CVE List - 2023 / April
Showing 2201 - 2300 of 2302 CVEs for April 2023 (Page 23 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-28882 | 2023-04-28 | Trustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial... |
| CVE-2023-29815 | 2023-04-28 | mccms v2.6.3 is vulnerable to Cross Site Request Forgery (CSRF). |
| CVE-2023-30024 | 2023-04-28 | The MagicJack device, a VoIP solution for internet phone calls,... |
| CVE-2023-30123 | 2023-04-28 | wuzhicms v4.1.0 is vulnerable to Cross Site Scripting (XSS) in... |
| CVE-2023-30125 | 2023-04-28 | EyouCms V1.6.1-UTF8-sp1 is vulnerable to Cross Site Scripting (XSS). |
| CVE-2023-30405 | 2023-04-28 | A cross-site scripting (XSS) vulnerability in Aigital Wireless-N Repeater Mini_Router... |
| CVE-2023-30454 | 2023-04-28 | An issue was discovered in ebankIT before 7. Document Object... |
| CVE-2023-30455 | 2023-04-28 | An issue was discovered in ebankIT before 7. A Denial-of-Service... |
| CVE-2023-31444 | 2023-04-28 | In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices... |
| CVE-2023-31470 | 2023-04-28 | SmartDNS through 41 before 56d0332 allows an out-of-bounds write because... |
| CVE-2023-31483 | 2023-04-28 | tar/TarFileReader.cpp in Cauldron cbang before bastet-v8.1.17 has a directory traversal... |
| CVE-2023-31485 | 2023-04-28 | GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting... |
| CVE-2023-31486 | 2023-04-28 | HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and... |
| CVE-2023-27556 | 2023-04-28 | IBM Safer Payments denial of service |
| CVE-2020-4729 | 2023-04-28 | IBM Safer Payments denial of service |
| CVE-2023-27557 | 2023-04-28 | IBM Safter Payments information disclosure |
| CVE-2023-28528 | 2023-04-28 | IBM AIX command execution |
| CVE-2022-48481 | 2023-04-28 | In JetBrains Toolbox App before 1.28 a DYLIB injection on... |
| CVE-2023-30466 | 2023-04-28 | Authentication Bypass Vulnerability in Milesight Network Video Recorder (NVR) |
| CVE-2023-30467 | 2023-04-28 | Improper Authorization Vulnerability in Milesight Network Video Recorder (NVR) |
| CVE-2023-2363 | 2023-04-28 | SourceCodester Resort Reservation System view_room.php sql injection |
| CVE-2023-2364 | 2023-04-28 | SourceCodester Resort Reservation System registration.php cross site scripting |
| CVE-2023-2360 | 2023-04-28 | Sensitive information disclosure due to CORS misconfiguration. The following products... |
| CVE-2023-2365 | 2023-04-28 | SourceCodester Faculty Evaluation System sql injection |
| CVE-2023-2366 | 2023-04-28 | SourceCodester Faculty Evaluation System sql injection |
| CVE-2023-2367 | 2023-04-28 | SourceCodester Faculty Evaluation System manage_academic.php sql injection |
| CVE-2023-2368 | 2023-04-28 | SourceCodester Faculty Evaluation System sql injection |
| CVE-2023-2369 | 2023-04-28 | SourceCodester Faculty Evaluation System manage_restriction.php sql injection |
| CVE-2023-2370 | 2023-04-28 | SourceCodester Online DJ Management System GET Parameter manage_event.php sql injection |
| CVE-2023-2371 | 2023-04-28 | SourceCodester Online DJ Management System GET Parameter view_details.php sql injection |
| CVE-2023-2372 | 2023-04-28 | SourceCodester Online DJ Management System cross site scripting |
| CVE-2023-2373 | 2023-04-28 | Ubiquiti EdgeRouter X Web Management Interface command injection |
| CVE-2023-2374 | 2023-04-28 | Ubiquiti EdgeRouter X Web Management Interface command injection |
| CVE-2023-0834 | 2023-04-28 | Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce... |
| CVE-2023-1477 | 2023-04-28 | Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows Authentication... |
| CVE-2023-2375 | 2023-04-28 | Ubiquiti EdgeRouter X Web Management Interface command injection |
| CVE-2023-2376 | 2023-04-28 | Ubiquiti EdgeRouter X Web Management Interface command injection |
| CVE-2023-30853 | 2023-04-28 | Gradle Build Action data written to GitHub Actions Cache may expose secrets |
| CVE-2023-2377 | 2023-04-28 | Ubiquiti EdgeRouter X Web Management Interface command injection |
| CVE-2023-30854 | 2023-04-28 | WWBN AVideo vulnerable to OS Command Injection |
| CVE-2022-31643 | 2023-04-28 | A potential security vulnerability has been identified in the system... |
| CVE-2023-30856 | 2023-04-28 | eDEX-UI cross-site websocket hijacking vulnerability enables remote command execution |
| CVE-2023-27971 | 2023-04-28 | Certain HP LaserJet Pro print products are potentially vulnerable to... |
| CVE-2023-27972 | 2023-04-28 | Certain HP LaserJet Pro print products are potentially vulnerable to... |
