CVE List - 2023 / September
Showing 1001 - 1100 of 2148 CVEs for September 2023 (Page 11 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-38214 | 2023-09-13 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-38215 | 2023-09-13 | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) |
| CVE-2023-3935 | 2023-09-13 | Wibu: Buffer Overflow in CodeMeter Runtime |
| CVE-2023-39914 | 2023-09-13 | BER/CER/DER decoder panics on invalid input |
| CVE-2023-39915 | 2023-09-13 | Crashes on parsing certain invalid RPKI objects |
| CVE-2023-39916 | 2023-09-13 | Possible path traversal when storing RRDP responses |
| CVE-2023-4801 | 2023-09-13 | ITM MacOS Agent Improper Certificate Validation |
| CVE-2023-4802 | 2023-09-13 | ITM Server Cross-site Scripting in UpdateInstalledSoftware Endpoint |
| CVE-2023-4803 | 2023-09-13 | ITM Server Cross-site Scripting in WriteWindowTitle Endpoint |
| CVE-2023-4828 | 2023-09-13 | ITM Server Communications Hijack |
| CVE-2023-3301 | 2023-09-13 | Triggerable assertion due to race condition in hot-unplug |
| CVE-2023-4155 | 2023-09-13 | Sev-es / sev-snp vmgexit double fetch vulnerability |
| CVE-2023-3255 | 2023-09-13 | Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service |
| CVE-2023-3280 | 2023-09-13 | Cortex XDR Agent: Local Windows User Can Disable the Agent |
| CVE-2023-4785 | 2023-09-13 | Denial of Service in gRPC Core |
| CVE-2023-20135 | 2023-09-13 | A vulnerability in Cisco IOS XR Software image verification checks... |
| CVE-2023-20236 | 2023-09-13 | A vulnerability in the iPXE boot function of Cisco IOS... |
| CVE-2023-20233 | 2023-09-13 | A vulnerability in the Connectivity Fault Management (CFM) feature of... |
| CVE-2023-20191 | 2023-09-13 | A vulnerability in the access control list (ACL) processing on... |
| CVE-2023-20190 | 2023-09-13 | A vulnerability in the classic access control list (ACL) compression... |
| CVE-2023-2680 | 2023-09-13 | Dma reentrancy issue (incomplete fix for cve-2021-3750) |
| CVE-2023-3588 | 2023-09-13 | Stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x |
| CVE-2023-41892 | 2023-09-13 | Craft CMS Remote Code Execution vulnerability |
| CVE-2023-4568 | 2023-09-13 | PaperCut NG Unauthenticated XMLRPC |
| CVE-2023-23840 | 2023-09-13 | SolarWinds Platform Exposed Dangerous Method Vulnerability |
| CVE-2023-23845 | 2023-09-13 | SolarWinds Platform Exposed Dangerous Method Vulnerability |
| CVE-2021-28485 | 2023-09-14 | In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1... |
| CVE-2022-47631 | 2023-09-14 | Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an... |
| CVE-2023-36250 | 2023-09-14 | CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows... |
| CVE-2023-37739 | 2023-09-14 | i-doit Pro v25 and below was discovered to be vulnerable... |
| CVE-2023-37755 | 2023-09-14 | i-doit pro 25 and below and I-doit open 25 and... |
| CVE-2023-37756 | 2023-09-14 | I-doit pro 25 and below and I-doit open 25 and... |
| CVE-2023-38891 | 2023-09-14 | SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote... |
| CVE-2023-38912 | 2023-09-14 | SQL injection vulnerability in Super Store Finder PHP Script v.3.6... |
| CVE-2023-39285 | 2023-09-14 | A vulnerability in the Edge Gateway component of Mitel MiVoice... |
| CVE-2023-39286 | 2023-09-14 | A vulnerability in the Connect Mobility Router component of Mitel... |
| CVE-2023-39638 | 2023-09-14 | D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 was discovered... |
| CVE-2023-39639 | 2023-09-14 | LeoTheme leoblog up to v3.1.2 was discovered to contain a... |
| CVE-2023-39641 | 2023-09-14 | Active Design psaffiliate before v1.9.8 was discovered to contain a... |
| CVE-2023-39642 | 2023-09-14 | Carts Guru cartsguru up to v2.4.2 was discovered to contain... |
| CVE-2023-40779 | 2023-09-14 | An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2... |
| CVE-2023-40868 | 2023-09-14 | Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo... |
| CVE-2023-40869 | 2023-09-14 | Cross Site Scripting vulnerability in mooSocial mooSocial Software 3.1.6 and... |
| CVE-2023-40955 | 2023-09-14 | A SQL injection vulnerability in Didotech srl Engineering & Lifecycle... |
| CVE-2023-40956 | 2023-09-14 | A SQL injection vulnerability in Cloudroits Website Job Search v.15.0... |
| CVE-2023-40957 | 2023-09-14 | A SQL injection vulnerability in Didotech srl Engineering & Lifecycle... |
| CVE-2023-40958 | 2023-09-14 | A SQL injection vulnerability in Didotech srl Engineering & Lifecycle... |
| CVE-2023-41010 | 2023-09-14 | Insecure Permissions vulnerability in Sichuan Tianyi Kanghe Communication Co., Ltd... |
| CVE-2023-41011 | 2023-09-14 | Command Execution vulnerability in China Mobile Communications China Mobile Intelligent... |
| CVE-2023-41156 | 2023-09-14 | A Stored Cross-Site Scripting (XSS) vulnerability in the filter and... |
