CVE List - 2023 / July
Showing 1301 - 1400 of 2295 CVEs for July 2023 (Page 14 of 23)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-24896 | 2023-07-14 | Dynamics 365 Finance Spoofing Vulnerability |
| CVE-2023-36836 | 2023-07-14 | Junos OS and Junos OS Evolved: In a MoFRR scenario an rpd core may be observed when a low privileged CLI command is executed |
| CVE-2023-36840 | 2023-07-14 | Junos OS and Junos OS Evolved: An rpd crash occurs when a specific L2VPN command is run |
| CVE-2023-36848 | 2023-07-14 | Junos OS: MX Series: The FPC will crash on receiving a malformed CFM packet |
| CVE-2023-36883 | 2023-07-14 | Microsoft Edge for iOS Spoofing Vulnerability |
| CVE-2023-36887 | 2023-07-14 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| CVE-2023-36888 | 2023-07-14 | Microsoft Edge for Android (Chromium-based) Tampering Vulnerability |
| CVE-2023-36849 | 2023-07-14 | Junos OS and Junos OS Evolved: The l2cpd will crash when a malformed LLDP packet is received |
| CVE-2023-36850 | 2023-07-14 | Junos OS: MX Series: An MPC will crash upon receipt of a malformed CFM packet. |
| CVE-2023-3633 | 2023-07-14 | Out of Bounds Memory Corruption Issue in CEVA Engine |
| CVE-2023-37474 | 2023-07-14 | Path traversal in copyparty |
| CVE-2023-37473 | 2023-07-14 | Limited code execution in zenstruck/collections |
| CVE-2023-37472 | 2023-07-14 | Query injection in Knowage server |
| CVE-2023-37464 | 2023-07-14 | Incorrect Authentication Tag length usage in AES GCM decryption in OpenIDC/cjose |
| CVE-2023-37462 | 2023-07-14 | Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in org.xwiki.platform:xwiki-platform-skin-ui |
| CVE-2023-37268 | 2023-07-14 | User login confusion with SSO in warpgate |
| CVE-2023-34236 | 2023-07-14 | Information Disclosure Vulnerability in Weave GitOps Terraform Controller |
| CVE-2023-36466 | 2023-07-14 | Topic Title Validation Skipped When Changing Category in Discourse |
| CVE-2023-36818 | 2023-07-14 | Denial of service via User Custom Sidebar Section Unlimited Link Creation in discourse |
| CVE-2021-31294 | 2023-07-15 | Redis before 6cbea7d allows a replica to cause an assertion... |
| CVE-2023-35802 | 2023-07-15 | IQ Engine before 10.6r1 on Extreme Network AP devices has... |
| CVE-2023-38349 | 2023-07-15 | PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller.... |
| CVE-2023-38350 | 2023-07-15 | PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller... |
| CVE-2023-3678 | 2023-07-15 | SourceCodester AC Repair and Services System HTTP POST Request sql injection |
| CVE-2023-3679 | 2023-07-15 | SourceCodester Lost and Found Information System HTTP POST Request sql injection |
| CVE-2023-3680 | 2023-07-15 | SourceCodester Lost and Found Information System HTTP POST Request sql injection |
| CVE-2023-3681 | 2023-07-15 | Campcodes Retro Cellphone Online Store modal_add_product.php cross site scripting |
| CVE-2023-3682 | 2023-07-15 | Nesote Inout Blockchain EasyPayments POST Parameter getcoinaddress sql injection |
| CVE-2023-2268 | 2023-07-15 | Plane v0.7.1 - Unauthorized access to files |
| CVE-2023-30791 | 2023-07-15 | Plane 0.7.1 - Insecure file upload |
| CVE-2023-2507 | 2023-07-15 | CleverTap Cordova Plugin 2.6.2 - Reflected XSS |
