CVE List - 2023 / April
Showing 2101 - 2200 of 2302 CVEs for April 2023 (Page 22 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-30846 | 2023-04-26 | typed-rest-client vulnerable to potential leak of authentication data to 3rd parties |
| CVE-2022-45876 | 2023-04-26 | CVE-2022-45876 |
| CVE-2023-1786 | 2023-04-26 | sensitive data exposure in cloud-init logs |
| CVE-2023-2297 | 2023-04-26 | The Profile Builder – User Profile & User Registration Forms... |
| CVE-2023-29489 | 2023-04-27 | An issue was discovered in cPanel before 11.109.9999.116. XSS can... |
| CVE-2022-25091 | 2023-04-27 | Infopop Ultimate Bulletin Board up to v5.47a was discovered to... |
| CVE-2022-31647 | 2023-04-27 | Docker Desktop before 4.6.0 on Windows allows attackers to delete... |
| CVE-2022-34292 | 2023-04-27 | Docker Desktop for Windows before 4.6.0 allows attackers to overwrite... |
| CVE-2022-37326 | 2023-04-27 | Docker Desktop for Windows before 4.6.0 allows attackers to delete... |
| CVE-2022-38730 | 2023-04-27 | Docker Desktop for Windows before 4.6 allows attackers to overwrite... |
| CVE-2022-47758 | 2023-04-27 | Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing... |
| CVE-2023-20852 | 2023-04-27 | aEnrich a+HRD - Deserialization of Untrusted Data |
| CVE-2023-20853 | 2023-04-27 | aEnrich a+HRD - Deserialization of Untrusted Data |
| CVE-2023-22901 | 2023-04-27 | ChangingTec MOTP - Path Traversal |
| CVE-2023-2322 | 2023-04-27 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2023-2323 | 2023-04-27 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2023-2327 | 2023-04-27 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2023-2328 | 2023-04-27 | Cross-site Scripting (XSS) - Generic in pimcore/pimcore |
| CVE-2023-2336 | 2023-04-27 | Path Traversal in pimcore/pimcore |
| CVE-2023-2338 | 2023-04-27 | SQL Injection in pimcore/pimcore |
| CVE-2023-2339 | 2023-04-27 | Cross-site Scripting (XSS) - Reflected in pimcore/pimcore |
| CVE-2023-2340 | 2023-04-27 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2023-2341 | 2023-04-27 | Cross-site Scripting (XSS) - Generic in pimcore/pimcore |
| CVE-2023-2342 | 2023-04-27 | Cross-site Scripting (XSS) - Reflected in pimcore/pimcore |
| CVE-2023-2343 | 2023-04-27 | Cross-site Scripting (XSS) - DOM in pimcore/pimcore |
| CVE-2023-24836 | 2023-04-27 | SUNNET CTMS - Path Traversal |
| CVE-2023-25292 | 2023-04-27 | Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version... |
| CVE-2023-25437 | 2023-04-27 | An issue was discovered in vTech VCS754 version 1.1.1.A before... |
| CVE-2023-26243 | 2023-04-27 | An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment... |
| CVE-2023-26244 | 2023-04-27 | An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment... |
| CVE-2023-26245 | 2023-04-27 | An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment... |
| CVE-2023-26246 | 2023-04-27 | An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment... |
| CVE-2023-28697 | 2023-04-27 | Moxa MiiNePort E1 - Broken Access Control |
| CVE-2023-28769 | 2023-04-27 | The buffer overflow vulnerability in the library “libclinkc.so” of the... |
| CVE-2023-28770 | 2023-04-27 | The sensitive information exposure vulnerability in the CGI “Export_Log” and... |
| CVE-2023-29471 | 2023-04-27 | Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug... |
| CVE-2023-29950 | 2023-04-27 | swfrender v0.9.2 was discovered to contain a heap buffer overflow... |
| CVE-2023-30338 | 2023-04-27 | Multiple stored cross-site scripting (XSS) vulnerabilities in Emlog Pro v2.0.3... |
| CVE-2023-30349 | 2023-04-27 | JFinal CMS v5.1.0 was discovered to contain a remote code... |
| CVE-2023-30380 | 2023-04-27 | An issue in the component /dialog/select_media.php of DedeCMS v5.7.107 allows... |
| CVE-2023-31285 | 2023-04-27 | An XSS issue was discovered in Serenity Serene (and StartSharp)... |
| CVE-2023-31286 | 2023-04-27 | An issue was discovered in Serenity Serene (and StartSharp) before... |
| CVE-2023-31287 | 2023-04-27 | An issue was discovered in Serenity Serene (and StartSharp) before... |
| CVE-2023-31290 | 2023-04-27 | Trust Wallet Core before 3.1.1, as used in the Trust... |
| CVE-2023-1778 | 2023-04-27 | Default Credential Vulnerability in GajShield Data Security Firewall |
| CVE-2023-2331 | 2023-04-27 | Bypassing hardening via Unquoted Service path vulnerability |
| CVE-2023-29255 | 2023-04-27 | IBM DB2 for Linux, UNIX and Windows denial of service |
| CVE-2023-30444 | 2023-04-27 | IBM Watson Machine Learning on Cloud Pak for Data server-side request forgery |
| CVE-2023-24966 | 2023-04-27 | IBM WebSphere Application Server cross-site scripting |
