CVE List - 2023 / September
Showing 1401 - 1500 of 2148 CVEs for September 2023 (Page 15 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-43477 | 2023-09-20 | Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000) |
| CVE-2023-43478 | 2023-09-20 | Unauthenticated configuration restore and firmware update |
| CVE-2022-1438 | 2023-09-20 | Keycloak: xss on impersonation under specific circumstances |
| CVE-2023-0118 | 2023-09-20 | Foreman: arbitrary code execution through templates |
| CVE-2023-0462 | 2023-09-20 | Arbitrary code execution through yaml global parameters |
| CVE-2022-3916 | 2023-09-20 | Keycloak: session takeover with oidc offline refreshtokens |
| CVE-2023-43630 | 2023-09-20 | Config Partition Not Measured From 2 Fronts |
| CVE-2023-43636 | 2023-09-20 | Rootfs Not Protected |
| CVE-2023-43635 | 2023-09-20 | Vault Key Sealed With SHA1 PCRs |
| CVE-2023-2508 | 2023-09-20 | CSRF in PaperCutNG Mobility Print leads to sophisticated phishing |
| CVE-2023-2262 | 2023-09-20 | Rockwell Automation Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow |
| CVE-2023-5074 | 2023-09-20 | Authentication Bypass in D-Link D-View 8 |
| CVE-2023-42660 | 2023-09-20 | MOVEit Transfer Machine Interface SQL Injection |
| CVE-2023-40043 | 2023-09-20 | MOVEit Transfer System Administrator SQL Injection |
| CVE-2023-43494 | 2023-09-20 | Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1... |
| CVE-2023-43495 | 2023-09-20 | Jenkins 2.423 and earlier, LTS 2.414.1 and earlier does not... |
| CVE-2023-43496 | 2023-09-20 | Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a... |
| CVE-2023-43497 | 2023-09-20 | In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing... |
| CVE-2023-43499 | 2023-09-20 | Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not... |
| CVE-2023-43500 | 2023-09-20 | A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure... |
| CVE-2023-43501 | 2023-09-20 | A missing permission check in Jenkins Build Failure Analyzer Plugin... |
| CVE-2023-43502 | 2023-09-20 | A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure... |
| CVE-2023-43498 | 2023-09-20 | In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing... |
| CVE-2023-42656 | 2023-09-20 | MOVEit Transfer Reflected XSS |
| CVE-2023-20594 | 2023-09-20 | Improper initialization of variables in the DXE driver may allow... |
| CVE-2023-20597 | 2023-09-20 | Improper initialization of variables in the DXE driver may allow... |
| CVE-2023-40368 | 2023-09-20 | IBM Storage Protect information disclosure |
| CVE-2022-3596 | 2023-09-20 | Instack-undercloud: rsync leaks information to undercloud |
| CVE-2023-37410 | 2023-09-20 | IBM Personal Communications privilege escalation |
| CVE-2023-38718 | 2023-09-20 | IBM Robotic Process Automation information disclosure |
| CVE-2023-22024 | 2023-09-20 | In the Unbreakable Enterprise Kernel (UEK), the RDS module in... |
| CVE-2023-37279 | 2023-09-20 | Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input |
| CVE-2015-5467 | 2023-09-21 | web\ViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers... |
| CVE-2015-8371 | 2023-09-21 | Composer before 2016-02-10 allows cache poisoning from other projects built... |
| CVE-2018-5478 | 2023-09-21 | Contao 3.x before 3.5.32 allows XSS via the unsubscribe module... |
| CVE-2023-31716 | 2023-09-21 | FUXA <= 1.1.12 has a Local File Inclusion vulnerability via... |
| CVE-2023-31717 | 2023-09-21 | A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration... |
| CVE-2023-31718 | 2023-09-21 | FUXA <= 1.1.12 is vulnerable to Local via Inclusion via... |
| CVE-2023-31719 | 2023-09-21 | FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin. |
| CVE-2023-34576 | 2023-09-21 | SQL injection vulnerability in updatepos.php in PrestaShop opartfaq through 1.0.3... |
| CVE-2023-34577 | 2023-09-21 | SQL injection vulnerability in Prestashop opartplannedpopup 1.4.11 and earlier allows... |
| CVE-2023-38343 | 2023-09-21 | An XXE (XML external entity injection) vulnerability exists in the... |
| CVE-2023-38344 | 2023-09-21 | An issue was discovered in Ivanti Endpoint Manager before 2022... |
| CVE-2023-41614 | 2023-09-21 | A stored cross-site scripting (XSS) vulnerability in the Add Animal... |
| CVE-2023-41616 | 2023-09-21 | A reflected cross-site scripting (XSS) vulnerability in the Search Student... |
| CVE-2023-42261 | 2023-09-21 | Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure... |
| CVE-2023-42279 | 2023-09-21 | Dreamer CMS v4.1.3 was discovered to contain a SQL injection... |
| CVE-2023-42280 | 2023-09-21 | mee-admin 1.5 is vulnerable to Directory Traversal. The download method... |
| CVE-2023-42482 | 2023-09-21 | Samsung Mobile Processor Exynos 2200 allows a GPU Use After... |
| CVE-2023-43128 | 2023-09-21 | D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command... |