| CVE-2023-38378 | 2023-07-16 | The web interface on the RIGOL MSO5000 digital oscilloscope with... |
| CVE-2023-38379 | 2023-07-16 | The web interface on the RIGOL MSO5000 digital oscilloscope with... |
| CVE-2023-3692 | 2023-07-16 | Unrestricted Upload of File with Dangerous Type in admidio/admidio |
| CVE-2023-3683 | 2023-07-16 | LivelyWorks Articart search cross site scripting |
| CVE-2023-3684 | 2023-07-16 | LivelyWorks Articart Base64 Encoding de_DE redirect |
| CVE-2023-3685 | 2023-07-16 | Nesote Inout Search Engine AI Edition index.php cross site scripting |
| CVE-2023-3686 | 2023-07-16 | Bylancer QuickAI OpenAI GET Parameter blog sql injection |
| CVE-2023-3687 | 2023-07-16 | Bylancer QuickVCard GET Parameter blog sql injection |
| CVE-2023-3688 | 2023-07-16 | Bylancer QuickJob GET Parameter sql injection |
| CVE-2023-3689 | 2023-07-16 | Bylancer QuickQR GET Parameter blog sql injection |
| CVE-2023-3690 | 2023-07-16 | Bylancer QuickOrder GET Parameter blog sql injection |
| CVE-2023-3691 | 2023-07-16 | layui HTML Attribute cross site scripting |
| CVE-2023-3693 | 2023-07-16 | SourceCodester Life Insurance Management System login.php sql injection |
| CVE-2023-30988 | 2023-07-16 | IBM i privilege escalation |
| CVE-2023-30989 | 2023-07-16 | IBM i privilege escalation |
| CVE-2023-3694 | 2023-07-16 | SourceCodester/projectworlds House Rental and Property Listing index.php sql injection |
| CVE-2023-35901 | 2023-07-16 | IBM Robotic Process Automation security bypass |
| CVE-2023-33857 | 2023-07-16 | IBM InfoSphere Information Server information disclosure |
| CVE-2021-37384 | 2023-07-17 | RCE (Remote Code Execution) vulnerability was found in some Furukawa... |
| CVE-2021-37386 | 2023-07-17 | Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3... |
| CVE-2022-30858 | 2023-07-17 | An issue was discovered in ngiflib 0.4. There is SEGV... |
| CVE-2023-28864 | 2023-07-17 | Progress Chef Infra Server before 15.7 allows a local attacker... |
| CVE-2023-31851 | 2023-07-17 | Cudy LT400 1.13.4 is has a cross-site scripting (XSS) vulnerability... |
| CVE-2023-31852 | 2023-07-17 | Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting (XSS)... |
| CVE-2023-31853 | 2023-07-17 | Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in... |
| CVE-2023-34669 | 2023-07-17 | TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in... |
| CVE-2023-35818 | 2023-07-17 | An issue was discovered on Espressif ESP32 3.0 (ESP32_rev300 ROM)... |
| CVE-2023-36656 | 2023-07-17 | Cross Site Scripting (XSS) vulnerability in Jaegertracing Jaeger UI before... |
| CVE-2023-37769 | 2023-07-17 | stress-test master commit e4c878 was discovered to contain a FPE... |
| CVE-2023-37770 | 2023-07-17 | faust commit ee39a19 was discovered to contain a stack overflow... |
| CVE-2023-37781 | 2023-07-17 | An issue in the emqx_sn plugin of EMQX v4.3.8 allows... |
| CVE-2023-37791 | 2023-07-17 | D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow... |
| CVE-2023-38403 | 2023-07-17 | iperf3 before 3.14 allows peers to cause an integer overflow... |
| CVE-2023-38404 | 2023-07-17 | The XPRTLD web application in Veritas InfoScale Operations Manager (VIOM)... |
| CVE-2023-38405 | 2023-07-17 | On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending... |
