CVE List - 2023 / September
Showing 201 - 300 of 2148 CVEs for September 2023 (Page 3 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-32811 | 2023-09-04 | In connectivity system driver, there is a possible out of... |
| CVE-2023-32812 | 2023-09-04 | In gnss service, there is a possible out of bounds... |
| CVE-2023-32813 | 2023-09-04 | In gnss service, there is a possible out of bounds... |
| CVE-2023-32814 | 2023-09-04 | In gnss service, there is a possible out of bounds... |
| CVE-2023-32815 | 2023-09-04 | In gnss service, there is a possible out of bounds... |
| CVE-2023-32816 | 2023-09-04 | In gnss service, there is a possible out of bounds... |
| CVE-2023-32817 | 2023-09-04 | In gnss service, there is a possible out of bounds... |
| CVE-2023-4613 | 2023-09-04 | Upload Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability |
| CVE-2023-4754 | 2023-09-04 | Out-of-bounds Write in gpac/gpac |
| CVE-2023-4756 | 2023-09-04 | Stack-based Buffer Overflow in gpac/gpac |
| CVE-2023-36382 | 2023-09-04 | WordPress Media Library Categories Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39164 | 2023-09-04 | WordPress Molongui Plugin <= 4.6.19 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39162 | 2023-09-04 | WordPress User Email Verification for WooCommerce Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25465 | 2023-09-04 | WordPress wp tell a friend popup form Plugin <= 7.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39919 | 2023-09-04 | WordPress wpShopGermany – Protected Shops Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39918 | 2023-09-04 | WordPress Booking Package Plugin <= 1.6.01 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39987 | 2023-09-04 | WordPress wSecure Lite Plugin <= 2.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39991 | 2023-09-04 | WordPress BigBlueButton Plugin <= 3.0.0-beta.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39988 | 2023-09-04 | WordPress WxSync Plugin <= 2.7.23 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-37393 | 2023-09-04 | WordPress Atarim Plugin <= 3.9.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-31220 | 2023-09-04 | WordPress WP Categories Widget Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-30494 | 2023-09-04 | WordPress ImageRecycle pdf & image compression Plugin <= 3.1.10 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39992 | 2023-09-04 | WordPress Online Booking & Scheduling Calendar for WordPress by vcita Plugin <= 4.3.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4614 | 2023-09-04 | setThumbnailRC Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability |
| CVE-2023-4615 | 2023-09-04 | updateFile Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability |
| CVE-2023-40208 | 2023-09-04 | WordPress Stock Ticker Plugin <= 3.23.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4616 | 2023-09-04 | thumbnail Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability |
| CVE-2023-40206 | 2023-09-04 | WordPress WP 404 Auto Redirect to Similar Post Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40205 | 2023-09-04 | WordPress PixTypes Plugin <= 1.4.15 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-30485 | 2023-09-04 | WordPress Avartan Slider Lite Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32296 | 2023-09-04 | WordPress Kangu para WooCommerce Plugin <= 2.2.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40196 | 2023-09-04 | WordPress ImageRecycle pdf & image compression Plugin <= 3.1.11 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40214 | 2023-09-04 | WordPress Business Pro Theme <= 1.10.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4587 | 2023-09-04 | Insecure direct object reference in ZKTeco ZEM800 |
| CVE-2023-4059 | 2023-09-04 | Profile Builder < 3.9.8 - Unauthenticated Plugin's Pages Creation |
| CVE-2023-4269 | 2023-09-04 | User Activity Log < 1.6.6 - Subscriber+ Log Export |
| CVE-2023-4254 | 2023-09-04 | Chatbot < 4.7.8 - Admin+ Stored XSS in Language Settings |
| CVE-2023-4253 | 2023-09-04 | Chatbot < 4.7.8 - Admin+ Stored XSS in FAQ Builder |
| CVE-2023-4151 | 2023-09-04 | Store Locator WordPress < 1.4.13 - Reflected XSS |
| CVE-2023-4284 | 2023-09-04 | Post Timeline < 2.2.6 - Reflected XSS |
| CVE-2023-2813 | 2023-09-04 | Multiple Themes - Reflected XSS |
| CVE-2023-3499 | 2023-09-04 | Robo Gallery < 3.2.16 - Admin+ Stored XSS |
| CVE-2023-3814 | 2023-09-04 | Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access |
| CVE-2023-4019 | 2023-09-04 | Media from FTP < 11.17 - Author+ Arbitrary File Access |
| CVE-2023-4216 | 2023-09-04 | Orders Tracking for WooCommerce < 1.2.6 - Admin+ Arbitrary File Access/Read |
| CVE-2023-4279 | 2023-09-04 | User Activity Log < 1.6.7 - IP Spoofing |
| CVE-2023-4298 | 2023-09-04 | 123.chat < 1.3.1 - Admin+ Stored XSS |
