CVE List - 2023 / September
Showing 1 - 100 of 2148 CVEs for September 2023 (Page 1 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-22612 | 2023-09-01 | Installer RCE on settings file write in MyBB before 1.8.22. |
| CVE-2022-44349 | 2023-09-01 | NAVBLUE S.A.S N-Ops & Crew 22.5-rc.50 is vulnerable to Cross... |
| CVE-2022-46527 | 2023-09-01 | ELSYS ERS 1.5 Sound v2.3.8 was discovered to contain a... |
| CVE-2023-24674 | 2023-09-01 | Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers... |
| CVE-2023-24675 | 2023-09-01 | Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attackers to... |
| CVE-2023-28366 | 2023-09-01 | The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16... |
| CVE-2023-36076 | 2023-09-01 | SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows... |
| CVE-2023-36088 | 2023-09-01 | Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version... |
| CVE-2023-36100 | 2023-09-01 | An issue was discovered in IceCMS version 2.0.1, allows attackers... |
| CVE-2023-36187 | 2023-09-01 | Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows... |
| CVE-2023-36326 | 2023-09-01 | Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers... |
| CVE-2023-36327 | 2023-09-01 | Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, allows attackers... |
| CVE-2023-36328 | 2023-09-01 | Integer Overflow vulnerability in mp_grow in libtom libtommath before commit... |
| CVE-2023-37826 | 2023-09-01 | A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH... |
| CVE-2023-37827 | 2023-09-01 | A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH... |
| CVE-2023-37828 | 2023-09-01 | A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH... |
| CVE-2023-37829 | 2023-09-01 | A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH... |
| CVE-2023-37830 | 2023-09-01 | A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH... |
| CVE-2023-39582 | 2023-09-01 | SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows... |
| CVE-2023-39631 | 2023-09-01 | An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker... |
| CVE-2023-39685 | 2023-09-01 | An issue in hjson-java up to v3.0.0 allows attackers to... |
| CVE-2023-39703 | 2023-09-01 | A cross site scripting (XSS) vulnerability in the Markdown Editor... |
| CVE-2023-39710 | 2023-09-01 | Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source... |
| CVE-2023-39714 | 2023-09-01 | Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source... |
| CVE-2023-40239 | 2023-09-01 | Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE... |
| CVE-2023-40771 | 2023-09-01 | SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker... |
| CVE-2023-40968 | 2023-09-01 | Buffer Overflow vulnerability in hzeller timg v.1.5.1 and before allows... |
| CVE-2023-40969 | 2023-09-01 | Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable... |
| CVE-2023-40970 | 2023-09-01 | Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is... |
| CVE-2023-40980 | 2023-09-01 | File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows... |
| CVE-2023-41364 | 2023-09-01 | In tine through 2023.01.14.325, the sort parameter of the /index.php... |
| CVE-2023-41627 | 2023-09-01 | O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the source... |
| CVE-2023-41628 | 2023-09-01 | An issue in O-RAN Software Community E2 G-Release allows attackers... |
| CVE-2023-41633 | 2023-09-01 | Catdoc v0.95 was discovered to contain a NULL pointer dereference... |
| CVE-2023-4695 | 2023-09-01 | Use of Predictable Algorithm in Random Number Generator in pkp/pkp-lib |
| CVE-2023-4696 | 2023-09-01 | Improper Access Control in usememos/memos |
| CVE-2023-4698 | 2023-09-01 | Improper Input Validation in usememos/memos |
| CVE-2023-4697 | 2023-09-01 | Improper Privilege Management in usememos/memos |
| CVE-2023-4704 | 2023-09-01 | External Control of System or Configuration Setting in instantsoft/icms2 |
| CVE-2023-3915 | 2023-09-01 | Incorrect Execution-Assigned Permissions in GitLab |
| CVE-2023-3205 | 2023-09-01 | Inefficient Regular Expression Complexity in GitLab |
| CVE-2023-1555 | 2023-09-01 | Missing Authorization in GitLab |
| CVE-2023-1279 | 2023-09-01 | URL Redirection to Untrusted Site in GitLab |
| CVE-2023-0120 | 2023-09-01 | Incorrect Authorization in GitLab |
| CVE-2022-4343 | 2023-09-01 | Exposure of Sensitive Information to an Unauthorized Actor in GitLab |
| CVE-2023-4647 | 2023-09-01 | Allocation of Resources Without Limits or Throttling in GitLab |
| CVE-2023-4378 | 2023-09-01 | Insertion of Sensitive Information Into Sent Data in GitLab |
| CVE-2023-4018 | 2023-09-01 | Direct Request ('Forced Browsing') in GitLab |
| CVE-2023-3950 | 2023-09-01 | Cleartext Storage of Sensitive Information in GitLab |
| CVE-2023-3210 | 2023-09-01 | Inefficient Regular Expression Complexity in GitLab |