| CVE-2023-38409 | 2023-07-17 | An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the... |
| CVE-2023-38426 | 2023-07-17 | An issue was discovered in the Linux kernel before 6.3.4.... |
| CVE-2023-38428 | 2023-07-17 | An issue was discovered in the Linux kernel before 6.3.4.... |
| CVE-2023-38429 | 2023-07-17 | An issue was discovered in the Linux kernel before 6.3.4.... |
| CVE-2023-38430 | 2023-07-17 | An issue was discovered in the Linux kernel before 6.3.9.... |
| CVE-2023-38431 | 2023-07-17 | An issue was discovered in the Linux kernel before 6.3.8.... |
| CVE-2023-38432 | 2023-07-17 | An issue was discovered in the Linux kernel before 6.3.10.... |
| CVE-2023-38427 | 2023-07-17 | An issue was discovered in the Linux kernel before 6.3.8.... |
| CVE-2023-3696 | 2023-07-17 | Prototype Pollution in automattic/mongoose |
| CVE-2023-35012 | 2023-07-17 | IBM Db2 code execution |
| CVE-2023-3695 | 2023-07-17 | Campcodes Beauty Salon Management System add-product.php sql injection |
| CVE-2022-4952 | 2023-07-17 | OmniSharp csharp-language-server-protocol JSON Serializer SerializerBase.cs CreateSerializerSettings resource consumption |
| CVE-2023-2759 | 2023-07-17 | TAPHOME Improper Authentication in Core Platform |
| CVE-2023-2760 | 2023-07-17 | TAPHOME SQL Injection in Core Platform |
| CVE-2023-3700 | 2023-07-17 | Authorization Bypass Through User-Controlled Key in alextselegidis/easyappointments |
| CVE-2023-26512 | 2023-07-17 | Apache EventMesh RabbitMQ-Connector plugin allows RCE through deserialization of untrusted data |
| CVE-2023-34036 | 2023-07-17 | Forwarded header exploit with Spring HATEOAS on WebFlux |
| CVE-2023-27606 | 2023-07-17 | WordPress WP Reroute Email Plugin <= 1.4.6 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-22672 | 2023-07-17 | WordPress vSlider Multi Image Slider for WordPress Plugin <= 4.1.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-23646 | 2023-07-17 | WordPress Album Gallery – WordPress Gallery Plugin <= 1.4.9 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-23719 | 2023-07-17 | WordPress Premmerce Plugin <= 1.3.17 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-27424 | 2023-07-17 | WordPress Inactive User Deleter Plugin <= 1.59 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-2912 | 2023-07-17 | SiteManager Embedded service disruption |
| CVE-2023-3376 | 2023-07-17 | SQLi in Digital Strategys Zekiweb |
| CVE-2023-2959 | 2023-07-17 | Authentication Bypass by Primary Weakness in Oliva Expertise |
| CVE-2023-35038 | 2023-07-17 | WordPress WP PDF Generator Plugin <= 1.2.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-4023 | 2023-07-17 | 3DPrint < 3.5.6.9 - CSRF to arbitrary file downlad |
| CVE-2023-2329 | 2023-07-17 | WooCommerce Google Sheet Connector < 1.3.6 - Access Code Update via CSRF |
| CVE-2023-2579 | 2023-07-17 | InventoryPress <= 1.7 - Author+ Stored XSS |
| CVE-2023-3041 | 2023-07-17 | Autochat <= 1.1.7- Unauthenticated Stored XSS |
| CVE-2023-3186 | 2023-07-17 | Supsystic Popup < 1.10.19 - Prototype Pollution |
| CVE-2023-2636 | 2023-07-17 | AN_GradeBook <= 5.0.1 - Subscriber+ SQLi |
| CVE-2023-2143 | 2023-07-17 | Enable SVG, WebP & ICO Upload <= 1.0.3 - Author+ Stored XSS |
| CVE-2023-1893 | 2023-07-17 | Login Configurator <= 2.1 - Reflected Cross-Site Scripting |