CVE-2023-0xxx

There are 962 CVE in this subgroup.
Last updated: 
← Back to 2023
ID Summary Flags Max Score
CVE-2023-0001 Cortex XDR Agent: Cleartext Exposure of Agent Admin Password
S
CVE-2023-0002 Cortex XDR Agent: Product Disruption by Local Windows User
S
CVE-2023-0003 Cortex XSOAR: Local File Disclosure Vulnerability in the Cortex XSOAR Server
S
CVE-2023-0004 PAN-OS: Local File Deletion Vulnerability
S
CVE-2023-0005 PAN-OS: Exposure of Sensitive Information Vulnerability
S
CVE-2023-0006 GlobalProtect App: Local File Deletion Vulnerability
S
CVE-2023-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
S
CVE-2023-0008 PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface
S
CVE-2023-0009 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
S
CVE-2023-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication
S
CVE-2023-0011 Command Execution through Serial Interface of u-blox TOBY-L2
S
CVE-2023-0012 Local Privilege Escalation in SAP Host Agent (Windows)
CVE-2023-0013 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform
CVE-2023-0014 Capture-replay vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform
CVE-2023-0015 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence (Web Intelligence)
CVE-2023-0016 SQL Injection vulnerability in SAP Business Planning and Consolidation MS
CVE-2023-0017 Improper access control in SAP NetWeaver AS for Java
CVE-2023-0018 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Central management console)
CVE-2023-0019 In SAP GRC (Process Control) - versions GRCFND_A V1200, GRCFND_A V8100, GRCPINW V1100_700, GRCPINW V...
CVE-2023-0020 SAP BusinessObjects Business Intelligence platform - versions 420, 430, allows an authenticated atta...
CVE-2023-0021 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver
CVE-2023-0022 Code Injection vulnerability in SAP BusinessObjects Business Intelligence platform (Analysis edition for OLAP)
CVE-2023-0023 Information Disclosure in SAP Bank Account Management (Manage Banks)
CVE-2023-0024 SAP Solution Manager (BSP Application) - version 720, allows an authenticated attacker to craft a ma...
CVE-2023-0025 SAP Solution Manager (BSP Application) - version 720, allows an authenticated attacker to craft a ma...
CVE-2023-0026 2023-06: Out-of-Cycle Security Bulletin: Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute
S
CVE-2023-0027 Rockwell Automation Modbus TCP AOI Server Could Leak Sensitive Information
S
CVE-2023-0028 Cross-site Scripting (XSS) - Stored in linagora/twake
E S
CVE-2023-0029 Multilaser RE708 Telnet Service denial of service
CVE-2023-0030 A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory...
S
CVE-2023-0033 PDF Viewer < 1.0.0 - Contributor+ Stored XSS via Shortcode
E
CVE-2023-0034 JetWidgets For Elementor < 1.0.14 - Contributor+ Stored XSS via Shortcode
E
CVE-2023-0035 softbus_client_stub in communication subsystem has an authentication bypass vulnerability which allows an "SA relay attack".
CVE-2023-0036 platform_callback_stub in misc subsystem has an authentication bypass vulnerability which allows an "SA relay attack".
CVE-2023-0037 10WebMapBuilder < 1.0.73 - Unauthenticated SQLi
E
CVE-2023-0038 The "Survey Maker – Best WordPress Survey Plugin" plugin for WordPress is vulnerable to Stored Cross...
E
CVE-2023-0039 Rejected reason: Duplicate. Please use CVE-2022-4060 instead....
R
CVE-2023-0040 Versions of Async HTTP Client prior to 1.13.2 are vulnerable to a form of targeted request manipulat...
CVE-2023-0041 IBM Security Guardium session fixation
S
CVE-2023-0042 An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5...
CVE-2023-0043 Custom Add User <= 2.0.2 - Reflected Cross-Site Scripting
E
CVE-2023-0044 If the Quarkus Form Authentication session cookie Path attribute is set to `/` then a cross-site att...