| CVE-2023-2344 | 2023-04-27 | SourceCodester Service Provider Management System HTTP POST Request sql injection |
| CVE-2023-2345 | 2023-04-27 | SourceCodester Service Provider Management System improper authorization |
| CVE-2023-30847 | 2023-04-27 | H2O vulnerable to read from uninitialized pointer in the reverse proxy handler |
| CVE-2023-2346 | 2023-04-27 | SourceCodester Service Provider Management System view_inquiry.php sql injection |
| CVE-2023-2347 | 2023-04-27 | SourceCodester Service Provider Management System manage_service.php sql injection |
| CVE-2023-2348 | 2023-04-27 | SourceCodester Service Provider Management System manage_user.php sql injection |
| CVE-2023-2349 | 2023-04-27 | SourceCodester Service Provider Management System index.php cross site scripting |
| CVE-2023-30848 | 2023-04-27 | Pimcore SQL Injection Vulnerability in Admin Search Find API |
| CVE-2023-2350 | 2023-04-27 | SourceCodester Service Provider Management System Users.php cross site scripting |
| CVE-2023-30849 | 2023-04-27 | Pimcore vulnerable to SQL Injection in Translation Export API |
| CVE-2023-30850 | 2023-04-27 | Pimcore SQL Injection Vulnerability in Admin Translations API |
| CVE-2023-30852 | 2023-04-27 | Pimcore Arbitrary File Read in Admin JS CSS files |
| CVE-2023-30624 | 2023-04-27 | Wasmtime has Undefined Behavior in Rust runtime functions |
| CVE-2023-2158 | 2023-04-27 | Impersonation through User-Controlled Token |
| CVE-2023-2335 | 2023-04-27 | Plaintext Password in Registry |
| CVE-2023-28261 | 2023-04-27 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2023-28286 | 2023-04-27 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| CVE-2023-2355 | 2023-04-27 | Local privilege escalation due to a DLL hijacking vulnerability. The... |
| CVE-2023-21712 | 2023-04-27 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| CVE-2023-27860 | 2023-04-27 | IBM Maximo Asset Management information disclosure |
| CVE-2023-1967 | 2023-04-27 | CVE-2023-1967 |
| CVE-2023-29150 | 2023-04-27 | CVE-2023-29150 |
| CVE-2023-29169 | 2023-04-27 | CVE-2023-29169 |
| CVE-2023-28384 | 2023-04-27 | CVE-2023-28384 |
| CVE-2023-28716 | 2023-04-27 | CVE-2023-28716 |
| CVE-2023-28400 | 2023-04-27 | CVE-2023-28400 |
| CVE-2023-28472 | 2023-04-28 | Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0... |
| CVE-2023-28473 | 2023-04-28 | Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0... |
| CVE-2023-28474 | 2023-04-28 | Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is... |
| CVE-2023-28475 | 2023-04-28 | Concrete CMS (previously concrete5) versions 8.5.12 and below, and versions... |
| CVE-2023-28476 | 2023-04-28 | Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is... |
| CVE-2023-28477 | 2023-04-28 | Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0... |
| CVE-2023-28819 | 2023-04-28 | Concrete CMS (previously concrete5) versions 8.5.12 and below, 9.0.0 through... |
| CVE-2023-31436 | 2023-04-28 | qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows... |
| CVE-2023-31484 | 2023-04-28 | CPAN.pm before 2.35 does not verify TLS certificates when downloading... |
| CVE-2020-21643 | 2023-04-28 | Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows attackers... |
| CVE-2020-23647 | 2023-04-28 | Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20,... |
| CVE-2022-38583 | 2023-04-28 | On versions of Sage 300 2017 - 2022 (6.4.x -... |
| CVE-2022-41397 | 2023-04-28 | The optional Web Screens and Global Search features for Sage... |
| CVE-2022-41398 | 2023-04-28 | The optional Global Search feature for Sage 300 through version... |
| CVE-2022-41399 | 2023-04-28 | The optional Web Screens feature for Sage 300 through version... |
| CVE-2022-41400 | 2023-04-28 | Sage 300 through 2022 uses a hard-coded 40-byte blowfish key... |
| CVE-2023-2356 | 2023-04-28 | Relative Path Traversal in mlflow/mlflow |
| CVE-2023-2361 | 2023-04-28 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2023-24269 | 2023-04-28 | An arbitrary file upload vulnerability in the plugin upload function... |
| CVE-2023-26781 | 2023-04-28 | SQL injection vulnerability in mccms 2.6 allows remote attackers to... |
| CVE-2023-26782 | 2023-04-28 | An issue discovered in mccms 2.6.1 allows remote attackers to... |
| CVE-2023-26813 | 2023-04-28 | SQL injection vulnerability in com.xnx3.wangmarket.plugin.dataDictionary.controller.DataDictionaryPluginController.java in wangmarket CMS 4.10 allows... |
| CVE-2023-28471 | 2023-04-28 | Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is... |
| CVE-2023-28820 | 2023-04-28 | Concrete CMS (previously concrete5) before 9.1 is vulnerable to stored... |
| CVE-2023-28821 | 2023-04-28 | Concrete CMS (previously concrete5) before 9.1 did not have a... |