CVE List - 2023 / August
Showing 1501 - 1600 of 2479 CVEs for August 2023 (Page 16 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-26469 | 2023-08-17 | In Jorani 1.0.0, an attacker could leverage path traversal to... |
| CVE-2023-31492 | 2023-08-17 | Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the... |
| CVE-2023-31938 | 2023-08-17 | SQL injection vulnerability found in Online Travel Agency System v.1.0... |
| CVE-2023-31939 | 2023-08-17 | SQL injection vulnerability found in Online Travel Agency System v.1.0... |
| CVE-2023-31940 | 2023-08-17 | SQL injection vulnerability found in Online Travel Agency System v.1.0... |
| CVE-2023-31941 | 2023-08-17 | File Upload vulnerability found in Online Travel Agency System v.1.0... |
| CVE-2023-31942 | 2023-08-17 | Cross Site Scripting vulnerability found in Online Travel Agency System... |
| CVE-2023-31943 | 2023-08-17 | SQL injection vulnerability found in Online Travel Agency System v.1.0... |
| CVE-2023-31944 | 2023-08-17 | SQL injection vulnerability found in Online Travel Agency System v.1.0... |
| CVE-2023-31945 | 2023-08-17 | SQL injection vulnerability found in Online Travel Agency System v.1.0... |
| CVE-2023-31946 | 2023-08-17 | File Upload vulnerability found in Online Travel Agency System v.1.0... |
| CVE-2023-36106 | 2023-08-17 | An incorrect access control vulnerability in powerjob 4.3.2 and earlier... |
| CVE-2023-38838 | 2023-08-17 | SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote... |
| CVE-2023-38843 | 2023-08-17 | An issue in Atlos v.1.0 allows an authenticated attacker to... |
| CVE-2023-38902 | 2023-08-17 | A command injection vulnerability in RG-EW series home routers and... |
| CVE-2023-38905 | 2023-08-17 | SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a... |
| CVE-2023-39125 | 2023-08-17 | NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in... |
| CVE-2023-39741 | 2023-08-17 | lrzip v0.651 was discovered to contain a heap overflow via... |
| CVE-2023-39743 | 2023-08-17 | lrzip-next LZMA v23.01 was discovered to contain an access violation... |
| CVE-2023-33237 | 2023-08-17 | Authentication Bypass Without Administrator Privilege |
| CVE-2023-33238 | 2023-08-17 | Command-injection Vulnerability in Certificate Management |
| CVE-2023-25647 | 2023-08-17 | Permission and Access Control Vulnerability in Some ZTE Mobile Phones |
| CVE-2023-33239 | 2023-08-17 | Second Order Command-injection Vulnerability in the Key-generation Function |
| CVE-2023-34213 | 2023-08-17 | Second Order Command-injection Vulnerability in the Key-generation Function |
| CVE-2023-34214 | 2023-08-17 | Second Order Command-injection Vulnerability in the Certificate-generation Function |
| CVE-2023-4392 | 2023-08-17 | Control iD Gerencia Web Cookie cleartext storage |
| CVE-2023-4395 | 2023-08-17 | Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit |
| CVE-2023-34215 | 2023-08-17 | Second Order Command-injection Vulnerability in the Certificate-generation Function |
| CVE-2023-40281 | 2023-08-17 | EC-CUBE 2.11.0 to 2.17.2-p1 contain a cross-site scripting vulnerability in... |
| CVE-2023-34216 | 2023-08-17 | Second Order Command-injection Vulnerability in the Key-delete Function |
| CVE-2023-40252 | 2023-08-17 | Improper Control of Generation of Code ('Code Injection') vulnerability in... |
| CVE-2023-3244 | 2023-08-17 | The Comments Like Dislike plugin for WordPress is vulnerable to... |
| CVE-2023-34217 | 2023-08-17 | Second Order Command-injection Vulnerability in the Certificate-delete Function |
| CVE-2023-40251 | 2023-08-17 | Missing Encryption of Sensitive Data vulnerability in Genians Genian NAC... |
| CVE-2023-28622 | 2023-08-17 | WordPress Easy Slider Revolution Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28533 | 2023-08-17 | WordPress Cab Grid Plugin <= 1.5.15 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-30876 | 2023-08-17 | WordPress Dave's WordPress Live Search Plugin <= 4.8.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-30874 | 2023-08-17 | WordPress GPS Plotter Plugin <= 5.1.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-30877 | 2023-08-17 | WordPress XML for Google Merchant Center Plugin <= 3.0.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-31071 | 2023-08-17 | WordPress Modal Dialog Plugin <= 3.5.14 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-31076 | 2023-08-17 | WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2910 | 2023-08-17 | A Command injection vulnerability was found on Printer service of ADM |
| CVE-2023-3697 | 2023-08-17 | A Command injection vulnerability was found on Printer service of ADM |
| CVE-2023-3698 | 2023-08-17 | A Command injection vulnerability was found on Printer service of ADM |
| CVE-2023-29182 | 2023-08-17 | A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before... |
| CVE-2023-31074 | 2023-08-17 | WordPress Extensions for Leaflet Map Plugin <= 3.4.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-26530 | 2023-08-17 | WordPress Updraft Plugin <= 0.6.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-31091 | 2023-08-17 | WordPress Dynamically Register Sidebars Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4394 | 2023-08-17 | Memory leak in btrfs_get_dev_args_from_path() |
