CVE List - 2023 / July
Showing 2201 - 2295 of 2295 CVEs for July 2023 (Page 23 of 23)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-4919 | 2023-07-28 | Use after free in Base Internals in Google Chrome prior... |
| CVE-2022-4920 | 2023-07-28 | Heap buffer overflow in Blink in Google Chrome prior to... |
| CVE-2022-4921 | 2023-07-28 | Use after free in Accessibility in Google Chrome prior to... |
| CVE-2022-4922 | 2023-07-28 | Inappropriate implementation in Blink in Google Chrome prior to 99.0.4844.51... |
| CVE-2022-4923 | 2023-07-28 | Inappropriate implementation in Omnibox in Google Chrome prior to 99.0.4844.51... |
| CVE-2022-4924 | 2023-07-28 | Use after free in WebRTC in Google Chrome prior to... |
| CVE-2022-4925 | 2023-07-28 | Insufficient validation of untrusted input in QUIC in Google Chrome... |
| CVE-2021-4316 | 2023-07-28 | Inappropriate implementation in Cast UI in Google Chrome prior to... |
| CVE-2021-4317 | 2023-07-28 | Use after free in ANGLE in Google Chrome prior to... |
| CVE-2021-4318 | 2023-07-28 | Object corruption in Blink in Google Chrome prior to 94.0.4606.54... |
| CVE-2021-4319 | 2023-07-28 | Use after free in Blink in Google Chrome prior to... |
| CVE-2021-4320 | 2023-07-28 | Use after free in Blink in Google Chrome prior to... |
| CVE-2021-4321 | 2023-07-28 | Policy bypass in Blink in Google Chrome prior to 91.0.4472.77... |
| CVE-2021-4322 | 2023-07-28 | Use after free in DevTools in Google Chrome prior to... |
| CVE-2021-4323 | 2023-07-28 | Insufficient validation of untrusted input in Extensions in Google Chrome... |
| CVE-2021-4324 | 2023-07-28 | Insufficient policy enforcement in Google Update in Google Chrome prior... |
| CVE-2022-4926 | 2023-07-28 | Insufficient policy enforcement in Intents in Google Chrome on Android... |
| CVE-2023-2311 | 2023-07-28 | Insufficient policy enforcement in File System API in Google Chrome... |
| CVE-2023-2313 | 2023-07-28 | Inappropriate implementation in Sandbox in Google Chrome on Windows prior... |
| CVE-2023-2314 | 2023-07-28 | Insufficient data validation in DevTools in Google Chrome prior to... |
| CVE-2023-36542 | 2023-07-29 | Apache NiFi: Potential Code Injection with Properties Referencing Remote Resources |
| CVE-2023-32225 | 2023-07-30 | Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type |
| CVE-2023-32226 | 2023-07-30 | Sysaid - CWE-552: Files or Directories Accessible to External Parties |
| CVE-2023-32227 | 2023-07-30 | Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials |
| CVE-2023-37213 | 2023-07-30 | Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection' |
| CVE-2023-37214 | 2023-07-30 | Heights Telecom ERO1xS-Pro Dual-Band WiFi command injection |
| CVE-2023-37215 | 2023-07-30 | JBL soundbar multibeam 5.1 - CWE-798: Use of Hard-coded Credentials |
| CVE-2023-37216 | 2023-07-30 | AnaSystem SensMini M4 – an authenticated user can cause Denial of Service |
| CVE-2023-37217 | 2023-07-30 | Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy |
| CVE-2023-37218 | 2023-07-30 | Tadiran Telecom Aeonix - CWE-22: Improper Limitation of a Pathname to a Restricted Directory |
| CVE-2023-37219 | 2023-07-30 | Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File |
| CVE-2020-21662 | 2023-07-31 | SQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to... |
| CVE-2020-21881 | 2023-07-31 | Cross Site Request Forgery (CSRF) vulnerability in admin.php in DuxCMS... |
| CVE-2020-36763 | 2023-07-31 | Cross Site Scripting (XSS) vulnerability in DuxCMS 2.1 allows remote... |
| CVE-2021-31651 | 2023-07-31 | Cross Site Scripting (XSS) vulnerability in neofarg-cms 0.2.3 allows remoate... |
| CVE-2021-31680 | 2023-07-31 | Deserialization of Untrusted Data vulnerability in yolo 5 allows attackers... |
| CVE-2021-31681 | 2023-07-31 | Deserialization of Untrusted Data vulnerability in yolo 3 allows attackers... |
| CVE-2022-42182 | 2023-07-31 | Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Directory Traversal. |
| CVE-2022-42183 | 2023-07-31 | Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Server-Side Request... |
| CVE-2023-33534 | 2023-07-31 | A Cross-Site Request Forgery (CSRF) in Guanzhou Tozed Kangwei Intelligent... |
| CVE-2023-34635 | 2023-07-31 | Wifi Soft Unibox Administration 3.0 and 3.1 is vulnerable to... |
| CVE-2023-34644 | 2023-07-31 | Remote code execution vulnerability in Ruijie Networks Product: RG-EW series... |
| CVE-2023-34842 | 2023-07-31 | Remote Code Execution vulnerability in DedeCMS through 5.7.109 allows remote... |
| CVE-2023-34872 | 2023-07-31 | A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows... |
| CVE-2023-34916 | 2023-07-31 | Fuge CMS v1.0 contains an Open Redirect vulnerability via /front/ProcessAct.java. |