CVE-2023-0045 Incorrect indirect branch prediction barrier in the Linux Kernel
E S
CVE-2023-0046 Improper Restriction of Names for Files and Other Resources in lirantal/daloradius
E S
CVE-2023-0047 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2023-0048 Code Injection in lirantal/daloradius
E S
CVE-2023-0049 Out-of-bounds Read in vim/vim
E S
CVE-2023-0050 An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all ...
CVE-2023-0051 Heap-based Buffer Overflow in vim/vim
E S
CVE-2023-0052 SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function
CVE-2023-0053 SAUTER Controls Nova 200–220 Series Cleartext Transmission of Sensitive Information
M
CVE-2023-0054 Out-of-bounds Write in vim/vim
E S
CVE-2023-0055 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in pyload/pyload
E S
CVE-2023-0056 An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the s...
CVE-2023-0057 Improper Restriction of Rendered UI Layers or Frames in pyload/pyload
S
CVE-2023-0058 Tiempo.com <= 0.1.2 - Stored XSS via CSRF
E
CVE-2023-0059 Youzify < 1.2.2 - Contributor+ Stored XSS
E
CVE-2023-0060 Responsive Gallery Grid < 2.3.9 - Contributor+ Stored XSS
E
CVE-2023-0061 Judge.me Product Reviews for WooCommerce < 1.3.21 - Contributor+ Stored XSS
E
CVE-2023-0062 EAN for WooCommerce < 4.4.3 - Contributor+ Stored XSS
E
CVE-2023-0063 Synved Shortcodes <= 1.6.36 - Contributor+ Stored XSS
E
CVE-2023-0064 eVision Responsive Column Layout Shortcodes <= 2.3 - Contributor+ Stored XSS
E
CVE-2023-0065 i2 Pros & Cons <= 1.3.1 - Contributor+ Stored XSS
E
CVE-2023-0066 Companion Sitemap Generator <= 4.5.1.1 - Contributor+ Stored XSS
E
CVE-2023-0067 Timed Content < 2.73 - Contributor+ Stored XSS
E
CVE-2023-0068 Product GTIN (EAN, UPC, ISBN) for WooCommerce <= 1.1.1 - Contributor+ Stored XSS
E
CVE-2023-0069 WPaudio MP3 Player <= 4.0.2 - Contributor+ Stored XSS
E
CVE-2023-0070 ResponsiveVoice Text To Speech < 1.7.7 - Contributor+ Stored XSS
E
CVE-2023-0071 WP Tabs < 2.1.17 - Contributor+ Stored XSS
E
CVE-2023-0072 WC Vendors Marketplace < 2.4.5 - Contributor+ Stored XSS
E
CVE-2023-0073 Client Logo Carousel <= 3.0.0 - Contributor+ Stored XSS
E
CVE-2023-0074 WP Social Widget < 2.2.4 - Contributor+ Stored XSS
E
CVE-2023-0075 Amazon JS <= 0.10 - Contributor+ Stored XSS
E
CVE-2023-0076 Download Attachments < 1.3 - Contributor+ Stored XSS
E
CVE-2023-0077 Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) befor...
CVE-2023-0078 Resume Builder <= 3.1.1 - Subscriber+ Stored XSS
E
CVE-2023-0079 Customer Reviews for WooCommerce < 5.17.0 - Contributor+ Stored XSS
E
CVE-2023-0080 Customer Reviews for WooCommerce < 5.16.0 - Contributor+ LFI
E
CVE-2023-0081 MonsterInsights < 8.12.1 - Contributor+ Stored XSS
E
CVE-2023-0082 ExactMetrics < 7.12.1 - Contributor+ Stored XSS
E
CVE-2023-0083 The ArkUI framework subsystem doesn't check the input parameter,causing type confusion and invalid memory access.
CVE-2023-0084 The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site S...
S
CVE-2023-0085 The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to reCaptcha Bypass in...