| CVE-2023-41159 | 2023-09-14 | A Stored Cross-Site Scripting (XSS) vulnerability while editing the autoreply... |
| CVE-2023-41160 | 2023-09-14 | A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configuration... |
| CVE-2023-41588 | 2023-09-14 | A cross-site scripting (XSS) vulnerability in Time to SLA plugin... |
| CVE-2023-41592 | 2023-09-14 | Froala Editor v4.0.1 to v4.1.1 was discovered to contain a... |
| CVE-2023-42178 | 2023-09-14 | Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log... |
| CVE-2023-42180 | 2023-09-14 | An arbitrary file upload vulnerability in the /user/upload component of... |
| CVE-2023-42362 | 2023-09-14 | An arbitrary file upload vulnerability in Teller Web App v.4.4.0... |
| CVE-2023-42405 | 2023-09-14 | SQL injection vulnerability in FIT2CLOUD RackShift v1.7.1 allows attackers to... |
| CVE-2023-4841 | 2023-09-14 | The Feeds for YouTube for WordPress plugin for WordPress is... |
| CVE-2023-4944 | 2023-09-14 | The Awesome Weather Widget for WordPress plugin for WordPress is... |
| CVE-2023-4945 | 2023-09-14 | The Booster for WooCommerce plugin for WordPress is vulnerable to... |
| CVE-2023-4948 | 2023-09-14 | The WooCommerce CVR Payment Gateway plugin for WordPress is vulnerable... |
| CVE-2023-26141 | 2023-09-14 | Versions of the package sidekiq before 7.1.3 are vulnerable to... |
| CVE-2023-4814 | 2023-09-14 | A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint... |
| CVE-2023-38206 | 2023-09-14 | ColdFusion | Improper Access Control (CWE-284) |
| CVE-2023-38205 | 2023-09-14 | ColdFusion Bypass - Vulnerability disclosure in ColdFusion | BYPASS CVE-2023-29298 |
| CVE-2023-38204 | 2023-09-14 | Bypass APSB23-41 (CVE-2023-38203) - Pre-Auth RCE ColdFusion 2021 Update 8 |
| CVE-2023-42503 | 2023-09-14 | Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file |
| CVE-2023-41267 | 2023-09-14 | Apache HDFS Provider error message suggested installation of incorrect pip package |
| CVE-2023-4516 | 2023-09-14 | A CWE-306: Missing Authentication for Critical Function vulnerability exists in... |
| CVE-2023-38557 | 2023-09-14 | A vulnerability has been identified in Spectrum Power 7 (All... |
| CVE-2023-38558 | 2023-09-14 | A vulnerability has been identified in SIMATIC PCS neo (Administration... |
| CVE-2023-2848 | 2023-09-14 | Movim prior to version 0.22 is affected by a Cross-Site... |
| CVE-2023-1108 | 2023-09-14 | Undertow: infinite loop in sslconduit during close |
| CVE-2023-30909 | 2023-09-14 | A remote authentication bypass issue exists in some OneView APIs. |
| CVE-2023-4951 | 2023-09-14 | Cross Site Scripting (XSS) Issue on "Client Based Authentication Policy Configuration" Screen |
| CVE-2023-4832 | 2023-09-14 | SQLi in Aceka Holdings Company Management |
| CVE-2023-4766 | 2023-09-14 | SQLi in Movus Admin Panel |
| CVE-2023-4669 | 2023-09-14 | Authentication Bypass in Exagate SYSGuard 3001 |
| CVE-2023-4702 | 2023-09-14 | Authentication Bypass in Digital Yepas |
| CVE-2023-4972 | 2023-09-14 | Information Disclosure in Digital Yepas |
| CVE-2023-32665 | 2023-09-14 | Gvariant deserialisation does not match spec for non-normal data |
| CVE-2023-29499 | 2023-09-14 | Gvariant offset table entry size is not checked in is_normal() |
| CVE-2023-32611 | 2023-09-14 | G_variant_byteswap() can take a long time with some non-normal inputs |
| CVE-2023-32643 | 2023-09-14 | A flaw was found in GLib. The GVariant deserialization code... |
| CVE-2023-32636 | 2023-09-14 | A flaw was found in glib, where the gvariant deserialization... |
| CVE-2023-4676 | 2023-09-14 | XSS in Yordams MedasPro |
| CVE-2023-4965 | 2023-09-14 | phpipam Header redirect |
| CVE-2023-25588 | 2023-09-14 | Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab` |
| CVE-2023-25586 | 2023-09-14 | Local variable `ch_type` in function `bfd_init_section_decompress_status` can be uninitialized |
| CVE-2023-25585 | 2023-09-14 | Field `file_table` of `struct module *module` is uninitialized |
| CVE-2023-25584 | 2023-09-14 | Out of bounds read in parse_module function in bfd/vms-alpha.c |
| CVE-2023-4680 | 2023-09-14 | Vault's Transit Secrets Engine Allowed Nonce Specified without Convergent Encryption |
| CVE-2022-47848 | 2023-09-15 | An issue was discovered in Bezeq Vtech NB403-IL version BZ_2.02.07.09.13.01... |
| CVE-2023-28614 | 2023-09-15 | Freewill iFIS (aka SMART Trade) 20.01.01.04 allows OS Command Injection... |
| CVE-2023-36160 | 2023-09-15 | An issue was discovered in Qubo Smart Plug10A version HSP02_01_01_14_SYSTEM-10... |
| CVE-2023-36657 | 2023-09-15 | An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in... |
| CVE-2023-36658 | 2023-09-15 | An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It... |
| CVE-2023-36659 | 2023-09-15 | An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long... |
| CVE-2023-39643 | 2023-09-15 | Bl Modules xmlfeeds before v3.9.8 was discovered to contain a... |