CVE List - 2023 / September

Showing 1101 - 1200 of 2148 CVEs for September 2023 (Page 12 of 22)

Back to List Previous Next

CVE ID	Date	Title
CVE-2023-40982	2023-09-15	A stored cross-site scripting (XSS) vulnerability in Webmin v2.100 allows...
CVE-2023-40983	2023-09-15	A reflected cross-site scripting (XSS) vulnerability in the File Manager...
CVE-2023-40984	2023-09-15	A reflected cross-site scripting (XSS) vulnerability in the File Manager...
CVE-2023-40985	2023-09-15	An issue was discovered in Webmin 2.100. The File Manager...
CVE-2023-40986	2023-09-15	A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration...
CVE-2023-41436	2023-09-15	Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local...
CVE-2023-41626	2023-09-15	Gradio v3.27.0 was discovered to contain an arbitrary file upload...
CVE-2023-42270	2023-09-15	Grocy <= 4.0.2 is vulnerable to Cross Site Request Forgery...
CVE-2023-42398	2023-09-15	An issue in zzCMS v.2023 allows a remote attacker to...
CVE-2023-4977	2023-09-15	Code Injection in librenms/librenms
CVE-2023-4979	2023-09-15	Cross-site Scripting (XSS) - Reflected in librenms/librenms
CVE-2023-4978	2023-09-15	Cross-site Scripting (XSS) - DOM in librenms/librenms
CVE-2023-4980	2023-09-15	Cross-site Scripting (XSS) - Generic in librenms/librenms
CVE-2023-4981	2023-09-15	Cross-site Scripting (XSS) - DOM in librenms/librenms
CVE-2023-4982	2023-09-15	Cross-site Scripting (XSS) - Stored in librenms/librenms
CVE-2023-4973	2023-09-15	Academy LMS GET Parameter filter cross site scripting
CVE-2023-4974	2023-09-15	Academy LMS GET Parameter filter sql injection
CVE-2023-3891	2023-09-15	Lapce v0.2.8 - Privilege escalation via Race Condition
CVE-2022-20917	2023-09-15	A vulnerability in the Extensible Messaging and Presence Protocol (XMPP)...
CVE-2023-4963	2023-09-15	The WS Facebook Like Box Widget for WordPress plugin for...
CVE-2023-38039	2023-09-15	When curl retrieves an HTTP response, it stores the incoming...
CVE-2023-4673	2023-09-15	SQLi in Sanalogy's Turasistan
CVE-2023-4830	2023-09-15	SQLi in Tura's Signalix
CVE-2023-32461	2023-09-15	Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer...
CVE-2023-4831	2023-09-15	SQLi in nCep
CVE-2023-4670	2023-09-15	SQLi in Innosa's Probbys
CVE-2023-4231	2023-09-15	SQLi in Cevik Informatics' Online Payment System
CVE-2023-4835	2023-09-15	SQLi in CF's Oil Management Software
CVE-2023-4833	2023-09-15	SQLi in Besttem's Network Marketing Software
CVE-2023-4661	2023-09-15	SQLi in Saphira Connect
CVE-2023-4662	2023-09-15	RCE in Saphira Connect
CVE-2023-4663	2023-09-15	XSS in Saphira Connect
CVE-2023-4664	2023-09-15	Privilage Escalation in Saphira Connect
CVE-2023-4665	2023-09-15	Privilage Escalation in Saphira Connect
CVE-2023-4959	2023-09-15	Quay: cross-site request forgery (csrf) on config-editor page
CVE-2022-3466	2023-09-15	Cri-o: security regression of cve-2022-27652
CVE-2023-4983	2023-09-15	app1pro Shopicial search cross site scripting
CVE-2023-4984	2023-09-15	didi KnowSearch 1 credentials storage
CVE-2023-4985	2023-09-15	Supcon InPlant SCADA Project.xml improper authentication
CVE-2023-4986	2023-09-15	Supcon InPlant SCADA Project.xml unknown vulnerability
CVE-2023-4987	2023-09-15	infinitietech taskhub GET Parameter get_tasks_list sql injection
CVE-2023-4988	2023-09-15	Bettershop LaikeTui unrestricted upload
CVE-2023-4991	2023-09-15	NextBX QWAlerter QWAlerter.exe unquoted search path
CVE-2023-36479	2023-09-15	Jetty vulnerable to errant command quoting in CGI Servlet
CVE-2023-36472	2023-09-15	Strapi may leak sensitive user information, user reset password, tokens via content-manager views
CVE-2023-37263	2023-09-15	Strapi's field level permissions not being respected in relationship title
CVE-2023-38507	2023-09-15	Strapi Improper Rate Limiting vulnerability
CVE-2023-37281	2023-09-15	Out-of-bounds read during IPHC address decompression
CVE-2023-37459	2023-09-15	Out-of-bounds read when processing a received IPv6 packet
CVE-2023-38706	2023-09-15	Discourse vulnerable to DoS via drafts
CVE-2023-40588	2023-09-15	Discourse DoS via 2FA and Security Key Names
CVE-2023-41042	2023-09-15	Discourse DoS via remote theme assets
