CVE List - 2023 / July
Showing 1201 - 1300 of 2295 CVEs for July 2023 (Page 13 of 23)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-34133 | 2023-07-13 | Improper Neutralization of Special Elements used in an SQL Command... |
| CVE-2023-34134 | 2023-07-13 | Exposure of sensitive information to an unauthorized actor vulnerability in... |
| CVE-2023-34135 | 2023-07-13 | Path Traversal vulnerability in SonicWall GMS and Analytics allows a... |
| CVE-2023-34136 | 2023-07-13 | Vulnerability in SonicWall GMS and Analytics allows unauthenticated attacker to... |
| CVE-2023-34137 | 2023-07-13 | SonicWall GMS and Analytics CAS Web Services application use static... |
| CVE-2023-37562 | 2023-07-13 | Cross-site request forgery (CSRF) vulnerability in exists in WTC-C1167GC-B v1.17... |
| CVE-2023-37563 | 2023-07-13 | ELECOM wireless LAN routers are vulnerable to sensitive information exposure,... |
| CVE-2023-37564 | 2023-07-13 | OS command injection vulnerability in ELECOM wireless LAN routers allows... |
| CVE-2023-37565 | 2023-07-13 | Code injection vulnerability in ELECOM wireless LAN routers allows a... |
| CVE-2023-37415 | 2023-07-13 | Apache Airflow Apache Hive Provider: Improper Input Validation in Hive Provider with proxy_user |
| CVE-2023-1547 | 2023-07-13 | SQLi in Elra Computers Parkmatik |
| CVE-2023-2957 | 2023-07-13 | SQLi in Lisa Softwares Florist Site |
| CVE-2023-3319 | 2023-07-13 | XSS in iDisplays PlatPlay DS |
| CVE-2023-35069 | 2023-07-13 | Path Traversal in Bullwark |
| CVE-2023-29449 | 2023-07-13 | Limited control of resource utilization in JS preprocessing |
| CVE-2023-29450 | 2023-07-13 | Unauthorized limited filesystem access from preprocessing |
| CVE-2023-29451 | 2023-07-13 | Denial of service caused by a bug in the JSON parser |
| CVE-2023-29452 | 2023-07-13 | Remove possibility to add html into Geomap attribution field |
| CVE-2023-29454 | 2023-07-13 | Persistent XSS in the user form |
| CVE-2023-29455 | 2023-07-13 | Reflected XSS in several fields of graph form |
| CVE-2023-29456 | 2023-07-13 | Inefficient URL schema validation |
| CVE-2023-29458 | 2023-07-13 | Duktape 2.6 bug crashes JavaScript putting too many values in valstack. |
| CVE-2023-29457 | 2023-07-13 | Insufficient validation of Action form input fields |
| CVE-2023-3657 | 2023-07-13 | SourceCodester AC Repair and Services System HTTP POST Request sql injection |
| CVE-2023-3658 | 2023-07-13 | SourceCodester AC Repair and Services System HTTP POST Request sql injection |
| CVE-2023-22435 | 2023-07-13 | Server bad parsing implementation - stack overflow in server::get_db_path_for_driver |
| CVE-2023-23585 | 2023-07-13 | Server DoS due to heap overflow |
| CVE-2023-24474 | 2023-07-13 | Server deserialization missing boundary checks - heap overflow in communication between server and controller |
| CVE-2023-24480 | 2023-07-13 | Controller stack overflow when decoding messages from the server |
| CVE-2023-25078 | 2023-07-13 | DoS due to heap overflow |
| CVE-2023-25178 | 2023-07-13 | Controller design flaw - unsigned firmware |
| CVE-2023-25770 | 2023-07-13 | Controller stack overflow on decoding messages from the server |
| CVE-2023-3659 | 2023-07-13 | SourceCodester AC Repair and Services System cross site scripting |
| CVE-2023-26597 | 2023-07-13 | Controller DOS on sending error response |
| CVE-2023-25948 | 2023-07-13 | Server Data type confusion - info leak |
| CVE-2023-2003 | 2023-07-13 | Embedded malicious code vulnerability in Unitronics Vision1210 |
| CVE-2023-3660 | 2023-07-13 | Campcodes Retro Cellphone Online Store add_user_modal.php cross site scripting |
| CVE-2023-3661 | 2023-07-13 | SourceCodester AC Repair and Services System sql injection |
| CVE-2023-35070 | 2023-07-13 | SQL in VegaGroup Web Collection |
| CVE-2023-37267 | 2023-07-13 | Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions |
| CVE-2022-24834 | 2023-07-13 | Heap overflow issue with the Lua cjson library used by Redis |
| CVE-2023-30559 | 2023-07-13 | Wireless Card Firmware Improperly Signed |
| CVE-2023-34458 | 2023-07-13 | mx-chain-go's relayed transactions always increment nonce |
| CVE-2023-30560 | 2023-07-13 | PCU Configuration Lacks Authentication |
| CVE-2023-30561 | 2023-07-13 | Lack of Cryptographic Security of IUI Bus |
| CVE-2023-30562 | 2023-07-13 | Lack of Dataset Integrity Checking |
| CVE-2023-30563 | 2023-07-13 | Stored Cross-Site Scripting on User Import Functionality |
| CVE-2023-30564 | 2023-07-13 | Stored Cross-Site Scripting on Device Import Functionality |
| CVE-2023-30565 | 2023-07-13 | CQI Data Sniffing |
| CVE-2023-37463 | 2023-07-13 | Quadratic complexity bugs may lead to a denial of service |
| CVE-2023-37468 | 2023-07-13 | Storing unencrypted LDAP passwords in feedbacksystem |
| CVE-2023-35945 | 2023-07-13 | Envoy vulnerable to HTTP/2 memory leak in nghttp2 codec |
