CVE List - 2023 / July
Showing 401 - 500 of 2295 CVEs for July 2023 (Page 5 of 23)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-3528 | 2023-07-06 | ThinuTech ThinuCMS category.php sql injection |
| CVE-2023-36456 | 2023-07-06 | Authentik lacks Proxy IP headers validation |
| CVE-2023-36459 | 2023-07-06 | Mastodon vulnerable to Cross-site Scripting through oEmbed preview cards |
| CVE-2023-3529 | 2023-07-06 | Rotem Dynamics Rotem CRM OTP URI Interface information exposure |
| CVE-2023-36460 | 2023-07-06 | Mastodon vulnerable to arbitrary file creation through media attachments |
| CVE-2023-36461 | 2023-07-06 | Mastodon vulnerable to Denial of Service through slow HTTP responses |
| CVE-2023-36462 | 2023-07-06 | Mastodon's verified profile links can be formatted in a misleading way |
| CVE-2023-3531 | 2023-07-06 | Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass |
| CVE-2023-35934 | 2023-07-06 | yt-dlp File Downloader cookie leak |
| CVE-2023-36829 | 2023-07-06 | Sentry CORS misconfiguration vulnerability |
| CVE-2023-20899 | 2023-07-06 | VMware SD-WAN (Edge) contains a bypass authentication vulnerability. An unauthenticated... |
| CVE-2023-36859 | 2023-07-06 | PiiGAB M-Bus Code Injection |
| CVE-2023-33868 | 2023-07-06 | PiiGAB M-Bus Improper Restriction of Excessive Authentication Attempts |
| CVE-2023-31277 | 2023-07-06 | PiiGAB M-Bus Unprotected Transport of Credentials |
| CVE-2023-35987 | 2023-07-06 | PiiGAB M-Bus Use of Hard-coded Credentials |
| CVE-2023-35765 | 2023-07-06 | PiiGAB M-Bus Plaintext Storage of a Password |
| CVE-2023-32652 | 2023-07-06 | PiiGAB M-Bus Cross-site Scripting |
| CVE-2023-34995 | 2023-07-06 | PiiGAB M-Bus Weak Password Requirements |
| CVE-2023-34433 | 2023-07-06 | PiiGAB M-Bus Use of Password Hash With Insufficient Computational Effort |
| CVE-2023-35120 | 2023-07-06 | PiiGAB M-Bus Cross-Site Request Forgery |
| CVE-2023-25201 | 2023-07-07 | Cross Site Request Forgery (CSRF) vulnerability in MultiTech Conduit AP... |
| CVE-2023-27845 | 2023-07-07 | SQL injection vulnerability found in PrestaShop lekerawen_ocs before v.1.4.1 allow... |
| CVE-2023-29998 | 2023-07-07 | A Cross-site scripting (XSS) vulnerability in the content editor in... |
| CVE-2023-33664 | 2023-07-07 | ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL... |
| CVE-2023-34197 | 2023-07-07 | Zoho ManageEngine ServiceDesk Plus before 14202, ServiceDesk Plus MSP before... |
| CVE-2023-36201 | 2023-07-07 | An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to... |
| CVE-2023-36256 | 2023-07-07 | The Online Examination System Project 1.0 version is vulnerable to... |
| CVE-2023-36992 | 2023-07-07 | PHP injection in TravianZ 8.3.4 and 8.3.3 in the config... |
| CVE-2023-36993 | 2023-07-07 | The cryptographically insecure random number generator being used in TravianZ... |
| CVE-2023-36994 | 2023-07-07 | In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the... |
| CVE-2023-37061 | 2023-07-07 | Chamilo 1.11.x up to 1.11.20 allows users with an admin... |
| CVE-2023-37062 | 2023-07-07 | Chamilo 1.11.x up to 1.11.20 allows users with admin privilege... |
| CVE-2023-37063 | 2023-07-07 | Chamilo 1.11.x up to 1.11.20 allows users with admin privilege... |
| CVE-2023-37064 | 2023-07-07 | Chamilo 1.11.x up to 1.11.20 allows users with admin privilege... |
| CVE-2023-37065 | 2023-07-07 | Chamilo 1.11.x up to 1.11.20 allows users with admin privilege... |
| CVE-2023-37066 | 2023-07-07 | Chamilo 1.11.x up to 1.11.20 allows users with admin privilege... |
| CVE-2023-37067 | 2023-07-07 | Chamilo 1.11.x up to 1.11.20 allows users with admin privilege... |
| CVE-2023-37144 | 2023-07-07 | Tenda AC10 v15.03.06.26 was discovered to contain a command injection... |
| CVE-2023-37145 | 2023-07-07 | TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection... |
| CVE-2023-37146 | 2023-07-07 | TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection... |
| CVE-2023-37148 | 2023-07-07 | TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection... |
| CVE-2023-37149 | 2023-07-07 | TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection... |
| CVE-2023-37170 | 2023-07-07 | TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote... |
| CVE-2023-37171 | 2023-07-07 | TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... |
| CVE-2023-37172 | 2023-07-07 | TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... |
| CVE-2023-37173 | 2023-07-07 | TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... |
| CVE-2023-37308 | 2023-07-07 | Zoho ManageEngine ADAudit Plus before 7100 allows XSS via the... |
| CVE-2023-35890 | 2023-07-07 | IBM WebSphere Application Server information disclosure |
| CVE-2023-3532 | 2023-07-07 | Cross-site Scripting (XSS) - Stored in outline/outline |
| CVE-2023-32183 | 2023-07-07 | Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed hawk2 package... |