| CVE-2023-34917 | 2023-07-31 | Fuge CMS v1.0 contains an Open Redirect vulnerability in member/RegisterAct.java. |
| CVE-2023-35861 | 2023-07-31 | A shell-injection vulnerability in email notifications on Supermicro motherboards (such... |
| CVE-2023-36089 | 2023-07-31 | Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows... |
| CVE-2023-36090 | 2023-07-31 | Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote attackers... |
| CVE-2023-36091 | 2023-07-31 | Authentication Bypass vulnerability in D-Link DIR-895 FW102b07 allows remote attackers... |
| CVE-2023-36092 | 2023-07-31 | Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers... |
| CVE-2023-37647 | 2023-07-31 | SEMCMS v1.5 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-37771 | 2023-07-31 | Art Gallery Management System v1.0 contains a SQL injection vulnerability... |
| CVE-2023-38303 | 2023-07-31 | An issue was discovered in Webmin 2.021. One can exploit... |
| CVE-2023-38304 | 2023-07-31 | An issue was discovered in Webmin 2.021. A Stored Cross-Site... |
| CVE-2023-38305 | 2023-07-31 | An issue was discovered in Webmin 2.021. The download functionality... |
| CVE-2023-38306 | 2023-07-31 | An issue was discovered in Webmin 2.021. A Cross-site Scripting... |
| CVE-2023-38307 | 2023-07-31 | An issue was discovered in Webmin 2.021. A Stored Cross-Site... |
| CVE-2023-38308 | 2023-07-31 | An issue was discovered in Webmin 2.021. A Cross-Site Scripting... |
| CVE-2023-38309 | 2023-07-31 | An issue was discovered in Webmin 2.021. A Reflected Cross-Site... |
| CVE-2023-38310 | 2023-07-31 | An issue was discovered in Webmin 2.021. A Stored Cross-Site... |
| CVE-2023-38311 | 2023-07-31 | An issue was discovered in Webmin 2.021. A Stored Cross-Site... |
| CVE-2023-38750 | 2023-07-31 | In Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41, 9... |
| CVE-2023-38989 | 2023-07-31 | An issue in the delete function in the UserController class... |
| CVE-2023-39122 | 2023-07-31 | BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport... |
| CVE-2023-3983 | 2023-07-31 | An authenticated SQL injection vulnerability exists in Advantech iView versions... |
| CVE-2023-35791 | 2023-07-31 | Vound Intella Connect 2.6.0.3 has an Open Redirect vulnerability. |
| CVE-2023-35792 | 2023-07-31 | Vound Intella Connect 2.6.0.3 is vulnerable to stored Cross-site Scripting... |
| CVE-2023-37580 | 2023-07-31 | Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS... |
| CVE-2023-4005 | 2023-07-31 | Insufficient Session Expiration in fossbilling/fossbilling |
| CVE-2023-4006 | 2023-07-31 | Improper Neutralization of Formula Elements in a CSV File in thorsten/phpmyfaq |
| CVE-2023-4007 | 2023-07-31 | Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq |
| CVE-2023-35019 | 2023-07-31 | IBM Security Verify Governance command execution |
| CVE-2023-35016 | 2023-07-31 | IBM Security Verify Governance path traversal |
| CVE-2022-43831 | 2023-07-31 | IBM Spectrum Scale privilege escalation |
| CVE-2023-22595 | 2023-07-31 | IBM B2B Advanced Communication cross-site scripting |
| CVE-2023-24971 | 2023-07-31 | IBM B2B Advanced Communication denial of service |
| CVE-2020-4868 | 2023-07-31 | IBM TRIRIGA information disclosure |
| CVE-2023-34358 | 2023-07-31 | ASUS RT-AX88U - Out-of-bounds Read - 1 |
| CVE-2023-34359 | 2023-07-31 | ASUS RT-AX88U - Out-of-bounds Read - 2 |
| CVE-2023-34360 | 2023-07-31 | ASUS RT-AX88U - Stored XSS |
| CVE-2022-4888 | 2023-07-31 | Multiple Plugins from Addify - Multiple CSRF |
| CVE-2023-0602 | 2023-07-31 | Twittee Text Tweet <= 1.0.8 - Reflected XSS |
| CVE-2023-3130 | 2023-07-31 | Short URL < 1.6.5 - Admin+ Cross Site Scripting |
| CVE-2023-3134 | 2023-07-31 | Forminator < 1.24.4 - Reflected XSS |
| CVE-2023-3292 | 2023-07-31 | Grid Kit Premium < 2.2.0 - Multiple Reflected Cross-Site Scripting |
| CVE-2023-3345 | 2023-07-31 | LMS by Masteriyo < 1.6.8 - Information Exposure |
| CVE-2023-3507 | 2023-07-31 | WooCommerce Pre-Orders < 2.0.3 - Arbitrary Pre-Order Canceling via CSRF |
| CVE-2023-3508 | 2023-07-31 | WooCommerce Pre-Orders < 2.0.3 - Unauthorised Actions via CSRF |
| CVE-2023-3817 | 2023-07-31 | Excessive time spent checking DH q parameter value |
| CVE-2023-3997 | 2023-07-31 | Unauthenticated Log Injection In Splunk SOAR |
| CVE-2023-4004 | 2023-07-31 | Kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove() |
| CVE-2023-4010 | 2023-07-31 | Kernel: usb: hcd: malformed usb descriptor leads to infinite loop in usb_giveback_urb() |
| CVE-2023-3462 | 2023-07-31 | Vault's LDAP Auth Method Allows for User Enumeration |
| CVE-2023-3825 | 2023-07-31 | PTC’s KEPServerEX Versions 6.0 to 6.14.263 are vulnerable to being... |