < 5.4.3 - Admin+ LFI |
| CVE-2023-1330 | 2023-04-03 | Redirection < 1.1.4 - Redirect Creation via CSRF |
| CVE-2023-1377 | 2023-04-03 | Solidres <= 0.9.4 - Multiple Reflected XSS |
| CVE-2023-0399 | 2023-04-03 | Image Over Image For WPBakery Page Builder < 3.0 - Contributor+ Stored XSS |
| CVE-2022-38072 | 2023-04-03 | An improper array index validation vulnerability exists in the stl_fix_normal_directions... |
| CVE-2023-0975 | 2023-04-03 | A vulnerability exists in Trellix Agent for Windows version 5.7.8... |
| CVE-2023-0977 | 2023-04-03 | A heap-based overflow vulnerability in Trellix Agent (Windows and Linux)... |
| CVE-2023-28834 | 2023-04-03 | Full path of data directory exposed to Nextcloud server users |
| CVE-2023-28837 | 2023-04-03 | Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files |
| CVE-2023-28850 | 2023-04-03 | Pimcore Perspective Editor vulnerable to Cross-site Scripting in perspective name |
| CVE-2023-28851 | 2023-04-03 | Silverstripe Form Capture vulnerable to Stored Cross-Site Scripting |
| CVE-2022-43769 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) |
| CVE-2023-28854 | 2023-04-03 | nophp vulnerable to shell command injection on httpd user when sending a password-setting mail or mail-login mail |
| CVE-2022-43773 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Incorrect Permission Assignment for Critical Resource |
| CVE-2022-43938 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') |
| CVE-2022-43939 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Use of Non-Canonical URL Paths for Authorization Decisions |
| CVE-2022-43940 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization |
| CVE-2022-43771 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
| CVE-2022-43941 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference |
| CVE-2022-3960 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') |
| CVE-2022-43772 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Insertion of Sensitive Information into Log File |
| CVE-2022-4769 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information |
| CVE-2022-4770 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information |
| CVE-2022-4771 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| CVE-2023-26775 | 2023-04-04 | File Upload vulnerability found in Monitorr v.1.7.6 allows a remote... |
| CVE-2023-29323 | 2023-04-04 | ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and... |
| CVE-2020-19277 | 2023-04-04 | Cross Site Scripting vulnerability found in Phachon mm-wiki v.0.1.2 allows... |
| CVE-2020-19278 | 2023-04-04 | Cross Site Request Forgery vulnerability found in Phachon mm-wiki v.0.1.2... |
| CVE-2020-19279 | 2023-04-04 | Directory Traversal vulnerability found in B3log Wide allows a an... |
| CVE-2020-19692 | 2023-04-04 | Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a... |
| CVE-2020-19693 | 2023-04-04 | An issue found in Espruino Espruino 6ea4c0a allows an attacker... |
| CVE-2020-19695 | 2023-04-04 | Buffer Overflow found in Nginx NJS allows a remote attacker... |
| CVE-2020-19697 | 2023-04-04 | Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows... |
| CVE-2020-19698 | 2023-04-04 | Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows... |
| CVE-2020-19699 | 2023-04-04 | Cross Site Scripting vulnerability found in KOHGYLW Kiftd v.1.0.18 allows... |
| CVE-2020-19850 | 2023-04-04 | An issue found in Directus API v.2.2.0 allows a remote... |
| CVE-2020-20521 | 2023-04-04 | Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a... |
| CVE-2020-20522 | 2023-04-04 | Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a... |
| CVE-2020-20913 | 2023-04-04 | SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a... |
| CVE-2020-20914 | 2023-04-04 | SQL Injection vulnerability found in San Luan PublicCMS v.4.0 allows... |
| CVE-2020-20915 | 2023-04-04 | SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote... |
| CVE-2020-21060 | 2023-04-04 | SQL injection vulnerability found in PHPMyWind v.5.6 allows a remote... |
| CVE-2020-21487 | 2023-04-04 | Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and... |
| CVE-2020-21514 | 2023-04-04 | An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui... |
| CVE-2020-22533 | 2023-04-04 | Cross Site Scripting vulnerability found in Zentao allows a remote... |
| CVE-2020-23257 | 2023-04-04 | Buffer Overflow vulnerability found in Espruino 2v05.41 allows an attacker... |
| CVE-2020-23258 | 2023-04-04 | An issue found in Jsish v.3.0.11 allows a remote attacker... |
| CVE-2020-23259 | 2023-04-04 | An issue found in Jsish v.3.0.11 and before allows an... |
| CVE-2020-23260 | 2023-04-04 | An issue found in Jsish v.3.0.11 and before allows an... |