S
CVE-2023-0086 The JetWidgets for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in ver...
S
CVE-2023-0087 The Swifty Page Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘s...
E
CVE-2023-0088 The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions...
E
CVE-2023-0089 Proofpoint Enterprise Protection webutils authenticated RCE
CVE-2023-0090 Proofpoint Enterprise Protection webservices unauthenticated RCE
CVE-2023-0091 A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation ...
CVE-2023-0092 An authenticated user who has read access to the juju controller model, may construct a remote reque...
S
CVE-2023-0093 Okta Advanced Server Access Client versions 1.13.1 through 1.65.0 are vulnerable to command injectio...
CVE-2023-0094 UpQode Google Maps <= 1.0.5 - Contributor+ Stored XSS
E
CVE-2023-0095 Page View Count < 2.6.1 - Contributor+ Stored XSS
E
CVE-2023-0096 Happyforms < 1.22.0 - Contributor+ Stored XSS
E
CVE-2023-0097 Post Grid, Post Carousel, & List Category Posts < 2.4.19 - Contributor+ Stored XSS
E
CVE-2023-0098 Simple URLs < 115 - Subscriber+ SQLi
E
CVE-2023-0099 Simple URLs < 115 - Multiple Reflected XSS
E
CVE-2023-0100 In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report...
CVE-2023-0101 A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10....
S
CVE-2023-0102 CVE-2023-0102
M
CVE-2023-0103 CVE-2023-0103
M
CVE-2023-0104 The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decomp...
S
CVE-2023-0105 A flaw was found in Keycloak. This flaw allows impersonation and lockout due to the email trust not ...
CVE-2023-0106 Cross-site Scripting (XSS) - Stored in usememos/memos
E S
CVE-2023-0107 Cross-site Scripting (XSS) - Stored in usememos/memos
E S
CVE-2023-0108 Cross-site Scripting (XSS) - Stored in usememos/memos
E S
CVE-2023-0109 Stored XSS in usememos/memos
E S
CVE-2023-0110 Cross-site Scripting (XSS) - Stored in usememos/memos
E S
CVE-2023-0111 Cross-site Scripting (XSS) - Stored in usememos/memos
E S
CVE-2023-0112 Cross-site Scripting (XSS) - Stored in usememos/memos
E S
CVE-2023-0113 Netis Netcore Router Backup param.file.tgz information disclosure
CVE-2023-0114 Netis Netcore Router Backup param.file.tgz cleartext storage in a file or on disk
CVE-2023-0115 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2023-0116 The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitati...
CVE-2023-0117 The online authentication provided by the hwKitAssistant lacks strict identity verification of appli...
CVE-2023-0118 Foreman: arbitrary code execution through templates
CVE-2023-0119 Foreman: stored cross-site scripting in host tab
CVE-2023-0120 Incorrect Authorization in GitLab
E S
CVE-2023-0121 Allocation of Resources Without Limits or Throttling in GitLab
CVE-2023-0122 A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth...
S
CVE-2023-0123 CVE-2023-0123
S
CVE-2023-0124 CVE-2023-0124
S
CVE-2023-0125 Control iD Gerencia Web Web Interface cross site scripting
E
CVE-2023-0126 Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an ...
CVE-2023-0127 A command injection vulnerability in the firmware_update command, in the device's restricted telnet ...
E
CVE-2023-0128 Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remot...
CVE-2023-0129 Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker ...
CVE-2023-0130 Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74...
CVE-2023-0131 Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a ...
CVE-2023-0132 Inappropriate implementation in in Permission prompts in Google Chrome on Windows prior to 109.0.541...
CVE-2023-0133 Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.541...
CVE-2023-0134 Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a u...
CVE-2023-0135 Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a u...
CVE-2023-0136 Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74...
CVE-2023-0137 Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a...
CVE-2023-0138 Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote atta...
CVE-2023-0139 Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 109.0.5...
