CVE List - 2023 / April

Showing 201 - 300 of 2302 CVEs for April 2023 (Page 3 of 24)

Back to List Previous Next

CVE ID	Date	Title
CVE-2023-28848	2023-04-04	CSRF protection on user_oidc login returned the expected token in case of an error
CVE-2023-28997	2023-04-04	Nextcloud Desktop: Initialization vector reuse in E2EE allows malicious server admin to break, manipulate, access files
CVE-2023-23870	2023-04-04	WordPress Responsive Vertical Icon Menu Plugin <= 1.5.8 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-28998	2023-04-04	Nextcloud Desktop client misbehaves with E2EE when the server returns empty list of metadata keys
CVE-2023-28999	2023-04-04	Nextcloud: Lack of authenticity of metadata keys allows a malicious server to gain access to E2EE folders
CVE-2023-29000	2023-04-04	Nextcloud Desktop client does not verify received singed certificate in end-to-end encryption
CVE-2023-23977	2023-04-04	WordPress Heateor Social Comments Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
CVE-2022-48435	2023-04-04	In JetBrains PhpStorm before 2023.1 source code could be logged...
CVE-2023-26437	2023-04-04	Deterred spoofing attempts can lead to authoritative servers being marked unavailable
CVE-2023-27487	2023-04-04	Envoy client may fake the header `x-envoy-original-path`
CVE-2023-1750	2023-04-04	CVE-2023-1750
CVE-2023-1751	2023-04-04	CVE-2023-1751
CVE-2023-1749	2023-04-04	CVE-2023-1749
CVE-2023-1752	2023-04-04	CVE-2023-1752
CVE-2023-1748	2023-04-04	CVE-2023-1748
CVE-2023-27488	2023-04-04	Envoy gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received.
CVE-2023-27491	2023-04-04	Envoy forwards invalid Http2/Http3 downstream headers
CVE-2023-27492	2023-04-04	Envoy may crash when a large request body is processed in Lua filter
CVE-2023-1840	2023-04-04	The Sp*tify Play Button for WordPress plugin for WordPress is...
CVE-2023-27493	2023-04-04	Envoy doesn't escape HTTP header values
CVE-2023-27496	2023-04-04	Envoy may crash when a redirect url without a state param is received in the oauth filter
CVE-2023-28842	2023-04-04	moby/moby's dockerd daemon encrypted overlay network with a single endpoint is unauthenticated
CVE-2023-28841	2023-04-04	moby/moby's dockerd daemon encrypted overlay network traffic may be unencrypted
CVE-2023-28840	2023-04-04	moby/moby's dockerd daemon encrypted overlay network may be unauthenticated
CVE-2023-28853	2023-04-04	Mastodon's blind LDAP injection in login allows the attacker to leak arbitrary attributes from LDAP database
CVE-2023-29003	2023-04-04	SvelteKit has Insufficient Cross-Site Request Forgery Protection
CVE-2023-1810	2023-04-04	Heap buffer overflow in Visuals in Google Chrome prior to...
CVE-2023-1811	2023-04-04	Use after free in Frames in Google Chrome prior to...
CVE-2023-1812	2023-04-04	Out of bounds memory access in DOM Bindings in Google...
CVE-2023-1813	2023-04-04	Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49...
CVE-2023-1814	2023-04-04	Insufficient validation of untrusted input in Safe Browsing in Google...
CVE-2023-1815	2023-04-04	Use after free in Networking APIs in Google Chrome prior...
CVE-2023-1816	2023-04-04	Incorrect security UI in Picture In Picture in Google Chrome...
CVE-2023-1817	2023-04-04	Insufficient policy enforcement in Intents in Google Chrome on Android...
CVE-2023-1818	2023-04-04	Use after free in Vulkan in Google Chrome prior to...
CVE-2023-1819	2023-04-04	Out of bounds read in Accessibility in Google Chrome prior...
CVE-2023-1820	2023-04-04	Heap buffer overflow in Browser History in Google Chrome prior...
CVE-2023-1821	2023-04-04	Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49...
CVE-2023-1822	2023-04-04	Incorrect security UI in Navigation in Google Chrome prior to...
CVE-2023-1823	2023-04-04	Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49...
CVE-2023-1838	2023-04-05	A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in...
CVE-2023-20021	2023-04-05	Cisco Identity Services Engine Privilege Escalation Vulnerabilities
CVE-2023-20022	2023-04-05	Cisco Identity Services Engine Privilege Escalation Vulnerabilities
CVE-2023-20023	2023-04-05	Cisco Identity Services Engine Privilege Escalation Vulnerabilities
CVE-2023-20030	2023-04-05	Cisco Identity Services Engine XML External Entity Injection Vulnerability
CVE-2023-20051	2023-04-05	Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability
CVE-2023-20068	2023-04-05	Cisco Prime Infrastructure Reflected Cross-Site Scripting Vulnerability