| CVE-2023-36473 | 2023-07-13 | CSP nonce reuse vulnerability in Discourse |
| CVE-2023-37272 | 2023-07-13 | XSS vulnerability in JOC Cockpit branch 1.13 |
| CVE-2023-37273 | 2023-07-13 | Docker escape in Auto-GPT when running from docker-compose.yml included in git repo |
| CVE-2023-37274 | 2023-07-13 | Python code execution sandbox escape in non-docker version in Auto-GPT |
| CVE-2023-37275 | 2023-07-13 | System logs spoofable in Auto-GPT via ANSI control sequences |
| CVE-2023-37278 | 2023-07-13 | GLPI vulnerable to SQL injection via dashboard administration |
| CVE-2023-37466 | 2023-07-13 | vm2 Sandbox Escape vulnerability |
| CVE-2023-32759 | 2023-07-14 | An issue in Archer Platform before v.6.13 and fixed in... |
| CVE-2023-32760 | 2023-07-14 | An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6... |
| CVE-2023-32761 | 2023-07-14 | Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before... |
| CVE-2023-37223 | 2023-07-14 | Cross Site Scripting (XSS) vulnerability in Archer Platform before v.6.13... |
| CVE-2023-37224 | 2023-07-14 | An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6... |
| CVE-2023-37714 | 2023-07-14 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack... |
| CVE-2023-37715 | 2023-07-14 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack... |
| CVE-2023-37716 | 2023-07-14 | Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7... |
| CVE-2023-37717 | 2023-07-14 | Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7... |
| CVE-2023-37718 | 2023-07-14 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack... |
| CVE-2023-37719 | 2023-07-14 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack... |
| CVE-2023-37721 | 2023-07-14 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack... |
| CVE-2023-37722 | 2023-07-14 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack... |
| CVE-2023-37723 | 2023-07-14 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack... |
| CVE-2023-37793 | 2023-07-14 | WAYOS FBM-291W 19.09.11V was discovered to contain a buffer overflow... |
| CVE-2023-37794 | 2023-07-14 | WAYOS FBM-291W 19.09.11V was discovered to contain a command injection... |
| CVE-2023-38286 | 2023-07-14 | Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot... |
| CVE-2023-38325 | 2023-07-14 | The cryptography package before 41.0.2 for Python mishandles SSH certificates... |
| CVE-2023-38336 | 2023-07-14 | netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because... |
| CVE-2023-38337 | 2023-07-14 | rswag before 2.10.1 allows remote attackers to read arbitrary JSON... |
| CVE-2023-3668 | 2023-07-14 | Improper Encoding or Escaping of Output in froxlor/froxlor |
| CVE-2023-2082 | 2023-07-14 | The "Buy Me a Coffee – Button and Widget Plugin"... |
| CVE-2023-3513 | 2023-07-14 | RazerCentralService Unsafe Deserialization Escalation of Privilege |
| CVE-2023-3514 | 2023-07-14 | RazerCentralSerivce Unsafe Named Pipe Permission Escalation of Privilege Vulnerability |
| CVE-2023-3648 | 2023-07-14 | Mismatched Memory Management Routines in Wireshark |
| CVE-2023-3649 | 2023-07-14 | Buffer Over-read in Wireshark |
| CVE-2023-3672 | 2023-07-14 | Cross-site Scripting (XSS) - DOM in plaidweb/webmention.js |
| CVE-2023-2975 | 2023-07-14 | AES-SIV implementation ignores empty associated data entries |
| CVE-2023-3673 | 2023-07-14 | SQL Injection in pimcore/pimcore |
| CVE-2023-3433 | 2023-07-14 | Local Denial of Service in Jami |
| CVE-2023-3434 | 2023-07-14 | QRC Handler without Input Validation in Jami |
| CVE-2023-36831 | 2023-07-14 | Junos OS: SRX Series: jbuf memory leak when SSL Proxy and UTM Web-Filtering is applied |
| CVE-2023-36832 | 2023-07-14 | Junos OS: MX Series: PFE crash upon receipt of specific packet destined to an AMS interface |
| CVE-2023-35692 | 2023-07-14 | In getLocationCache of GeoLocation.java, there is a possible way to... |
| CVE-2023-36838 | 2023-07-14 | Junos OS: SRX Series: A flowd core occurs when running a low privileged CLI command |
| CVE-2023-28985 | 2023-07-14 | SRX Series and MX Series: An FPC core is observed when IDP is enabled on the device and a specific malformed SSL packet is received |
| CVE-2023-36833 | 2023-07-14 | Junos OS Evolved: PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202: The aftman-bt process will crash in a MoFRR scenario after multiple link flaps |
| CVE-2023-36834 | 2023-07-14 | Junos OS: SRX 4600 and SRX 5000 Series: The receipt of specific genuine packets by SRXes configured for L2 transparency will cause a DoS |
| CVE-2023-38252 | 2023-07-14 | W3m: out of bounds read in strnew_size() at w3m/str.c |
| CVE-2023-38253 | 2023-07-14 | W3m: out of bounds read in growbuf_to_str() at w3m/indep.c |
| CVE-2023-36835 | 2023-07-14 | Junos OS: QFX10000 Series: All traffic will be dropped after a specific valid IP packet has been received which needs to be routed over a VXLAN tunnel |