CVE List - 2023 / May
Showing 1901 - 2000 of 2420 CVEs for May 2023 (Page 20 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-2881 | 2023-05-25 | Storing Passwords in a Recoverable Format in pimcore/customer-data-framework |
| CVE-2023-31594 | 2023-05-25 | IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control... |
| CVE-2023-31861 | 2023-05-25 | ZLMediaKit 4.0 is vulnerable to Directory Traversal. |
| CVE-2023-33263 | 2023-05-25 | In WFTPD 3.25, usernames and password hashes are stored in... |
| CVE-2023-33278 | 2023-05-25 | In the Store Commander scexportcustomers module for PrestaShop through 3.6.1,... |
| CVE-2023-33279 | 2023-05-25 | In the Store Commander scfixmyprestashop module through 2023-05-09 for PrestaShop,... |
| CVE-2023-33280 | 2023-05-25 | In the Store Commander scquickaccounting module for PrestaShop through 3.7.3,... |
| CVE-2023-33355 | 2023-05-25 | IceCMS v1.0.0 has Insecure Permissions. There is unauthorized access to... |
| CVE-2023-33356 | 2023-05-25 | IceCMS v1.0.0 is vulnerable to Cross Site Scripting (XSS). |
| CVE-2023-0950 | 2023-05-25 | Array Index UnderFlow in Calc Formula Parsing |
| CVE-2023-33750 | 2023-05-25 | A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allows... |
| CVE-2023-33751 | 2023-05-25 | A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allows... |
| CVE-2023-2734 | 2023-05-25 | The MStore API plugin for WordPress is vulnerable to authentication... |
| CVE-2023-2733 | 2023-05-25 | The MStore API plugin for WordPress is vulnerable to authentication... |
| CVE-2023-2732 | 2023-05-25 | The MStore API plugin for WordPress is vulnerable to authentication... |
| CVE-2022-46907 | 2023-05-25 | Apache JSPWiki: XSS Injection points in several plugins |
| CVE-2022-47135 | 2023-05-25 | WordPress Chronoforms Plugin <= 7.0.9 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-47139 | 2023-05-25 | WordPress WP Basic Elements Plugin <= 5.2.15 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-47138 | 2023-05-25 | WordPress LOGIN AND REGISTRATION ATTEMPTS LIMIT Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-47159 | 2023-05-25 | WordPress Logaster Logo Generator Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-2882 | 2023-05-25 | Privilege Escalation in CBOT's Chatbot |
| CVE-2023-2883 | 2023-05-25 | IDOR in CBOT's Chatbot |
| CVE-2023-2884 | 2023-05-25 | Insecure Randomness in CBOT's Chatbot |
| CVE-2022-47164 | 2023-05-25 | WordPress Event Manager for WooCommerce Plugin <= 3.7.7 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-2885 | 2023-05-25 | Channel Accessible by Non-Endpoint in CBOT's Chatbot |
| CVE-2023-2886 | 2023-05-25 | Cross-Site WebSocket Hijacking in CBOT's Chatbot |
| CVE-2022-46866 | 2023-05-25 | WordPress Import External Images Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-2887 | 2023-05-25 | User Authentication Bypass in CBOT's Chatbot |
| CVE-2022-46865 | 2023-05-25 | WordPress Bulk Resize Media Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-46812 | 2023-05-25 | WordPress Thank You Page Customizer for WooCommerce – Increase Your Sales Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-46800 | 2023-05-25 | WordPress LiteSpeed Cache Plugin <= 5.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-41635 | 2023-05-25 | WordPress Advanced Shipment Tracking for WooCommerce Plugin <= 3.5.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-47161 | 2023-05-25 | WordPress Health Check & Troubleshooting Plugin <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-47165 | 2023-05-25 | WordPress CoSchedule Plugin <= 3.3.8 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-47149 | 2023-05-25 | WordPress Shortlinks by Pretty Links Plugin <= 3.4.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-30484 | 2023-05-25 | WordPress Enable Accessibility Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-47177 | 2023-05-25 | WordPress WP EasyPay Plugin <= 4.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-45367 | 2023-05-25 | WordPress Custom Order Numbers for WooCommerce Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-41987 | 2023-05-25 | WordPress BadgeOS Plugin <= 3.7.1.6 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-43490 | 2023-05-25 | WordPress Stream Plugin <= 3.9.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-38356 | 2023-05-25 | WordPress Pearl Plugin <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-38716 | 2023-05-25 | WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-45371 | 2023-05-25 | WordPress ShopEngine Plugin <= 4.1.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-45815 | 2023-05-25 | WordPress GDPR Compliance & Cookie Consent Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-46820 | 2023-05-25 | WordPress Joli Table Of Contents Plugin <= 1.3.9 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-46814 | 2023-05-25 | WordPress Kodex Posts likes Plugin <= 2.4.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-46810 | 2023-05-25 | WordPress Thank You Page Customizer for WooCommerce – Increase Your Sales Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-46856 | 2023-05-25 | WordPress Woocommerce Product Designer Plugin <= 4.3.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-47144 | 2023-05-25 | WordPress Mediamatic – Media Library Folders Plugin <= 2.8.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-47136 | 2023-05-25 | WordPress Ninja Tables Plugin <= 4.3.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-47178 | 2023-05-25 | WordPress Simple Share Buttons Adder Plugin <= 8.4.7 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-45366 | 2023-05-25 | WordPress Slimstat Analytics Plugin <= 5.0.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47174 | 2023-05-25 | WordPress Performance Lab Plugin <= 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-2888 | 2023-05-25 | PHPOK unrestricted upload |