CVE-2023-0140 Inappropriate implementation in in File System API in Google Chrome on Windows prior to 109.0.5414.7...
CVE-2023-0141 Insufficient policy enforcement in CORS in Google Chrome prior to 109.0.5414.74 allowed a remote att...
CVE-2023-0142 Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskSt...
CVE-2023-0143 Send PDF for Contact Form 7 < 0.9.9.2 - Contributor+ Stored XSS via Shortcode
E
CVE-2023-0144 Event Manager and Tickets Selling Plugin for WooCommerce < 3.8.0 - Contributor+ Stored XSS
E
CVE-2023-0145 Saan World Clock <= 1.8 - Contributor+ Stored XSS
E
CVE-2023-0146 Naver Map <= 1.1.0 - Contributor+ Stored XSS
E
CVE-2023-0147 Flexible Captcha <= 4.1 - Contributor+ Stored XSS
E
CVE-2023-0148 Gallery Factory Lite <= 2.0.0 - Contributor+ Stored XSS
E
CVE-2023-0149 WordPrezi < 0.9 - Contributor+ Strored XSS
E
CVE-2023-0150 Cloak Front End Email < 1.9.2 - Contributor+ Stored XSS
E
CVE-2023-0151 uTubeVideo Gallery < 2.0.8 - Contributor+ Stored XSS
E
CVE-2023-0152 WP Multi Store Locator <= 2.4 - Contributor+ Stored XSS
E
CVE-2023-0153 Vimeo Video Autoplay Automute <= 1.0 - Contributor+ Stored XSS
E
CVE-2023-0154 GamiPress – Vimeo integration < 1.0.9 - Contributor+ Stored XSS
E
CVE-2023-0155 An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1. ...
E
CVE-2023-0156 All-In-One Security (AIOS) < 5.1.5 - Admin+ Arbitrary File/Folder Access via Traversal
E
CVE-2023-0157 All-In-One Security (AIOS) < 5.1.5 - Admin+ Stored XSS
E
CVE-2023-0158 Triggered crash on direct RRDP access
M
CVE-2023-0159 Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE
E
CVE-2023-0160 Possibility of deadlock in libbpf function sock_hash_delete_elem
E S
CVE-2023-0161 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2023-0162 The CPO Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of i...
S
CVE-2023-0163 Prototype Pollution in convict
CVE-2023-0164 OrangeScrum version 2.0.11 allows an authenticated external attacker to execute arbitrary commands o...
E
CVE-2023-0165 Cost Calculator <= 1.8 - Contributor+ Stored XSS
E
CVE-2023-0166 PickPlugins Product Slider for WooCommerce < 1.13.42 - Contributor+ Stored XSS
E
CVE-2023-0167 GetResponse for WordPress <= 5.5.31 - Contributor+ Stored XSS
E
CVE-2023-0168 Olevmedia Shortcodes <= 1.1.9 - Contributor+ Stored XSS
E
CVE-2023-0169 Zoho Forms < 3.0.1 - Contributor+ Stored XSS
E
CVE-2023-0170 Html5 Audio Player < 2.1.12 - Contributor+ Stored XSS
E
CVE-2023-0171 jQuery T(-) Countdown Widget < 2.3.24 - Contributor+ Stored XSS
E
CVE-2023-0172 Juicer < 1.11 - Contributor+ Stored XSS
E
CVE-2023-0173 WPFunnels < 2.6.9 - Contributor+ Stored XSS
E
CVE-2023-0174 WP VR < 8.2.7 - Contributor+ Stored XSS
E
CVE-2023-0175 Smart Logo Showcase Lite <= 1.1.9 - Contributor+ Stored XSS
E
CVE-2023-0176 Giveaways and Contests by RafflePress < 1.11.3 - Contributor+ Stored XSS
E
CVE-2023-0177 Social Like Box and Page by WpDevArt < 0.8.41 - Contributor+ Stored XSS
E
CVE-2023-0178 Annual Archive < 1.6.0 - Contributor+ Stored XSS
E
CVE-2023-0179 A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue...
