CVE List - 2023 / August
Showing 401 - 500 of 2479 CVEs for August 2023 (Page 5 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-38928 | 2023-08-07 | Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi. |
| CVE-2023-38929 | 2023-08-07 | Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via the page parameter at /VirtualSer. |
| CVE-2023-38930 | 2023-08-07 | Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. |
| CVE-2023-38931 | 2023-08-07 | Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain... |
| CVE-2023-38932 | 2023-08-07 | Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function. |
| CVE-2023-38933 | 2023-08-07 | Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the... |
| CVE-2023-38934 | 2023-08-07 | Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function. |
| CVE-2023-38935 | 2023-08-07 | Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand... |
| CVE-2023-38936 | 2023-08-07 | Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow... |
| CVE-2023-38937 | 2023-08-07 | Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a... |
| CVE-2023-38938 | 2023-08-07 | Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter at /L7Im. |
| CVE-2023-38939 | 2023-08-07 | Tenda F1202 V1.2.0.9 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the mit_ssid parameter in the formWrlsafeset function. |
| CVE-2023-38940 | 2023-08-07 | Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. |
| CVE-2023-39550 | 2023-08-07 | Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function. |
| CVE-2023-39903 | 2023-08-07 | An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. The ismsnap component (in this specific case at /var/log/fujitsu/ServerViewSuite/ism/FirmwareManagement/FirmwareManagement.log) allows insecure collection and storage of authorization credentials in... |
| CVE-2023-27373 | 2023-08-07 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic... |
| CVE-2023-4193 | 2023-08-07 | SourceCodester Resort Reservation System view_fee.php sql injection |
| CVE-2023-33906 | 2023-08-07 | In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| CVE-2023-33907 | 2023-08-07 | In Contacts Service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges |
| CVE-2023-33908 | 2023-08-07 | In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges |
| CVE-2023-33909 | 2023-08-07 | In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| CVE-2023-33910 | 2023-08-07 | In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| CVE-2023-33911 | 2023-08-07 | In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| CVE-2023-33912 | 2023-08-07 | In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| CVE-2022-47350 | 2023-08-07 | In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed |
| CVE-2022-47351 | 2023-08-07 | In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed |
| CVE-2023-33913 | 2023-08-07 | In DRM/oemcrypto, there is a possible out of bounds write due to an incorrect calculation of buffer size.This could lead to remote escalation of privilege with System execution privileges needed |
| CVE-2023-20780 | 2023-08-07 | In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not... |
| CVE-2023-20781 | 2023-08-07 | In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is... |
| CVE-2023-20782 | 2023-08-07 | In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not... |
| CVE-2023-20783 | 2023-08-07 | In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20784 | 2023-08-07 | In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20785 | 2023-08-07 | In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20786 | 2023-08-07 | In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20787 | 2023-08-07 | In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2023-20788 | 2023-08-07 | In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2023-20789 | 2023-08-07 | In jpeg, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not... |
| CVE-2023-20790 | 2023-08-07 | In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-20793 | 2023-08-07 | In apu, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is... |
| CVE-2023-20795 | 2023-08-07 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20796 | 2023-08-07 | In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is... |
| CVE-2023-20797 | 2023-08-07 | In camera middleware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-20798 | 2023-08-07 | In pda, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-20800 | 2023-08-07 | In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2023-20801 | 2023-08-07 | In imgsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2023-20802 | 2023-08-07 | In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed... |
| CVE-2023-20803 | 2023-08-07 | In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed... |