| CVE-2023-33008 | 2023-07-07 | Apache Johnzon: Prevent inefficient internal conversion from BigDecimal at large scale |
| CVE-2020-8934 | 2023-07-07 | Site Kit by Google plugin for WordPress |
| CVE-2023-3534 | 2023-07-07 | SourceCodester Shopping Website check_availability.php sql injection |
| CVE-2023-3535 | 2023-07-07 | SimplePHPscripts FAQ Script PHP URL Parameter preview.php cross site scripting |
| CVE-2023-3536 | 2023-07-07 | SimplePHPscripts Funeral Script PHP URL Parameter preview.php cross site scripting |
| CVE-2023-3537 | 2023-07-07 | SimplePHPscripts News Script PHP Pro URL Parameter preview.php cross site scripting |
| CVE-2023-3538 | 2023-07-07 | SimplePHPscripts Photo Gallery PHP URL Parameter preview.php cross site scripting |
| CVE-2023-3539 | 2023-07-07 | SimplePHPscripts Simple Forum PHP URL Parameter preview.php cross site scripting |
| CVE-2023-3540 | 2023-07-07 | SimplePHPscripts NewsLetter Script PHP URL Parameter preview.php cross site scripting |
| CVE-2023-3541 | 2023-07-07 | ThinuTech ThinuCMS author_posts.php cross site scripting |
| CVE-2023-3542 | 2023-07-07 | ThinuTech ThinuCMS contact.php cross site scripting |
| CVE-2023-37264 | 2023-07-07 | Pipelines do not validate child UIDs |
| CVE-2023-3543 | 2023-07-07 | GZ Scripts Availability Booking Calendar PHP HTTP POST Request load.php cross site scripting |
| CVE-2023-3544 | 2023-07-07 | GZ Scripts Time Slot Booking Calendar PHP load.php cross site scripting |
| CVE-2021-33798 | 2023-07-07 | A null pointer dereference was found in libpano13, version libpano13-2.9.20.... |
| CVE-2021-33796 | 2023-07-07 | In MuJS before version 1.1.2, a use-after-free flaw in the... |
| CVE-2021-39014 | 2023-07-07 | IBM Cloud Object Storage System cross-site scripting |
| CVE-2021-32494 | 2023-07-07 | Radare2 has a division by zero vulnerability in Mach-O parser's... |
| CVE-2021-32495 | 2023-07-07 | Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function.... |
| CVE-2023-20133 | 2023-07-07 | A vulnerability in the web interface of Cisco Webex Meetings... |
| CVE-2023-20180 | 2023-07-07 | A vulnerability in the web interface of Cisco Webex Meetings... |
| CVE-2022-4361 | 2023-07-07 | Keycloak, an open-source identity and access management solution, has a... |
| CVE-2023-37261 | 2023-07-07 | OpenComputers's SSRF to cloud service metadata services and local IPv6 addresses not blocked by default |
| CVE-2023-37262 | 2023-07-07 | CC: Tweaked SSRF to Cloud Services Metadata Services not Blocked by Default |
| CVE-2023-37269 | 2023-07-07 | Winter CMS vulnerable to stored XSS through privileged upload of SVG file |
| CVE-2023-37270 | 2023-07-07 | Piwigo SQL Injection vulnerability in "User-Agent" |
| CVE-2023-32000 | 2023-07-07 | A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version... |
| CVE-2023-3551 | 2023-07-08 | Code Injection in nilsteampassnet/teampass |
| CVE-2023-3552 | 2023-07-08 | Improper Encoding or Escaping of Output in nilsteampassnet/teampass |
| CVE-2023-3553 | 2023-07-08 | Exposure of Sensitive Information to an Unauthorized Actor in nilsteampassnet/teampass |
| CVE-2023-3554 | 2023-07-08 | GZ Scripts GZ Forum Script preview.php cross site scripting |
| CVE-2023-3555 | 2023-07-08 | GZ Scripts PHP Vacation Rental Script preview.php cross site scripting |
| CVE-2023-3556 | 2023-07-08 | GZ Scripts Car Listing Script PHP preview.php cross site scripting |
| CVE-2023-3565 | 2023-07-08 | Cross-site Scripting (XSS) - Generic in nilsteampassnet/teampass |
| CVE-2023-3557 | 2023-07-08 | GZ Scripts Property Listing Script preview.php cross site scripting |
| CVE-2023-3558 | 2023-07-08 | GZ Scripts Event Booking Calendar load.php cross site scripting |
| CVE-2023-3559 | 2023-07-08 | GZ Scripts PHP GZ Appointment Scheduling Script load.php cross site scripting |
| CVE-2023-3560 | 2023-07-08 | GZ Scripts Ticket Booking Script load.php cross site scripting |
| CVE-2023-3561 | 2023-07-08 | GZ Scripts PHP GZ Hotel Booking Script load.php cross site scripting |
| CVE-2023-3562 | 2023-07-08 | GZ Scripts PHP CRM Platform index.php cross site scripting |
| CVE-2023-3563 | 2023-07-08 | GZ Scripts GZ E Learning Platform URL Parameter cross site scripting |
| CVE-2023-3564 | 2023-07-08 | GZ Scripts GZ Multi Hotel Booking System index.php cross site scripting |
| CVE-2023-3566 | 2023-07-08 | wallabag Profile Config config allocation of resources |
| CVE-2023-30447 | 2023-07-08 | IBM Db2 denial of service |
| CVE-2023-30446 | 2023-07-08 | IBM Db2 denial of service |
| CVE-2023-30448 | 2023-07-08 | IBM Db2 denial of service |
| CVE-2023-30445 | 2023-07-08 | IBM Db2 denial of service |
| CVE-2023-30449 | 2023-07-08 | IBM Db2 denial of service |
| CVE-2023-27869 | 2023-07-08 | IBM Db2 code execution |
| CVE-2023-27867 | 2023-07-08 | IBM Db2 code execution |