E
CVE-2023-0180 NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which m...
CVE-2023-0181 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer hand...
CVE-2023-0182 NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an ou...
CVE-2023-0183 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-o...
CVE-2023-0184 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer ha...
CVE-2023-0185 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign co...
CVE-2023-0186 NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an ou...
CVE-2023-0187 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer ha...
CVE-2023-0188 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer ha...
CVE-2023-0189 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which ...
CVE-2023-0190 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL ...
CVE-2023-0191 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer ha...
CVE-2023-0192 NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer handler, whe...
CVE-2023-0193 NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool ...
CVE-2023-0194 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer dr...
CVE-2023-0195 NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer driver nvldd...
CVE-2023-0196 NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an...
S
CVE-2023-0197 NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in ...
CVE-2023-0198 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where imprope...
CVE-2023-0199 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer ha...
CVE-2023-0200 NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditione...
CVE-2023-0201 NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a wr...
CVE-2023-0202 NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRA...
CVE-2023-0203 NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where a...
CVE-2023-0204 NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where a...
CVE-2023-0205 NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where a...
CVE-2023-0206 NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRA...
CVE-2023-0207 NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM varia...
CVE-2023-0208 NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server component) where a user may ca...
CVE-2023-0209 NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the co...
CVE-2023-0210 A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediatel...
E S
CVE-2023-0212 Advanced Recent Posts <= 0.6.14 - Contributor+ Stored XSS
E
CVE-2023-0213 Local Elevation of Privilege in M-Files
S
CVE-2023-0214 XSS in Skyhigh Security SWG
CVE-2023-0215 Use-after-free following BIO_new_NDEF
S
CVE-2023-0216 Invalid pointer dereference in d2i_PKCS7 functions
S
CVE-2023-0217 NULL dereference validating DSA public key
S
CVE-2023-0219 FluentSMTP < 2.2.3 - Stored XSS via Email Logs
E
CVE-2023-0220 Pinpoint Booking System < 2.9.9.2.9 - Subscriber+ SQLi
E
CVE-2023-0221 Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attac...
M
CVE-2023-0223 An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all ...
CVE-2023-0224 GiveWP < 2.24.1 - Unauthenticated SQLi
E
CVE-2023-0225 A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherw...
M
CVE-2023-0227 Insufficient Session Expiration in pyload/pyload
E S
CVE-2023-0228 Improper authentication vulnerability in S+ Operations
CVE-2023-0229 A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that...
CVE-2023-0230 VK All in One Expansion Unit < 9.86.0.0 - Contributor+ Stored XSS
E
CVE-2023-0231 ShopLentor < 2.5.4 - Contributor+ Stored XSS
E
CVE-2023-0232 ShopLentor < 2.5.4 - PHP Object Injection
E S
CVE-2023-0233 ActiveCampaign < 8.1.12 - Contributor+ Stored XSS
E
CVE-2023-0234 SiteGround Security < 1.3.1 - Admin+ SQLi
E
CVE-2023-0235 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2023-0236 Tutor LMS < 2.0.10 - Reflected Cross-Site Scripting
E
CVE-2023-0237 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2023-0238 Injecting Activity Loads in WARP Mobile Client
CVE-2023-0240 Use after free in io_uring in the Linux Kernel
S
CVE-2023-0241 pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the produc...
S
CVE-2023-0242 Insufficient permission check in the VQL copy() function
S
CVE-2023-0243 TuziCMS Article Module ArticleController.class.php index sql injection
E
CVE-2023-0244 TuziCMS KefuController.class.php delall sql injection
E
CVE-2023-0245 SourceCodester Online Flight Booking Management System add_contestant.php sql injection
E
CVE-2023-0246 earclink ESPCMS Content cross site scripting
E
CVE-2023-0247 Uncontrolled Search Path Element in bits-and-blooms/bloom
E S
CVE-2023-0248 Kantech Gen1 ioSmart card reader
S
CVE-2023-0249 CVE-2023-0249
S
CVE-2023-0250 CVE-2023-0250
S
CVE-2023-0251 CVE-2023-0251
S
CVE-2023-0252 Contextual Related Posts < 3.3.1 - Contributor+ Stored XSS
E
CVE-2023-0253 Rejected reason: **REJECT** Accidental CVE Assignment. Please use CVE-2023-0285....