CVE-2023-20073	2023-04-05	Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Arbitrary File Upload Vulnerability
CVE-2023-20096	2023-04-05	Cisco Unified Contact Center Express Stored Cross-Site Scripting Vulnerability
CVE-2023-20102	2023-04-05	Cisco Secure Network Analytics Remote Code Execution Vulnerability
CVE-2023-20103	2023-04-05	Cisco Secure Network Analytics Remote Code Execution Vulnerability
CVE-2023-20117	2023-04-05	Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers Command Injection Vulnerabilities
CVE-2023-20121	2023-04-05	Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities
CVE-2023-20122	2023-04-05	Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities
CVE-2023-20123	2023-04-05	Cisco Duo Authentication for macOS and Duo Authentication for Windows Logon Offline Credentials Replay Vulnerability
CVE-2023-20124	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution Vulnerability
CVE-2023-20127	2023-04-05	Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities
CVE-2023-20128	2023-04-05	Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers Command Injection Vulnerabilities
CVE-2023-20129	2023-04-05	Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities
CVE-2023-20130	2023-04-05	Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities
CVE-2023-20131	2023-04-05	Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities
CVE-2023-20132	2023-04-05	Cisco Webex Meetings Web UI Vulnerabilities
CVE-2023-20134	2023-04-05	Cisco Webex Meetings Web UI Vulnerabilities
CVE-2023-20137	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20138	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20139	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20140	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20141	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20142	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20143	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20144	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20145	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20146	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20147	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20148	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20149	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20150	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20151	2023-04-05	Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
CVE-2023-20152	2023-04-05	Cisco Identity Services Engine Command Injection Vulnerabilities
CVE-2023-20153	2023-04-05	Cisco Identity Services Engine Command Injection Vulnerabilities
CVE-2023-25330	2023-04-05	A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows...
CVE-2022-31888	2023-04-05	Session Fixation vulnerability in in function login in class.auth.php in...
CVE-2022-31889	2023-04-05	Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins...
CVE-2022-31890	2023-04-05	SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit...
CVE-2022-3375	2023-04-05	An issue has been discovered in GitLab affecting all versions...
CVE-2022-3513	2023-04-05	An issue has been discovered in GitLab affecting all versions...
CVE-2023-0319	2023-04-05	An issue has been discovered in GitLab affecting all versions...
CVE-2023-0450	2023-04-05	An issue has been discovered in GitLab affecting all versions...
CVE-2023-0523	2023-04-05	An issue has been discovered in GitLab affecting all versions...
CVE-2023-0670	2023-04-05	Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator permissions to...
CVE-2023-0838	2023-04-05	An issue has been discovered in GitLab affecting versions starting...
CVE-2023-0842	2023-04-05	xml2js version 0.4.23 allows an external attacker to edit or...
CVE-2023-0944	2023-04-05	Bhima version 1.27.0 allows an authenticated attacker with regular user...
CVE-2023-0959	2023-04-05	Bhima version 1.27.0 allows a remote attacker to update the...
CVE-2023-0967	2023-04-05	Bhima version 1.27.0 allows an attacker authenticated with normal user...
CVE-2023-1071	2023-04-05	An issue has been discovered in GitLab affecting all versions...
CVE-2023-1098	2023-04-05	An information disclosure vulnerability has been discovered in GitLab EE/CE...
CVE-2023-1167	2023-04-05	Improper authorization in Gitlab EE affecting all versions from 12.3.0...
CVE-2023-1417	2023-04-05	An issue has been discovered in GitLab affecting all versions...
CVE-2023-1582	2023-04-05	A race problem was found in fs/proc/task_mmu.c in the memory...