| CVE-2023-40197 | 2023-09-04 | WordPress flowpaper Plugin <= 1.9.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32578 | 2023-09-04 | WordPress Column-Matic Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32102 | 2023-09-04 | WordPress Library Viewer Plugin <= 2.0.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-3221 | 2023-09-04 | User enumeration vulnerability in Roundcube Password Recovery Plugin |
| CVE-2023-3222 | 2023-09-04 | Vulnerability in the password recovery mechanism of Roundcube Password Recovery Plugin |
| CVE-2023-4755 | 2023-09-04 | Use After Free in gpac/gpac |
| CVE-2023-4752 | 2023-09-04 | Use After Free in vim/vim |
| CVE-2023-4750 | 2023-09-04 | Use After Free in vim/vim |
| CVE-2023-4733 | 2023-09-04 | Use After Free in vim/vim |
| CVE-2023-28072 | 2023-09-04 | Dell Alienware Command Center, versions prior to 5.5.51.0, contain a... |
| CVE-2023-4758 | 2023-09-04 | Buffer Over-read in gpac/gpac |
| CVE-2023-41057 | 2023-09-04 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in hyper-bump-it |
| CVE-2023-41054 | 2023-09-04 | LibreY Server-Side Request Forgery (SSRF) vulnerability in image_proxy.php |
| CVE-2023-41055 | 2023-09-04 | LibreY Server-Side Request Forgery (SSRF) vulnerability via wikipedia_language cookie |
| CVE-2023-41052 | 2023-09-04 | Vyper: incorrect order of evaluation of side effects for some builtins |
| CVE-2023-40015 | 2023-09-04 | Vyper: reversed order of side effects for some operations |
| CVE-2023-41058 | 2023-09-04 | Trigger `beforeFind` not invoked in internal query pipeline in parse-server |
| CVE-2023-35892 | 2023-09-04 | IBM Financial Transaction Manager for SWIFT Services XML external entity injection |
| CVE-2022-43903 | 2023-09-04 | IBM Security Guardium denial of service |
| CVE-2023-32338 | 2023-09-04 | IBM Sterling Secure Proxy information disclosure |
| CVE-2015-1390 | 2023-09-05 | Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator. |
| CVE-2015-1391 | 2023-09-05 | Aruba AirWave before 8.0.7 allows bypass of a CSRF protection... |
| CVE-2015-2201 | 2023-09-05 | Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF... |
| CVE-2015-2202 | 2023-09-05 | Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative... |
| CVE-2017-9453 | 2023-09-05 | BMC Server Automation before 8.9.01 patch 1 allows Process Spawner... |
| CVE-2020-35593 | 2023-09-05 | BMC PATROL Agent through 20.08.00 allows local privilege escalation via... |
| CVE-2021-40546 | 2023-09-05 | Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password)... |
| CVE-2022-41763 | 2023-09-05 | An issue was discovered in NOKIA AMS 9.7.05. Remote Code... |
| CVE-2023-34637 | 2023-09-05 | A stored cross-site scripting (XSS) vulnerability in IsarNet AG IsarFlow... |
| CVE-2023-36307 | 2023-09-05 | ZPLGFA 1.1.1 allows attackers to cause a panic (because of... |
| CVE-2023-36308 | 2023-09-05 | disintegration Imaging 1.6.2 allows attackers to cause a panic (because... |
| CVE-2023-39598 | 2023-09-05 | Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows... |
| CVE-2023-39654 | 2023-09-05 | abupy up to v0.4.0 was discovered to contain a SQL... |
| CVE-2023-39681 | 2023-09-05 | Cuppa CMS v1.0 was discovered to contain a remote code... |
| CVE-2023-40918 | 2023-09-05 | KnowStreaming 3.3.0 is vulnerable to Escalation of Privileges. Unauthorized users... |
| CVE-2023-41009 | 2023-09-05 | File Upload vulnerability in adlered bolo-solo v.2.6 allows a remote... |
| CVE-2023-41012 | 2023-09-05 | An issue in China Mobile Communications China Mobile Intelligent Home... |
| CVE-2023-41107 | 2023-09-05 | TEF portal 2023-07-17 is vulnerable to a persistent cross site... |
| CVE-2023-41108 | 2023-09-05 | TEF portal 2023-07-17 is vulnerable to authenticated remote code execution. |
| CVE-2023-41507 | 2023-09-05 | Super Store Finder v3.6 was discovered to contain multiple SQL... |
| CVE-2023-41508 | 2023-09-05 | A hard coded password in Super Store Finder v3.6 allows... |
| CVE-2023-41908 | 2023-09-05 | Cerebrate before 1.15 lacks the Secure attribute for the session... |
| CVE-2023-41909 | 2023-09-05 | An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec... |
| CVE-2023-41910 | 2023-09-05 | An issue was discovered in lldpd before 1.0.17. By crafting... |
| CVE-2023-36361 | 2023-09-05 | Audimexee v14.1.7 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-29261 | 2023-09-05 | IBM Sterling Secure Proxy information disclosure |
| CVE-2023-22870 | 2023-09-05 | IBM Aspera Faspex information disclosure |
| CVE-2023-35906 | 2023-09-05 | IBM Aspera Faspex security bypass |
| CVE-2023-4636 | 2023-09-05 | The WordPress File Sharing Plugin plugin for WordPress is vulnerable... |
| CVE-2023-4748 | 2023-09-05 | Yongyou UFIDA-NC PrintTemplateFileServlet.java path traversal |
| CVE-2022-33220 | 2023-09-05 | Buffer over-read in Automotive multimedia |
| CVE-2022-33275 | 2023-09-05 | Improper validation of array index in WLAN HAL |
| CVE-2022-40524 | 2023-09-05 | Buffer over-read in Modem |