R
CVE-2023-0254 The Simple Membership WP user Import plugin for WordPress is vulnerable to SQL Injection via the ‘or...
S
CVE-2023-0255 Enable Media Replace < 4.0.2 - Author+ Arbitrary File Upload
E
CVE-2023-0256 SourceCodester Online Food Ordering System Login Page sql injection
CVE-2023-0257 SourceCodester Online Food Ordering System Menu Form unrestricted upload
CVE-2023-0258 SourceCodester Online Food Ordering System Category List cross site scripting
CVE-2023-0259 WP Google Review Slider < 11.8 - Subscriber+ SQLi
E
CVE-2023-0260 WP Review Slider < 12.2 - Subscriber+ SQLi
E
CVE-2023-0261 WP TripAdvisor Review Slider < 10.8 - Subscriber+ SQLi
E
CVE-2023-0262 WP Airbnb Review Slider < 3.3 - Subscriber+ SQLi
E
CVE-2023-0263 WP Yelp Review Slider < 7.1 - Subscriber+ SQLi
E
CVE-2023-0264 A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate...
CVE-2023-0265 Uvdesk version 1.1.1 allows an authenticated remote attacker to execute commands on the server. This...
E
CVE-2023-0266 Use after free in SNDRV_CTL_IOCTL_ELEM in Linux Kernel
KEV S
CVE-2023-0267 Ultimate Carousel For WPBakery Page Builder <= 2.6 - Contributor+ Stored XSS
E
CVE-2023-0268 Mega Addons For WPBakery Page Builder < 4.3.0 - Contributor+ Stored XSS
E
CVE-2023-0269 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2023-0270 YaMaps for WordPress Plugin < 0.6.26 - Contributor+ Stored XSS
E
CVE-2023-0271 WP Font Awesome < 1.7.9 - Contributor+ Stored XSS
E
CVE-2023-0272 NEX-Forms < 8.3.3 - Contributor+ Stored XSS
E
CVE-2023-0273 Custom Content Shortcode <= 4.0.2 - Contributor+ Stored XSS
E
CVE-2023-0274 URL Params < 2.5 - Contributor+ Stored XSS
E
CVE-2023-0275 Easy Accept Payments for PayPal < 4.9.10 - Contributor+ Stored XSS
E
CVE-2023-0276 Weaver Xtreme Theme Support < 6.2.7 - Contributor+ Stored XSS
E
CVE-2023-0277 WC Fields Factory <= 4.1.5 - ShopManager+ SQLi
E
CVE-2023-0278 GeoDirectory < 2.2.24 - Admin+ SQLi
E
CVE-2023-0279 Media Library Assistant < 3.06 - Admin+ SQLi
E
CVE-2023-0280 Ultimate Carousel For Elementor <= 2.1.7 - Contributor+ Stored XSS
E
CVE-2023-0281 SourceCodester Online Flight Booking Management System judge_panel.php sql injection
E
CVE-2023-0282 YourChannel < 1.2.2 - Subscriber+ Stored XSS
E
CVE-2023-0283 SourceCodester Online Flight Booking Management System POST Parameter review_search.php sql injection
E
CVE-2023-0284 Improper validation of LDAP user IDs
CVE-2023-0285 Real Media Library < 4.18.29 - Author+ Stored XSS
E
CVE-2023-0286 X.400 address type confusion in X.509 GeneralName
S
CVE-2023-0287 ityouknow favorites-web Comment cross site scripting
E
CVE-2023-0288 Heap-based Buffer Overflow in vim/vim
E S
CVE-2023-0289 Cross-site Scripting (XSS) - Stored in craigk5n/webcalendar
E S
CVE-2023-0290 Rapid7 Velociraptor directory traversal in client ID parameter
S
CVE-2023-0291 The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing capa...