CVE-2023-41043	2023-09-15	Discourse DoS via SvgSprite cache
CVE-2023-40018	2023-09-15	FreeSWITCH allows remote users to trigger out of bounds write by offering an ICE candidate with unknown component ID
CVE-2023-40019	2023-09-15	FreeSWITCH allows authorized users to cause a denial of service attack by sending re-INVITE with SDP containing duplicate codec names
CVE-2023-40167	2023-09-15	Jetty accepts "+" prefixed value in Content-Length
CVE-2023-41325	2023-09-15	OP-TEE double free in shdr_verify_signature
CVE-2023-41880	2023-09-15	Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64
CVE-2023-41886	2023-09-15	OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack
CVE-2023-41887	2023-09-15	Remote Code exec in project import with mysql jdbc url attack
CVE-2023-41889	2023-09-15	Late-Unicode normalization vulnerability in SHIRASAGI
CVE-2023-0923	2023-09-15	Odh-notebook-controller-container: missing authorization allows for file contents disclosure
CVE-2023-0813	2023-09-15	Network-observability-console-plugin-container: setting loki authtoken configuration to disable or host mode leads to authentication longer being enforced
CVE-2023-41900	2023-09-15	Jetty's OpenId Revoked authentication allows one request
CVE-2022-3261	2023-09-15	Plain-text passwords saved in /var/log/messages
CVE-2023-42439	2023-09-15	GeoNode SSRF Bypass to return internal host data
CVE-2023-42442	2023-09-15	JumpServer session replays download without authentication
CVE-2023-36735	2023-09-15	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2023-36727	2023-09-15	Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2023-36562	2023-09-15	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2023-39612	2023-09-16	A cross-site scripting (XSS) vulnerability in FileBrowser before v2.23.0 allows...
CVE-2023-39777	2023-09-16	A cross-site scripting (XSS) vulnerability in the Admin Control Panel...
CVE-2023-41157	2023-09-16	Multiple stored cross-site scripting (XSS) vulnerabilities in Usermin 2.000 allow...
CVE-2023-42336	2023-09-16	An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote...
CVE-2023-4994	2023-09-16	The Allow PHP in Posts and Pages plugin for WordPress...
CVE-2023-5001	2023-09-16	The Horizontal scrolling announcement for WordPress plugin for WordPress is...
CVE-2023-3025	2023-09-16	The Dropbox Folder Share plugin for WordPress is vulnerable to...
CVE-2023-5012	2023-09-16	Topaz OFD Protection Module Warsaw core.exe unquoted search path
CVE-2023-5013	2023-09-16	Pluck CMS Installation install.php cross site scripting
CVE-2023-5014	2023-09-17	Sakshi2610 Food Ordering Website categoryfood.php sql injection
CVE-2023-5015	2023-09-17	UCMS cross site scripting
CVE-2023-5016	2023-09-17	spider-flow API DataSourceController.java DriverManager.getConnection deserialization
CVE-2023-5017	2023-09-17	lmxcms admin.php sql injection
CVE-2023-5018	2023-09-17	SourceCodester Lost and Found Information System POST Parameter sql injection
CVE-2023-5019	2023-09-17	Tongda OA delete.php sql injection
CVE-2023-5020	2023-09-17	07FLY CRM Administrator Login Page sql injection
CVE-2023-38040	2023-09-17	A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and...
CVE-2023-5021	2023-09-17	SourceCodester AC Repair and Services System cross site scripting
CVE-2023-5022	2023-09-17	DedeCMS select_templets_post.php absolute path traversal
CVE-2023-5023	2023-09-17	Tongda OA delete.php sql injection
CVE-2023-5024	2023-09-17	Planno Comment cross site scripting
CVE-2023-5025	2023-09-17	KOHA MARC search.pl cross site scripting
CVE-2023-5026	2023-09-17	Tongda OA cross site scripting
CVE-2023-5028	2023-09-17	China Unicom TEWA-800G debug log file
CVE-2023-5027	2023-09-17	SourceCodester Simple Membership System club_validator.php sql injection
CVE-2023-5029	2023-09-17	mccms 1 sql injection
CVE-2023-5030	2023-09-17	Tongda OA delete.php sql injection
CVE-2020-36766	2023-09-18	An issue was discovered in the Linux kernel before 5.8.6....
CVE-2021-26837	2023-09-18	SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems)...
CVE-2023-33831	2023-09-18	A remote command execution (RCE) vulnerability in the /api/runscript endpoint...