CVE List - 2023 / April
Showing 1701 - 1800 of 2302 CVEs for April 2023 (Page 18 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-0383 | 2023-04-20 | Uncontrolled Resource Consuption in M-Files Server |
| CVE-2023-0384 | 2023-04-20 | Uncontrolled Resource Consuption in M-Files Server |
| CVE-2023-2112 | 2023-04-20 | Desktop component allows lateral movement between sessions |
| CVE-2023-2193 | 2023-04-20 | Oauth authorization codes do not expire when deauthorizing an oauth2 app |
| CVE-2023-1767 | 2023-04-20 | The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored... |
| CVE-2023-22309 | 2023-04-20 | Reflected Cross Site Scripting (XSS) |
| CVE-2022-46302 | 2023-04-20 | Remote Code Execution with Root Privileges via Broad Apache Permissions |
| CVE-2023-25601 | 2023-04-20 | Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway has improper authentication |
| CVE-2022-36788 | 2023-04-20 | A heap-based buffer overflow vulnerability exists in the TriangleMesh clone... |
| CVE-2023-1255 | 2023-04-20 | Input buffer over-read in AES-XTS implementation on 64 bit ARM |
| CVE-2023-23938 | 2023-04-20 | Cross-site Scripting (XSS) through the name of a color of select box values in tuleap |
| CVE-2023-27495 | 2023-04-20 | Bypass of CSRF protection in the presence of predictable userInfo in @fastify/csrf-protection |
| CVE-2023-29528 | 2023-04-20 | Cross-site Scripting in org.xwiki.commons:xwiki-commons-xml |
| CVE-2023-30616 | 2023-04-20 | Cross Site Request Forgery due to missing nonce verification in form block |
| CVE-2023-22295 | 2023-04-20 | CVE-2023-22295 |
| CVE-2023-22321 | 2023-04-20 | Datakit CrossCAD/Ware |
| CVE-2023-22354 | 2023-04-20 | Datakit CrossCAD/Ware |
| CVE-2023-22846 | 2023-04-20 | Datakit CrossCAD/Ware |
| CVE-2023-23579 | 2023-04-20 | Datakit CrossCAD/Ware |
| CVE-2023-2131 | 2023-04-20 | CVE-2023-2131 |
| CVE-2021-33589 | 2023-04-21 | Ribose RNP before 0.15.1 does not implement a required step... |
| CVE-2022-36963 | 2023-04-21 | SolarWinds Platform Deserialization of Untrusted Data Vulnerability |
| CVE-2022-47505 | 2023-04-21 | SolarWinds Platform Local Privilege Escalation Vulnerability |
| CVE-2022-47509 | 2023-04-21 | SolarWinds Platform Incorrect Input Neutralization Vulnerability |
| CVE-2022-47930 | 2023-04-21 | An issue was discovered in IO FinNet tss-lib before 2.0.0.... |
| CVE-2022-48150 | 2023-04-21 | Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2023-2202 | 2023-04-21 | Improper Access Control in francoisjacquet/rosariosis |
| CVE-2023-2227 | 2023-04-21 | Improper Authorization in modoboa/modoboa |
| CVE-2023-2228 | 2023-04-21 | Cross-Site Request Forgery (CSRF) in modoboa/modoboa |
| CVE-2023-26100 | 2023-04-21 | In Progress Flowmon before 12.2.0, an application endpoint failed to... |
| CVE-2023-26101 | 2023-04-21 | In Progress Flowmon Packet Investigator before 12.1.0, a Flowmon user... |
| CVE-2023-26556 | 2023-04-21 | io.finnet tss-lib before 2.0.0 can leak a secret key via... |
| CVE-2023-26557 | 2023-04-21 | io.finnet tss-lib before 2.0.0 can leak the lambda value of... |
| CVE-2023-26876 | 2023-04-21 | SQL injection vulnerability found in Piwigo v.13.5.0 and before allows... |
| CVE-2023-29575 | 2023-04-21 | Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in... |
| CVE-2023-29905 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29906 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29907 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29908 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29909 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29910 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29911 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29912 | 2023-04-21 | H3C Magic R200 R200V100R004 was discovered to contain a stack... |
| CVE-2023-29913 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29914 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29915 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29916 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29917 | 2023-04-21 | H3C Magic R200 version R200V100R004 was discovered to contain a... |
| CVE-2023-29924 | 2023-04-21 | PowerJob V4.3.1 is vulnerable to Incorrect Access Control that allows... |
| CVE-2023-2204 | 2023-04-21 | Campcodes Retro Basketball Shoes Online Store faqs.php sql injection |
| CVE-2023-2205 | 2023-04-21 | Campcodes Retro Basketball Shoes Online Store login.php sql injection |
| CVE-2023-2206 | 2023-04-21 | Campcodes Retro Basketball Shoes Online Store contactus.php sql injection |
| CVE-2023-2207 | 2023-04-21 | Campcodes Retro Basketball Shoes Online Store contactus1.php sql injection |
