CVE List - 2023 / July
Showing 1601 - 1700 of 2295 CVEs for July 2023 (Page 17 of 23)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-37733 | 2023-07-19 | An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers... |
| CVE-2023-37748 | 2023-07-19 | ngiflib commit 5e7292 was discovered to contain an infinite loop... |
| CVE-2023-3751 | 2023-07-19 | Super Store Finder POST Parameter index.php sql injection |
| CVE-2023-30433 | 2023-07-19 | IBM Security Verify Access HTTP open redirect |
| CVE-2023-35898 | 2023-07-19 | IBM InfoSphere Information Server information disclosure |
| CVE-2023-33832 | 2023-07-19 | IBM Storage Protect denial of service |
| CVE-2023-3765 | 2023-07-19 | Absolute Path Traversal in mlflow/mlflow |
| CVE-2023-35900 | 2023-07-19 | IBM Robotic Process Automation information disclosure |
| CVE-2023-29259 | 2023-07-19 | IBM Sterling Connect:Express for UNIX information disclosure |
| CVE-2023-29260 | 2023-07-19 | IBM Sterling Connect:Express for UNIX server-side request forgery |
| CVE-2021-38933 | 2023-07-19 | IBM Sterling Connect:Express for UNIX information disclosure |
| CVE-2023-3752 | 2023-07-19 | Creativeitem Academy LMS courses cross site scripting |
| CVE-2023-27877 | 2023-07-19 | IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure |
| CVE-2023-26023 | 2023-07-19 | IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure |
| CVE-2023-26026 | 2023-07-19 | IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure |
| CVE-2023-28513 | 2023-07-19 | IBM MQ denial of service |
| CVE-2022-43908 | 2023-07-19 | IBM Security Guardium denial of service |
| CVE-2023-3753 | 2023-07-19 | Creativeitem Mastery LMS browse cross site scripting |
| CVE-2022-43910 | 2023-07-19 | IBM Security Guardium privilege escalation |
| CVE-2023-3754 | 2023-07-19 | Creativeitem Ekushey Project Manager CRM xxxxxxxx[random-msg-hash] cross site scripting |
| CVE-2023-3755 | 2023-07-19 | Creativeitem Atlas Business Directory Listing filter_listings cross site scripting |
| CVE-2023-3756 | 2023-07-19 | Creativeitem Atlas Business Directory Listing search cross site scripting |
| CVE-2023-3757 | 2023-07-19 | GZ Scripts Car Rental Script cross site scripting |
| CVE-2023-3759 | 2023-07-19 | Intergard SGS permission |
| CVE-2023-3760 | 2023-07-19 | Intergard SGS Change Password denial of service |
| CVE-2023-32635 | 2023-07-19 | XBRL data create application version 7.0 and earlier improperly restricts... |
| CVE-2023-3761 | 2023-07-19 | Intergard SGS Password Change cleartext transmission |
| CVE-2023-3762 | 2023-07-19 | Intergard SGS sensitive information in memory |
| CVE-2023-3763 | 2023-07-19 | Intergard SGS SQL Query cleartext transmission |
| CVE-2023-28754 | 2023-07-19 | ShardingSphere-Agent: Deserialization vulnerability in ShardingSphere Agent |
| CVE-2023-3446 | 2023-07-19 | Excessive time spent checking DH keys and parameters |
| CVE-2023-33876 | 2023-07-19 | A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332... |
| CVE-2023-32664 | 2023-07-19 | A type confusion vulnerability exists in the Javascript checkThisBox method... |
| CVE-2023-33866 | 2023-07-19 | A use-after-free vulnerability exists in the JavaScript engine of Foxit... |
| CVE-2023-27379 | 2023-07-19 | A use-after-free vulnerability exists in the JavaScript engine of Foxit... |
| CVE-2023-28744 | 2023-07-19 | A use-after-free vulnerability exists in the JavaScript engine of Foxit... |
| CVE-2023-3463 | 2023-07-19 | GE Digital CIMPLICITY Heap-based Buffer Overflow |
| CVE-2023-34034 | 2023-07-19 | Using "**" as a pattern in Spring Security configuration for... |
| CVE-2023-3638 | 2023-07-19 | GeoVision GV-ADR2701 Improper Authentication |
| CVE-2023-30799 | 2023-07-19 | MikroTik RouterOS Administrator Privilege Escalation |
| CVE-2023-25838 | 2023-07-19 | BUG-000157278 – ArcGIS Insights has a security vulnerability. |
| CVE-2023-25839 | 2023-07-19 | BUG-000157278 – ArcGIS Insights has a security vulnerability - desktop |
| CVE-2023-32261 | 2023-07-19 | Dimensions CM Plugin for Jenkins 0.8.17 – 0.9.3 |
| CVE-2023-32262 | 2023-07-19 | Dimensions CM Plugin for Jenkins 0.8.17 – 0.9.3 |
| CVE-2023-32263 | 2023-07-19 | Dimensions CM Plugin for Jenkins 0.8.17 – 0.9.3 |
| CVE-2023-3519 | 2023-07-19 | Unauthenticated remote code execution |
| CVE-2023-3466 | 2023-07-19 | Reflected Cross-Site Scripting (XSS) |
| CVE-2023-3674 | 2023-07-19 | Keylime: attestation failure when the quote's signature does not validate |
| CVE-2023-3467 | 2023-07-19 | Privilege Escalation to root administrator (nsroot) |
| CVE-2023-37276 | 2023-07-19 | aiohttp vulnerable to HTTP request smuggling |
| CVE-2023-37899 | 2023-07-19 | feathersjs socket handler allows abusing implicit toString |
| CVE-2023-3722 | 2023-07-19 | Avaya Aura Device Services Remote Code Execution |
| CVE-2023-26217 | 2023-07-19 | TIBCO EBX Add-ons SQL Injection Vulnerability |