| CVE-2023-25477 | 2023-09-01 | WordPress Video Gallery Plugin <= 1.3.12 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-24412 | 2023-09-01 | WordPress Image Social Feed Plugin Plugin <= 1.7.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25042 | 2023-09-01 | WordPress oAuth Twitter Feed for Developers Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25044 | 2023-09-01 | WordPress Social Share Boost Plugin <= 4.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25488 | 2023-09-01 | WordPress WP Default Feature Image Plugin <= 1.0.1.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-37893 | 2023-09-01 | WordPress Coming Soon Chop Chop Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-37986 | 2023-09-01 | WordPress YourMembership Single Sign On Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34011 | 2023-09-01 | WordPress ShopConstruct Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-37994 | 2023-09-01 | WordPress Art Decoration Shortcode Plugin <= 1.5.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-22305 | 2023-09-01 | An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and... |
| CVE-2023-37997 | 2023-09-01 | WordPress Post List With Featured Image Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23763 | 2023-09-01 | Information disclosure in GitHub Enterprise Server leading to private repository leakage |
| CVE-2023-4720 | 2023-09-01 | Floating Point Comparison with Incorrect Operator in gpac/gpac |
| CVE-2023-4721 | 2023-09-01 | Out-of-bounds Read in gpac/gpac |
| CVE-2023-4722 | 2023-09-01 | Integer Overflow or Wraparound in gpac/gpac |
| CVE-2022-3407 | 2023-09-01 | I some cases, when the device is USB-tethered to a... |
| CVE-2023-4707 | 2023-09-01 | Infosoftbd Clcknshop all cross site scripting |
| CVE-2023-4708 | 2023-09-01 | Infosoftbd Clcknshop GET Parameter all sql injection |
| CVE-2023-41051 | 2023-09-01 | Default functions in VolatileMemory trait lack bounds checks in vm-memory |
| CVE-2023-4709 | 2023-09-01 | TOTVS RM Portal Login.aspx cross site scripting |
| CVE-2023-1523 | 2023-09-01 | Using the TIOCLINUX ioctl request, a malicious snap could inject... |
| CVE-2023-4710 | 2023-09-01 | TOTVS RM Portal cross site scripting |
| CVE-2023-4711 | 2023-09-01 | D-Link DAR-8000-10 decodmail.php os command injection |
| CVE-2023-4712 | 2023-09-01 | Xintian Smart Table Integrated Management System AddUpdateRole.aspx sql injection |
| CVE-2023-41049 | 2023-09-01 | Improper Neutralization of Script in Attributes in @dcl/single-sign-on-client |
| CVE-2023-41046 | 2023-09-01 | Velocity execution without script rights in Xwiki platform |
| CVE-2023-4713 | 2023-09-01 | IBOS OA addcomment addComment sql injection |
| CVE-2023-4714 | 2023-09-01 | PlayTube Redirect information disclosure |
| CVE-2023-3297 | 2023-09-01 | In Ubuntu's accountsservice an unprivileged local attacker can trigger a... |
| CVE-2023-4718 | 2023-09-02 | The Font Awesome 4 Menus plugin for WordPress is vulnerable... |
| CVE-2023-39979 | 2023-09-02 | MXsecurity Authentication Bypass |
| CVE-2023-39980 | 2023-09-02 | MXsecurity Authenticated Information Disclosure Due to SQL Injection |
| CVE-2023-39981 | 2023-09-02 | MXsecurity Device Information Disclosure |
| CVE-2023-39982 | 2023-09-02 | MXsecurity Hardcoded Credential |
| CVE-2023-39983 | 2023-09-02 | MXsecurity Register Database Pollution |
| CVE-2023-4734 | 2023-09-02 | Integer Overflow or Wraparound in vim/vim |
| CVE-2023-4735 | 2023-09-02 | Out-of-bounds Write in vim/vim |
| CVE-2023-4736 | 2023-09-02 | Untrusted Search Path in vim/vim |
| CVE-2023-4738 | 2023-09-02 | Heap-based Buffer Overflow in vim/vim |
| CVE-2023-38521 | 2023-09-03 | WordPress Exifography Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-38387 | 2023-09-03 | WordPress Elastic Email Sender Plugin <= 1.2.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-38518 | 2023-09-03 | WordPress Borderless Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-38517 | 2023-09-03 | WordPress WRC Pricing Tables Plugin <= 2.3.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-38516 | 2023-09-03 | WordPress Audio Player with Playlist Ultimate Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-38482 | 2023-09-03 | WordPress Post Affiliate Pro Plugin <= 1.25.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-38476 | 2023-09-03 | WordPress Client Portal : SuiteDash Direct Login Plugin <= 1.7.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-37220 | 2023-09-03 | Synel Terminals - CWE-494: Download of Code Without Integrity Check |
| CVE-2023-37221 | 2023-09-03 | 7Twenty BOT - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). |
| CVE-2023-37222 | 2023-09-03 | Farsight Tech Nordic AB ProVide |
| CVE-2023-3703 | 2023-09-03 | Proscend Advice ICR Series routers fw version 1.76 |