| CVE-2023-20804 | 2023-08-07 | In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20805 | 2023-08-07 | In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20806 | 2023-08-07 | In hcp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20807 | 2023-08-07 | In dpe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20808 | 2023-08-07 | In OPTEE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20809 | 2023-08-07 | In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20810 | 2023-08-07 | In IOMMU, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed... |
| CVE-2023-20811 | 2023-08-07 | In IOMMU, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20812 | 2023-08-07 | In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-20813 | 2023-08-07 | In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-20814 | 2023-08-07 | In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20815 | 2023-08-07 | In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20816 | 2023-08-07 | In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20817 | 2023-08-07 | In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-20818 | 2023-08-07 | In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-0425 | 2023-08-07 | Buffer overflow in global memory region |
| CVE-2023-0426 | 2023-08-07 | Stack overflow in filename or in boundary |
| CVE-2023-32090 | 2023-08-07 | Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentials |
| CVE-2023-3896 | 2023-08-07 | A divide by zero issue existed in vim of OpenCloudOS Stream |
| CVE-2023-38392 | 2023-08-07 | WordPress Custom Field Template Plugin <= 2.5.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4147 | 2023-08-07 | Kernel: netfilter: nf_tables_newrule when adding a rule with nfta_rule_chain_id leads to use-after-free |
| CVE-2023-4194 | 2023-08-07 | Kernel: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid |
| CVE-2023-3650 | 2023-08-07 | Bubble Menu < 3.0.5 - Admin+ Stored XSS |
| CVE-2023-3492 | 2023-08-07 | WP Shopping Pages <= 1.14 - Stored XSS via CSRF |
| CVE-2023-3575 | 2023-08-07 | Quiz And Survey Master < 8.1.11 - Contributor+ Stored XSS |
| CVE-2023-3365 | 2023-08-07 | MultiParcels Shipping For WooCommerce < 1.14.14 - Subscriber+ Arbitrary Shipment Deletion |
| CVE-2023-3671 | 2023-08-07 | MultiParcels Shipping For WooCommerce < 1.15.4 - Reflected XSS |
| CVE-2023-3524 | 2023-08-07 | WPCode < 2.0.13.1 - Reflected XSS |
| CVE-2021-24916 | 2023-08-07 | Qubely < 1.8.6 - Unauthenticated Arbitrary E-mail Sending |
| CVE-2023-0604 | 2023-08-07 | WP Food Manager < 1.0.4 - Admin+ Stored XSS |
| CVE-2023-2843 | 2023-08-07 | MultiParcels Shipping For WooCommerce < 1.14.15 - Subscribers+ SQLi |
| CVE-2023-34477 | 2023-08-07 | Extension - braincert.com - SQLi in Virtual Classroom component for Joomla <= 1.6.0 |
| CVE-2023-34476 | 2023-08-07 | Extension - mooj.org - SQLi in Proforms Basic component for Joomla <= 1.6.0 |
| CVE-2023-23757 | 2023-08-07 | Extension - bestaddon.com - SQLi in BA Gallery component for Joomla <= 1.2.0 |
| CVE-2023-38045 | 2023-08-07 | Extension - admiror-design-studio.com - XSS in Admiror Gallery component for Joomla 5.0.0-5.2.0 |
| CVE-2023-23758 | 2023-08-07 | Extension - creative-solutions.net - SQLi in Creative Gallery component for Joomla <= 2.2.0 |
| CVE-2023-38044 | 2023-08-07 | Extension - hikashop.com - SQLi in HikaShop component for Joomla <= 4.7.2 |
| CVE-2023-38157 | 2023-08-07 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| CVE-2023-4012 | 2023-08-07 | Incomplete Internal State Distinction in ntpsec |
| CVE-2023-4199 | 2023-08-07 | SourceCodester Inventory Management System catagory_data.php sql injection |
| CVE-2023-39349 | 2023-08-07 | Sentry vulnerable to privilege escalation via ApiTokensEndpoint |
| CVE-2023-4200 | 2023-08-07 | SourceCodester Inventory Management System product_data.php. sql injection |
| CVE-2023-39363 | 2023-08-07 | Vyper incorrectly allocated named re-entrancy locks |
| CVE-2023-38704 | 2023-08-07 | import-in-the-middle allows unsanitized user controlled input in module generation |
| CVE-2023-4201 | 2023-08-07 | SourceCodester Inventory Management System ex_catagory_data.php sql injection |
| CVE-2023-39520 | 2023-08-07 | Cryptomator vulnerable to Local Elevation of Privileges |
| CVE-2023-39524 | 2023-08-07 | PrestaShop vulnerable to boolean SQL injection in search product in BO |
| CVE-2023-39525 | 2023-08-07 | PrestaShop vulnerable to path traversal |
| CVE-2023-39526 | 2023-08-07 | PrestaShopSQL manager vulnerability (potential RCE) |
| CVE-2023-39527 | 2023-08-07 | PrestaShop XSS vulnerability through Validate::isCleanHTML method |
| CVE-2023-39528 | 2023-08-07 | PrestaShop vulnerable to file reading through path traversal |
| CVE-2023-39529 | 2023-08-07 | PrestaShop vulnerable to file deletion via attachment API |
| CVE-2023-39530 | 2023-08-07 | PrestaShop vulnerable to file deletion via CustomerMessage |