| CVE-2023-3782 | 2023-07-19 | DoS of the OkHttp client when using a BrotliInterceptor and surfing to a malicious web server, or when an attacker can perform MitM to inject a Brotli zip-bomb into an HTTP response |
| CVE-2023-35134 | 2023-07-19 | Weintek Weincloud Weak Password Recovery Mechanism for Forgotten Password |
| CVE-2023-34429 | 2023-07-19 | Weintek Weincloud Improper Handling of Structural Elements |
| CVE-2023-32657 | 2023-07-19 | Weintek Weincloud Improper Restriction of Excessive Authentication Attempts |
| CVE-2023-37362 | 2023-07-19 | Weintek Weincloud Improper Authentication |
| CVE-2023-34394 | 2023-07-19 | Keysight N6845A Relative Path Traversal |
| CVE-2023-36853 | 2023-07-19 | Keysight Geolocation Server Exposed Dangerous Method or Function |
| CVE-2023-3072 | 2023-07-19 | Nomad ACL Policies without Label are Applied to Unexpected Resources |
| CVE-2023-3299 | 2023-07-19 | Nomad Caller ACL Token's Secret ID is Exposed to Sentinel |
| CVE-2023-3300 | 2023-07-19 | Nomad Search API Leaks Information About CSI Plugins |
| CVE-2020-24275 | 2023-07-20 | A HTTP response header injection vulnerability in Swoole v4.5.2 allows... |
| CVE-2021-39425 | 2023-07-20 | SeedDMS v6.0.15 was discovered to contain an open redirect vulnerability.... |
| CVE-2021-45094 | 2023-07-20 | Imprivata Privileged Access Management (formally Xton Privileged Access Management) 2.3.202112051108... |
| CVE-2023-30200 | 2023-07-20 | In the module “Image: WebP, Compress, Zoom, Lazy load, Alt... |
| CVE-2023-31461 | 2023-07-20 | Attackers can exploit an open API listener on SteelSeries GG... |
| CVE-2023-31462 | 2023-07-20 | An issue was discovered in SteelSeries GG 36.0.0. An attacker... |
| CVE-2023-31753 | 2023-07-20 | SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an... |
| CVE-2023-34625 | 2023-07-20 | ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass.... |
| CVE-2023-37164 | 2023-07-20 | Diafan CMS v6.0 was discovered to contain a reflected cross-site... |
| CVE-2023-37165 | 2023-07-20 | Millhouse-Project v1.414 was discovered to contain a remote code execution... |
| CVE-2023-37600 | 2023-07-20 | Office Suite Premium Version v10.9.1.42602 was discovered to contain a... |
| CVE-2023-37601 | 2023-07-20 | Office Suite Premium v10.9.1.42602 was discovered to contain a local... |
| CVE-2023-37602 | 2023-07-20 | An arbitrary file upload vulnerability in the component /workplace#!explorer of... |
| CVE-2023-37645 | 2023-07-20 | eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability... |
| CVE-2023-37649 | 2023-07-20 | Incorrect access control in the component /models/Content of Cockpit CMS... |
| CVE-2023-37650 | 2023-07-20 | A Cross-Site Request Forgery (CSRF) in the Admin portal of... |
| CVE-2023-37728 | 2023-07-20 | IceWarp v10.2.1 was discovered to contain cross-site scripting (XSS) vulnerability... |
| CVE-2023-38334 | 2023-07-20 | Omnis Studio 10.22.00 has incorrect access control. It advertises an... |
| CVE-2023-38335 | 2023-07-20 | Omnis Studio 10.22.00 has incorrect access control. It advertises a... |
| CVE-2023-38408 | 2023-07-20 | The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has... |
| CVE-2023-38523 | 2023-07-20 | The web interface on multiple Samsung Harman AMX N-Series devices... |
| CVE-2023-38617 | 2023-07-20 | Office Suite Premium Version v10.9.1.42602 was discovered to contain a... |
| CVE-2022-28733 | 2023-07-20 | Integer underflow in grub_net_recv_ip4_packets |
| CVE-2022-28734 | 2023-07-20 | Out-of-bounds write when handling split HTTP headers |
| CVE-2022-28735 | 2023-07-20 | The GRUB2's shim_lock verifier allows non-kernel files to be loaded... |
| CVE-2022-28736 | 2023-07-20 | There's a use-after-free vulnerability in grub_cmd_chainloader() function |
| CVE-2022-28737 | 2023-07-20 | There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables |
| CVE-2023-37289 | 2023-07-20 | InfoDoc Document On-line Submission and Approval System - Arbitrary File Upload |
| CVE-2023-3779 | 2023-07-20 | The Essential Addons For Elementor plugin for WordPress is vulnerable... |
| CVE-2021-39822 | 2023-07-20 | Adobe InDesign BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-3783 | 2023-07-20 | Webile HTTP POST Request cross site scripting |
| CVE-2023-3784 | 2023-07-20 | Dooblou WiFi File Explorer cross site scripting |
| CVE-2023-3785 | 2023-07-20 | PaulPrinting CMS cross site scripting |
| CVE-2023-37290 | 2023-07-20 | InfoDoc Document On-line Submission and Approval System - Server-Side Request Forgery (SSRF) |
| CVE-2023-32481 | 2023-07-20 | Wyse Management Suite versions prior to 4.0 contain a denial-of-service... |
| CVE-2023-32482 | 2023-07-20 | Wyse Management Suite versions prior to 4.0 contain an improper... |
| CVE-2023-32483 | 2023-07-20 | Wyse Management Suite versions prior to 4.0 contain a sensitive... |