| CVE-2023-2378 | 2023-04-28 | Ubiquiti EdgeRouter X Web Management Interface command injection |
| CVE-2023-27973 | 2023-04-28 | Certain HP LaserJet Pro print products are potentially vulnerable to... |
| CVE-2023-1526 | 2023-04-28 | Certain DesignJet and PageWide XL TAA compliant models may have... |
| CVE-2023-2379 | 2023-04-28 | Ubiquiti EdgeRouter X Web Service denial of service |
| CVE-2023-2380 | 2023-04-28 | Netgear SRX5308 denial of service |
| CVE-2023-2381 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2382 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-27864 | 2023-04-28 | IBM Maximo Asset Management HTML injection |
| CVE-2023-2383 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2384 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-25930 | 2023-04-28 | IBM Db2 denial of service |
| CVE-2023-29334 | 2023-04-28 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2023-27555 | 2023-04-28 | IBM Db2 denial of service |
| CVE-2023-2385 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-1966 | 2023-04-28 | CVE-2023-1966 |
| CVE-2023-1968 | 2023-04-28 | CVE-2023-1968 |
| CVE-2023-26021 | 2023-04-28 | IBM Db2 denial of service |
| CVE-2023-26022 | 2023-04-28 | IBM Db2 denial of service |
| CVE-2023-2386 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2387 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2388 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2389 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2390 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2391 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2392 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-30857 | 2023-04-28 | @aedart/support possibly vulnerable to prototype pollution in metadata record, when using meta decorator |
| CVE-2023-29058 | 2023-04-28 | A valid, authenticated XCC user with read-only permissions can modify... |
| CVE-2023-30858 | 2023-04-28 | Denosaurs emoji has ReDoS vulnerability in `replace` function |
| CVE-2023-29057 | 2023-04-28 | A valid XCC user's local account permissions overrides their active... |
| CVE-2023-2393 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2394 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-29056 | 2023-04-28 | A valid LDAP user, under specific conditions, will default to... |
| CVE-2023-25496 | 2023-04-28 | A privilege escalation vulnerability was reported in Lenovo Drivers Management... |
| CVE-2023-25495 | 2023-04-28 | A valid, authenticated administrative user can query a web interface... |
| CVE-2023-2395 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2396 | 2023-04-28 | Netgear SRX5308 Web Management Interface cross site scripting |
| CVE-2023-2397 | 2023-04-28 | SourceCodester Simple Mobile Comparison Website cross site scripting |
| CVE-2023-2408 | 2023-04-28 | SourceCodester AC Repair and Services System view.php sql injection |
| CVE-2023-2409 | 2023-04-28 | SourceCodester AC Repair and Services System view_service.php sql injection |
| CVE-2023-2410 | 2023-04-28 | SourceCodester AC Repair and Services System view_booking.php sql injection |
| CVE-2023-2411 | 2023-04-28 | SourceCodester AC Repair and Services System view_inquiry.php sql injection |
| CVE-2023-2412 | 2023-04-28 | SourceCodester AC Repair and Services System manage_user.php sql injection |
| CVE-2023-2426 | 2023-04-29 | Use of Out-of-range Pointer Offset in vim/vim |
| CVE-2023-2413 | 2023-04-29 | SourceCodester AC Repair and Services System manage_booking.php sql injection |
| CVE-2023-2417 | 2023-04-29 | ks-soft Advanced Host Monitor rma_active.exe unquoted search path |
| CVE-2023-2418 | 2023-04-29 | Konga Login API random values |
| CVE-2023-2419 | 2023-04-29 | Zhong Bang CRMEB SystemAttachmentServices.php videoUpload unrestricted upload |
| CVE-2023-2420 | 2023-04-29 | MLECMS common.func.php get_url sql injection |
| CVE-2023-2421 | 2023-04-29 | Control iD RHiD department cross site scripting |
| CVE-2022-41736 | 2023-04-29 | IBM Spectrum Scale Container Native Storage Access privilege escalation |
| CVE-2023-30792 | 2023-04-29 | Anchor tag hrefs in Lexical prior to v0.10.0 would render... |
| CVE-2022-43871 | 2023-04-29 | IBM Financial Transaction Manager for SWIFT Services cross-site scripting |
| CVE-2023-2424 | 2023-04-29 | DedeCMS config.php UpDateMemberModCache unrestricted upload |
| CVE-2023-2425 | 2023-04-29 | SourceCodester Simple Student Information System Add New Course cross site scripting |
| CVE-2023-30441 | 2023-04-29 | IBM Java information disclosure |
| CVE-2023-2428 | 2023-04-30 | Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq |