CVE List - 2023 / August
Showing 2001 - 2100 of 2479 CVEs for August 2023 (Page 21 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-32516 | 2023-08-24 | WordPress Restaurant Menu – Food Ordering System – Table Reservation Plugin <= 2.3.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34040 | 2023-08-24 | Java Deserialization vulnerability in Spring-Kafka When Improperly Configured |
| CVE-2023-40371 | 2023-08-24 | IBM AIX information disclosure |
| CVE-2022-46884 | 2023-08-24 | A potential use-after-free vulnerability existed in SVG Images if the... |
| CVE-2023-40706 | 2023-08-24 | Improper Restriction of Excessive Authentication Attempts in OPTO 22 SNAP PAC S1 Built-in Web Server |
| CVE-2023-40707 | 2023-08-24 | Weak password requirements in OPTO 22 SNAP PAC S1 Built-in Web Server |
| CVE-2023-40708 | 2023-08-24 | Improper Access Control in OPTO 22 SNAP PAC S1 |
| CVE-2023-40709 | 2023-08-24 | Uncontrolled Resource Consumption in OPTO 22 SNAP PAC S1 Built-In Web Server |
| CVE-2023-40710 | 2023-08-24 | An adversary could cause a continuous restart loop to the... |
| CVE-2023-34971 | 2023-08-24 | QTS, QuTS hero |
| CVE-2023-34972 | 2023-08-24 | QTS, QuTS hero and QuTScloud |
| CVE-2023-34973 | 2023-08-24 | QTS, QuTS hero |
| CVE-2023-4418 | 2023-08-24 | A remote unprivileged attacker can sent multiple packages to the... |
| CVE-2023-4419 | 2023-08-24 | The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized... |
| CVE-2023-4420 | 2023-08-24 | A remote unprivileged attacker can intercept the communication via e.g.... |
| CVE-2023-31412 | 2023-08-24 | The LMS5xx uses weak hash generation methods, resulting in the... |
| CVE-2023-32077 | 2023-08-24 | Netmaker has Hardcoded DNS Secret Key |
| CVE-2023-32078 | 2023-08-24 | Netmaker IDOR Vulnerability Allows User to Update Other User's Password |
| CVE-2023-32079 | 2023-08-24 | Netmaker Privilige Escalation Vulnerability |
| CVE-2023-37469 | 2023-08-24 | CasaOS Command Injection vulnerability |
| CVE-2023-38508 | 2023-08-24 | Tuleap allows preview of a linked artifact with a type does not respect permissions |
| CVE-2023-39521 | 2023-08-24 | Tuleap vulnerable to Cross-site Scripting on the success message of a kanban deletion |
| CVE-2023-39519 | 2023-08-24 | CloudExplorer Lite sensitive information leakage vulnerability |
| CVE-2023-40017 | 2023-08-24 | Geonode Server Side Request Forgery vulnerability |
| CVE-2023-40022 | 2023-08-24 | Rizin vulnerable to Integer Overflow in C++ demangler logic |
| CVE-2023-4508 | 2023-08-24 | Denial of Service in Gerbv |
| CVE-2023-40030 | 2023-08-24 | Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reports |
| CVE-2020-11711 | 2023-08-25 | An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored... |
| CVE-2021-27932 | 2023-08-25 | Stormshield Network Security (SNS) VPN SSL Client 2.1.0 through 2.8.0... |
| CVE-2023-24620 | 2023-08-25 | An issue was discovered in Esoteric YamlBeans through 1.15. A... |
| CVE-2023-24621 | 2023-08-25 | An issue was discovered in Esoteric YamlBeans through 1.15. It... |
| CVE-2023-34723 | 2023-08-25 | An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53,... |
| CVE-2023-36198 | 2023-08-25 | Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker... |
| CVE-2023-36199 | 2023-08-25 | An issue in skalenetwork sgxwallet v.1.9.0 and below allows an... |
| CVE-2023-37249 | 2023-08-25 | Infoblox NIOS through 8.5.1 has a faulty component that accepts... |
| CVE-2023-38710 | 2023-08-25 | An issue was discovered in Libreswan before 4.12. When an... |
| CVE-2023-38711 | 2023-08-25 | An issue was discovered in Libreswan before 4.12. When an... |
| CVE-2023-38712 | 2023-08-25 | An issue was discovered in Libreswan 3.x and 4.x before... |
| CVE-2023-38973 | 2023-08-25 | A stored cross-site scripting (XSS) vulnerability in the Add Tag... |
| CVE-2023-38974 | 2023-08-25 | A stored cross-site scripting (XSS) vulnerability in the Edit Category... |
| CVE-2023-39287 | 2023-08-25 | A vulnerability in the Edge Gateway component of Mitel MiVoice... |
| CVE-2023-39288 | 2023-08-25 | A vulnerability in the Connect Mobility Router component of Mitel... |
| CVE-2023-39289 | 2023-08-25 | A vulnerability in the Connect Mobility Router component of Mitel... |
| CVE-2023-39290 | 2023-08-25 | A vulnerability in the Edge Gateway component of Mitel MiVoice... |
| CVE-2023-39291 | 2023-08-25 | A vulnerability in the Connect Mobility Router component of MiVoice... |
| CVE-2023-39600 | 2023-08-25 | IceWarp 11.4.6.0 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2023-39707 | 2023-08-25 | A stored cross-site scripting (XSS) vulnerability in Free and Open... |
| CVE-2023-39742 | 2023-08-25 | giflib v5.2.1 was discovered to contain a segmentation fault via... |
| CVE-2023-40217 | 2023-08-25 | An issue was discovered in Python before 3.8.18, 3.9.x before... |
| CVE-2023-40796 | 2023-08-25 | Phicomm k2 v22.6.529.216 was discovered to contain a command injection... |
| CVE-2023-40797 | 2023-08-25 | In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate... |
| CVE-2023-40798 | 2023-08-25 | In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do... |