| CVE-2023-2208 | 2023-04-21 | Campcodes Retro Basketball Shoes Online Store details.php sql injection |
| CVE-2023-2209 | 2023-04-21 | Campcodes Coffee Shop POS System view_details.php sql injection |
| CVE-2023-2210 | 2023-04-21 | Campcodes Coffee Shop POS System view_category.php sql injection |
| CVE-2023-2211 | 2023-04-21 | Campcodes Coffee Shop POS System manage_category.php sql injection |
| CVE-2023-2212 | 2023-04-21 | Campcodes Coffee Shop POS System view_product.php sql injection |
| CVE-2023-2213 | 2023-04-21 | Campcodes Coffee Shop POS System manage_product.php sql injection |
| CVE-2023-2214 | 2023-04-21 | Campcodes Coffee Shop POS System manage_sale.php sql injection |
| CVE-2023-2215 | 2023-04-21 | Campcodes Coffee Shop POS System manage_user.php sql injection |
| CVE-2023-2216 | 2023-04-21 | Campcodes Coffee Shop POS System Users.php cross site scripting |
| CVE-2023-2217 | 2023-04-21 | SourceCodester Task Reminder System manage_reminder.php sql injection |
| CVE-2023-2218 | 2023-04-21 | SourceCodester Task Reminder System manage_user.php sql injection |
| CVE-2023-2219 | 2023-04-21 | SourceCodester Task Reminder System Users.php cross site scripting |
| CVE-2023-2220 | 2023-04-21 | Dream Technology mica Form Object cross site scripting |
| CVE-2023-2226 | 2023-04-21 | Velociraptor crashes while parsing some malformed PE or OLE files. |
| CVE-2023-2231 | 2023-04-21 | MAXTECH MAX-G866ac Remote Management missing authentication |
| CVE-2023-1998 | 2023-04-21 | Spectre v2 SMT mitigations problem in Linux kernel |
| CVE-2023-30798 | 2023-04-21 | MultipartParser DOS with too many fields or files in Starlette Framework |
| CVE-2023-2139 | 2023-04-21 | Reflected Cross-site Scripting vulnerability affecting DELMIA Apriso Release 2017 through Release 2022 |
| CVE-2023-2140 | 2023-04-21 | Server-Side Request Forgery vulnerability affecting DELMIA Apriso Release 2017 through Release 2022 |
| CVE-2023-2141 | 2023-04-21 | Unsafe .NET object deserialization affecting DELMIA Apriso Release 2017 through Release 2022 |
| CVE-2023-30618 | 2023-04-21 | Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-Terraform |
| CVE-2023-30620 | 2023-04-21 | Arbitrary File Write when Extracting a Remotely retrieved Tarball in mindsdb/mindsdb |
| CVE-2023-30621 | 2023-04-21 | OS command injection in Gipsy |
| CVE-2023-2118 | 2023-04-21 | Insufficient access control in support ticket feature in Devolutions Server... |
| CVE-2023-29019 | 2023-04-21 | Session fixation in fastify-passport |
| CVE-2023-29020 | 2023-04-21 | Cross site request forgery token fixation in fastify-passport |
| CVE-2023-1875 | 2023-04-22 | Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq |
| CVE-2023-2239 | 2023-04-22 | Exposure of Private Personal Information to an Unauthorized Actor in microweber/microweber |
| CVE-2023-2240 | 2023-04-22 | Improper Privilege Management in microweber/microweber |
| CVE-2023-0184 | 2023-04-22 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2023-0190 | 2023-04-22 | NVIDIA GPU Display Driver for Linux contains a vulnerability in... |
| CVE-2023-0199 | 2023-04-22 | NVIDIA GPU Display Driver for Windows and Linux contains a... |
| CVE-2023-0200 | 2023-04-22 | NVIDIA DGX-2 contains a vulnerability in OFBD where a user... |
| CVE-2023-0201 | 2023-04-22 | NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a... |
| CVE-2023-0202 | 2023-04-22 | NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker... |
| CVE-2023-0203 | 2023-04-22 | NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the... |
| CVE-2023-0204 | 2023-04-22 | NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the... |
| CVE-2023-0205 | 2023-04-22 | NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the... |
| CVE-2023-0206 | 2023-04-22 | NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker... |
| CVE-2023-0207 | 2023-04-22 | NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may... |
| CVE-2023-0209 | 2023-04-22 | NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI... |
| CVE-2023-25505 | 2023-04-22 | NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler... |
| CVE-2023-25506 | 2023-04-22 | NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS,... |
| CVE-2023-25507 | 2023-04-22 | NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST... |
| CVE-2023-25508 | 2023-04-22 | NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler,... |
| CVE-2023-25509 | 2023-04-22 | NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may... |
| CVE-2023-25510 | 2023-04-22 | NVIDIA CUDA Toolkit SDK for Linux and Windows contains a... |