| CVE-2023-34412 | 2023-08-17 | Stored XXS vulnerability in mbnet, mbnet.rokey, REX 200 and REX 250 |
| CVE-2023-40272 | 2023-08-17 | Apache Airflow Spark Provider Arbitrary File Read via JDBC |
| CVE-2023-31079 | 2023-08-17 | WordPress Tippy Plugin <= 6.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-31072 | 2023-08-17 | WordPress Advanced Category Template Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28693 | 2023-08-17 | WordPress Advanced Youtube Channel Pagination Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28783 | 2023-08-17 | WordPress Woocommerce Tip/Donation Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2914 | 2023-08-17 | Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerabilitiy |
| CVE-2023-2915 | 2023-08-17 | Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability |
| CVE-2023-2917 | 2023-08-17 | Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability |
| CVE-2023-3078 | 2023-08-17 | An uncontrolled search path vulnerability was reported in the Lenovo... |
| CVE-2023-4028 | 2023-08-17 | A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver... |
| CVE-2023-4029 | 2023-08-17 | A buffer overflow has been identified in the BoardUpdateAcpiDxe driver... |
| CVE-2023-4030 | 2023-08-17 | A vulnerability was reported in BIOS for ThinkPad P14s Gen... |
| CVE-2023-34419 | 2023-08-17 | A buffer overflow has been identified in the SetupUtility driver... |
| CVE-2023-40165 | 2023-08-17 | Unauthorized gem replacement for full names ending in numbers on rubygems.org |
| CVE-2023-37914 | 2023-08-17 | Privilege escalation (PR)/RCE from account through Invitation subject/message |
| CVE-2023-40313 | 2023-08-17 | Disable BeanShell Interpreter Remote Server Mode |
| CVE-2023-40315 | 2023-08-17 | ROLE_FILESYSTEM_EDITOR Can Be Used To Escalate To ROLE_ADMIN |
| CVE-2023-40168 | 2023-08-17 | Malicious projects can read and upload arbitrary files from disk in TurboWarp Desktop |
| CVE-2023-36847 | 2023-08-17 | Junos OS: EX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload arbitrary files |
| CVE-2023-36844 | 2023-08-17 | Junos OS: EX Series: A PHP vulnerability in J-Web allows an unauthenticated attacker to control important environment variables |
| CVE-2023-36845 | 2023-08-17 | Junos OS: EX and SRX Series: A PHP vulnerability in J-Web allows an unauthenticated to control an important environment variable |
| CVE-2023-36846 | 2023-08-17 | Junos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload arbitrary files |
| CVE-2023-39970 | 2023-08-17 | Extension - acymailing.com - RCE in AcyMailing component for Joomla 6.7.0-8.5.0 |
| CVE-2023-39973 | 2023-08-17 | Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3 |
| CVE-2023-39972 | 2023-08-17 | Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3 |
| CVE-2023-39974 | 2023-08-17 | Extension - acymailing.com - Exposure of Sensitive Information in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3 |
| CVE-2023-39971 | 2023-08-17 | Extension - acymailing.com - XSS in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3 |
| CVE-2023-40171 | 2023-08-17 | Dispatch writes JWT tokens in error message |
| CVE-2023-28690 | 2023-08-17 | WordPress WP BrowserUpdate Plugin <= 4.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-27471 | 2023-08-18 | An issue was discovered in Insyde InsydeH2O with kernel 5.0... |
| CVE-2023-27576 | 2023-08-18 | An issue was discovered in phpList before 3.6.14. Due to... |
| CVE-2023-38839 | 2023-08-18 | SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote... |
| CVE-2023-38890 | 2023-08-18 | Online Shopping Portal Project 3.1 allows remote attackers to execute... |
| CVE-2023-38910 | 2023-08-18 | CSZ CMS 1.3.0 is vulnerable to cross-site scripting (XSS), which... |
| CVE-2023-38911 | 2023-08-18 | A Cross-Site Scripting (XSS) vulnerability in CSZ CMS 1.3.0 allows... |
| CVE-2023-39665 | 2023-08-18 | D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow... |
| CVE-2023-39666 | 2023-08-18 | D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows... |
| CVE-2023-39667 | 2023-08-18 | D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow... |
| CVE-2023-39668 | 2023-08-18 | D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow... |
| CVE-2023-39669 | 2023-08-18 | D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer... |
| CVE-2023-39670 | 2023-08-18 | Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow... |
| CVE-2023-39671 | 2023-08-18 | D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow... |
| CVE-2023-39672 | 2023-08-18 | Tenda WH450 v1.0.0.18 was discovered to contain a buffer overflow... |
| CVE-2023-39673 | 2023-08-18 | Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow... |
| CVE-2023-39674 | 2023-08-18 | D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow... |
| CVE-2023-4040 | 2023-08-18 | The Stripe Payment Plugin for WooCommerce plugin for WordPress is... |
| CVE-2023-30875 | 2023-08-18 | WordPress Logo Scheduler Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39415 | 2023-08-18 | Improper authentication vulnerability in Proself Enterprise/Standard Edition Ver5.61 and earlier,... |
| CVE-2023-39416 | 2023-08-18 | Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62... |
| CVE-2023-32626 | 2023-08-18 | Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all... |