| CVE-2023-40799 | 2023-08-25 | Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C... |
| CVE-2023-40800 | 2023-08-25 | The compare_parentcontrol_time function does not authenticate user input parameters, resulting... |
| CVE-2023-40801 | 2023-08-25 | The sub_451784 function does not validate the parameters entered by... |
| CVE-2023-40802 | 2023-08-25 | The get_parentControl_list_Info function does not verify the parameters entered by... |
| CVE-2023-40915 | 2023-08-25 | Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected... |
| CVE-2023-41121 | 2023-08-25 | Array AG OS before 9.4.0.499 allows denial of service: remote... |
| CVE-2023-41167 | 2023-08-25 | @webiny/react-rich-text-renderer before 5.37.2 allows XSS attacks by content managers. This... |
| CVE-2023-41173 | 2023-08-25 | AdGuard DNS before 2.2 allows remote attackers to cause a... |
| CVE-2023-40577 | 2023-08-25 | Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint |
| CVE-2023-40570 | 2023-08-25 | Datasette 1.0 alpha series leaks names of databases and tables to unauthenticated users |
| CVE-2023-40182 | 2023-08-25 | silverware-io-issue-tracker server responds in a noticeably different amount of time depending if a given email address exists or not |
| CVE-2023-40179 | 2023-08-25 | Silverware Games vulnerable to account enumeration via inconsistent responses |
| CVE-2023-40599 | 2023-08-25 | Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform... |
| CVE-2023-4520 | 2023-08-25 | The FV Flowplayer Video Player plugin for WordPress is vulnerable... |
| CVE-2023-40530 | 2023-08-25 | Improper authorization in handler for custom URL scheme issue in... |
| CVE-2023-32755 | 2023-08-25 | e-Excellence U-Office Force - Error Message Leakage |
| CVE-2023-32756 | 2023-08-25 | e-Excellence U-Office Force - Path Traversal |
| CVE-2023-32757 | 2023-08-25 | e-Excellence U-Office Force - Arbitrary File Upload |
| CVE-2023-3425 | 2023-08-25 | CVE-2023-3425: Out-of-Bounds memory read |
| CVE-2023-3406 | 2023-08-25 | Path traversal issue in M-Files Classic Web |
| CVE-2023-32518 | 2023-08-25 | WordPress WP Chinese Conversion Plugin <= 1.1.16 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32576 | 2023-08-25 | WordPress Locatoraid Store Locator Plugin <= 3.9.18 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32577 | 2023-08-25 | WordPress DevBuddy Twitter Feed Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32584 | 2023-08-25 | WordPress eBecas Plugin <= 3.1.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32591 | 2023-08-25 | WordPress DBargain Plugin <= 3.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4478 | 2023-08-25 | Parameter tampering in the registration resulting in blocked accounts to be created |
| CVE-2023-25649 | 2023-08-25 | OS Command Injection Vulnerability in a Mobile Internet Product of ZTE |
| CVE-2023-25981 | 2023-08-25 | WordPress BuddyForms Plugin <= 2.8.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32595 | 2023-08-25 | WordPress Sunny Search Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32596 | 2023-08-25 | WordPress weebotLite Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-24394 | 2023-08-25 | WordPress iframe popup Plugin <= 3.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32575 | 2023-08-25 | WordPress Product page shipping calculator for WooCommerce Plugin <= 1.3.25 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32598 | 2023-08-25 | WordPress Featured Image Pro Post Grid Plugin <= 5.14 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32603 | 2023-08-25 | WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32797 | 2023-08-25 | WordPress video carousel slider with lightbox Plugin <= 1.0.22 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-41248 | 2023-08-25 | In JetBrains TeamCity before 2023.05.3 stored XSS was possible during... |
| CVE-2023-41249 | 2023-08-25 | In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during... |
| CVE-2023-41250 | 2023-08-25 | In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during... |
| CVE-2023-4534 | 2023-08-25 | NeoMind Fusion Platform Link cross site scripting |
| CVE-2022-4452 | 2023-08-25 | Insufficient data validation in crosvm in Google Chrome prior to... |
| CVE-2023-38201 | 2023-08-25 | Keylime: challenge-response protocol bypass during agent registration |
| CVE-2019-13690 | 2023-08-25 | Inappropriate implementation in OS in Google Chrome on ChromeOS prior... |
| CVE-2019-13689 | 2023-08-25 | Inappropriate implementation in OS in Google Chrome on ChromeOS prior... |
| CVE-2023-25848 | 2023-08-25 | BUG-000158039 - There is an information disclosure issue in ArcGIS Server. |
| CVE-2023-40579 | 2023-08-25 | OpenFGA Authorization Bypass |
| CVE-2023-40031 | 2023-08-25 | Notepad++ vulnerable to heap buffer write overflow in Utf8_16_Read::convert |
| CVE-2023-40580 | 2023-08-25 | Freighter mnemonic phrase may be accessed by Javascript through a private API |
| CVE-2023-40036 | 2023-08-25 | Notepad++ global buffer read overflow in CharDistributionAnalysis::HandleOneChar |