| CVE-2023-0459 | 2023-05-25 | Copy_from_user Spectre-V1 Gadget in Linux Kernel |
| CVE-2023-2480 | 2023-05-25 | Elevation of Privilege in M-Files Desktop Client |
| CVE-2023-2851 | 2023-05-25 | SQLi in Ceppatron |
| CVE-2023-2798 | 2023-05-25 | Denial of service in HtmlUnit |
| CVE-2023-22504 | 2023-05-25 | Affected versions of Atlassian Confluence Server allow remote attackers who... |
| CVE-2023-32694 | 2023-05-25 | Non-constant time HMAC comparison in Adyen plugin in Saleor |
| CVE-2023-30615 | 2023-05-25 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in iris-web |
| CVE-2023-30851 | 2023-05-25 | Potential HTTP policy bypass when using header rules in Cilium |
| CVE-2023-26216 | 2023-05-25 | TIBCO EBX Add-ons Arbitrary File Write |
| CVE-2023-26215 | 2023-05-25 | TIBCO EBX® Add-ons Path Traversal |
| CVE-2023-2900 | 2023-05-25 | NFine Rapid Development Platform CheckLogin weak hash |
| CVE-2023-31124 | 2023-05-25 | AutoTools does not set CARES_RANDOM_FILE during cross compilation |
| CVE-2023-2901 | 2023-05-25 | NFine Rapid Development Platform access control |
| CVE-2023-31130 | 2023-05-25 | Buffer Underwrite in ares_inet_net_pton() |
| CVE-2023-31147 | 2023-05-25 | Insufficient randomness in generation of DNS query IDs in c-ares |
| CVE-2023-2902 | 2023-05-25 | NFine Rapid Development Platform access control |
| CVE-2023-2903 | 2023-05-25 | NFine Rapid Development Platform access control |
| CVE-2023-32067 | 2023-05-25 | 0-byte UDP payload DoS in c-ares |
| CVE-2023-32074 | 2023-05-25 | Nextcloud user_oidc app is missing brute force protection |
| CVE-2021-46881 | 2023-05-26 | The video framework has memory overwriting caused by addition overflow.... |
| CVE-2021-46882 | 2023-05-26 | The video framework has memory overwriting caused by addition overflow.... |
| CVE-2021-46883 | 2023-05-26 | The video framework has memory overwriting caused by addition overflow.... |
| CVE-2021-46884 | 2023-05-26 | The video framework has memory overwriting caused by addition overflow.... |
| CVE-2021-46885 | 2023-05-26 | The video framework has memory overwriting caused by addition overflow.... |
| CVE-2021-46886 | 2023-05-26 | The video framework has memory overwriting caused by addition overflow.... |
| CVE-2021-46887 | 2023-05-26 | Lack of length check vulnerability in the HW_KEYMASTER module. Successful... |
| CVE-2022-46945 | 2023-05-26 | Nagvis before 1.9.34 was discovered to contain an arbitrary file... |
| CVE-2022-48478 | 2023-05-26 | The facial recognition TA of some products lacks memory length... |
| CVE-2022-48479 | 2023-05-26 | The facial recognition TA of some products has the out-of-bounds... |
| CVE-2022-48480 | 2023-05-26 | Integer overflow vulnerability in some phones. Successful exploitation of this... |
| CVE-2023-0116 | 2023-05-26 | The reminder module lacks an authentication mechanism for broadcasts received.... |
| CVE-2023-0117 | 2023-05-26 | The online authentication provided by the hwKitAssistant lacks strict identity... |
| CVE-2023-1664 | 2023-05-26 | A flaw was found in Keycloak. This flaw depends on... |
| CVE-2023-1667 | 2023-05-26 | A NULL pointer dereference was found In libssh during re-keying... |
| CVE-2023-1981 | 2023-05-26 | A vulnerability was found in the avahi library. This flaw... |
| CVE-2023-2002 | 2023-05-26 | A vulnerability was found in the HCI sockets implementation due... |
| CVE-2023-20868 | 2023-05-26 | NSX-T contains a reflected cross-site scripting vulnerability due to a... |
| CVE-2023-20882 | 2023-05-26 | In Cloud foundry routing release versions from 0.262.0 and prior... |
| CVE-2023-20883 | 2023-05-26 | In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11,... |
| CVE-2023-21514 | 2023-05-26 | Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior... |
| CVE-2023-21515 | 2023-05-26 | InstantPlay which included vulnerable script which could execute javascript in... |
| CVE-2023-21516 | 2023-05-26 | XSS vulnerability from InstantPlay in Galaxy Store prior to version... |
| CVE-2023-2283 | 2023-05-26 | A vulnerability was found in libssh, where the authentication check... |
| CVE-2023-22970 | 2023-05-26 | Bottles before 51.0 mishandles YAML load, which allows remote code... |
| CVE-2023-27311 | 2023-05-26 | NetApp Blue XP Connector versions prior to 3.9.25 expose information... |
| CVE-2023-2817 | 2023-05-26 | A post-authentication stored cross-site scripting vulnerability exists in Craft CMS... |