| CVE-2023-43235 | 2023-09-21 | D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow... |
| CVE-2023-43236 | 2023-09-21 | D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack... |
| CVE-2023-43237 | 2023-09-21 | D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack... |
| CVE-2023-43238 | 2023-09-21 | D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack... |
| CVE-2023-43239 | 2023-09-21 | D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack... |
| CVE-2023-43240 | 2023-09-21 | D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack... |
| CVE-2023-43241 | 2023-09-21 | D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow... |
| CVE-2023-43242 | 2023-09-21 | D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack... |
| CVE-2023-43274 | 2023-09-21 | Phpjabbers PHP Shopping Cart 4.2 is vulnerable to SQL Injection... |
| CVE-2023-43309 | 2023-09-21 | There is a stored cross-site scripting (XSS) vulnerability in Webmin... |
| CVE-2023-43669 | 2023-09-21 | The Tungstenite crate before 0.20.1 for Rust allows remote attackers... |
| CVE-2023-39252 | 2023-09-21 | Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm... |
| CVE-2023-4291 | 2023-09-21 | Frauscher FDS101 for FAdC/FAdCi remote code execution vulnerability |
| CVE-2023-4152 | 2023-09-21 | Frauscher FDS101 for FAdC/FAdCi path traversal vulnerability |
| CVE-2023-4292 | 2023-09-21 | Frauscher FDS101 for FAdC/FAdCi SQL injection vulnerability |
| CVE-2023-4760 | 2023-09-21 | Remote Code Execution in Eclipse RAP on Windows |
| CVE-2023-5104 | 2023-09-21 | Improper Input Validation in nocodb/nocodb |
| CVE-2023-4753 | 2023-09-21 | OpenHarmony v3.2.1 and prior version has a system call function usage error |
| CVE-2023-43634 | 2023-09-21 | Config Partition Not Protected by Measured Boot |
| CVE-2023-43633 | 2023-09-21 | Debug Functions Unlockable Without Triggering Measured Boot |
| CVE-2023-43632 | 2023-09-21 | Freely Allocate Buffer on The Stack With Data From Socket |
| CVE-2023-43631 | 2023-09-21 | SSH as Root Unlockable Without Triggering Measured Boot |
| CVE-2023-43637 | 2023-09-21 | Vault Key Partially Predetermined |
| CVE-2023-40183 | 2023-09-21 | DataEase has a vulnerability to obtain user cookies |
| CVE-2023-41048 | 2023-09-21 | plone.namedfile vulnerable to Stored Cross Site Scripting with SVG images |
| CVE-2023-42457 | 2023-09-21 | plone.rest vulnerable to Denial of Service when ++api++ is used many times |
| CVE-2023-42456 | 2023-09-21 | sudo-rs Session File Relative Path Traversal vulnerability |
| CVE-2023-42458 | 2023-09-21 | Zope vulnerable to Stored Cross Site Scripting with SVG images |
| CVE-2023-42807 | 2023-09-21 | Frappe LMS SQL Injection Issue on People Page |
| CVE-2023-42805 | 2023-09-21 | quinn-proto Denial of Service vulnerability |
| CVE-2023-42806 | 2023-09-21 | Snapshot signature not including HeadID will allow replay attacks |
| CVE-2023-42810 | 2023-09-21 | systeminformation SSID Command Injection Vulnerability |
| CVE-2023-41991 | 2023-09-21 | A certificate validation issue was addressed. This issue is fixed... |
| CVE-2023-41992 | 2023-09-21 | The issue was addressed with improved checks. This issue is... |
| CVE-2023-41993 | 2023-09-21 | The issue was addressed with improved checks. This issue is... |
| CVE-2023-5068 | 2023-09-21 | Delta Electronics DIAScreen Out-of-bounds Write |
| CVE-2023-4504 | 2023-09-21 | OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow |
| CVE-2023-38346 | 2023-09-22 | An issue was discovered in Wind River VxWorks 6.9 and... |
| CVE-2023-40989 | 2023-09-22 | SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that... |
| CVE-2023-43129 | 2023-09-22 | D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command... |
| CVE-2023-43130 | 2023-09-22 | D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command... |
| CVE-2023-43144 | 2023-09-22 | Projectworldsl Assets-management-system-in-php 1.0 is vulnerable to SQL Injection via the... |
| CVE-2023-43270 | 2023-09-22 | dst-admin v1.5.0 was discovered to contain a remote command execution... |
| CVE-2023-43338 | 2023-09-22 | Cesanta mjs v2.20.0 was discovered to contain a function pointer... |
| CVE-2023-43468 | 2023-09-22 | SQL injection vulnerability in janobe Online Job Portal v.2020 allows... |
| CVE-2023-43469 | 2023-09-22 | SQL injection vulnerability in janobe Online Job Portal v.2020 allows... |
| CVE-2023-43470 | 2023-09-22 | SQL injection vulnerability in janobe Online Voting System v.1.0 allows... |
| CVE-2023-43760 | 2023-09-22 | Certain WithSecure products allow Denial of Service via a fuzzed... |
| CVE-2023-43761 | 2023-09-22 | Certain WithSecure products allow Denial of Service (infinite loop). This... |
| CVE-2023-43762 | 2023-09-22 | Certain WithSecure products allow Unauthenticated Remote Code Execution via the... |