S
CVE-2023-0292 The Quiz And Survey Master plugin for WordPress is vulnerable to Cross-Site Request Forgery in versi...
E S
CVE-2023-0293 The Mediamatic – Media Library Folders plugin for WordPress is vulnerable to authorization bypass du...
CVE-2023-0294 The Mediamatic – Media Library Folders plugin for WordPress is vulnerable to Cross-Site Request Forg...
CVE-2023-0295 The Launchpad plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of its s...
CVE-2023-0296 The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health ch...
CVE-2023-0297 Code Injection in pyload/pyload
E S
CVE-2023-0298 Incorrect Authorization in firefly-iii/firefly-iii
E S
CVE-2023-0299 Improper Input Validation in publify/publify
E S
CVE-2023-0300 Cross-site Scripting (XSS) - Reflected in alfio-event/alf.io
E S
CVE-2023-0301 Cross-site Scripting (XSS) - Stored in alfio-event/alf.io
E S
CVE-2023-0302 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in radareorg/radare2
E S
CVE-2023-0303 SourceCodester Online Food Ordering System view_prod.php sql injection
E
CVE-2023-0304 SourceCodester Online Food Ordering System Signup Module admin_class.php sql injection
E
CVE-2023-0305 SourceCodester Online Food Ordering System Login Module admin_class.php sql injection
E
CVE-2023-0306 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
S
CVE-2023-0307 Weak Password Requirements in thorsten/phpmyfaq
S
CVE-2023-0308 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
S
CVE-2023-0309 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
S
CVE-2023-0310 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
S
CVE-2023-0311 Improper Authentication in thorsten/phpmyfaq
S
CVE-2023-0312 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
S
CVE-2023-0313 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
S
CVE-2023-0314 Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq
S
CVE-2023-0315 Command Injection in froxlor/froxlor
E S
CVE-2023-0316 Path Traversal: '\..\filename' in froxlor/froxlor
E S
CVE-2023-0317 GateManager debug interface is included in non-debug builds
CVE-2023-0319 An issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all ...
CVE-2023-0320 XSS in UBYS
CVE-2023-0321 Disclosure of Sensitive Information on Campbell Scientific Products
E M
CVE-2023-0322 XSS in Talent Software UNIS
S
CVE-2023-0323 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2023-0324 SourceCodester Online Tours & Travels Management System page-login.php sql injection
E
CVE-2023-0325 Uvdesk version 1.1.1 allows an unauthenticated remote attacker to exploit a stored XSS in the applic...
E
CVE-2023-0326 An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 ...
E
CVE-2023-0327 saemorris TheRadSystem users.php cross site scripting
S
CVE-2023-0328 WPCode < 2.0.7 - Contributor+ WPCode Library Auth Key Update/Deletion
E
CVE-2023-0329 Elementor Website Builder < 3.12.2 - Admin+ SQLi
E
CVE-2023-0330 Qemu: lsi53c895a: dma reentrancy issue leads to stack overflow
S
CVE-2023-0331 Correos Oficial <= 1.2.0.2 - Unauthenticated Arbitrary File Download
E
CVE-2023-0332 SourceCodester Online Food Ordering System manage_user.php sql injection
E
CVE-2023-0333 TemplatesNext ToolKit < 3.2.9 - Contributor+ Stored XSS
E
CVE-2023-0334 ShortPixel Adaptive Images < 3.6.3 - Reflected XSS
E
CVE-2023-0335 WP Shamsi <= 4.3.3 - Subscriber+ Attachment Deletion
E
CVE-2023-0336 OoohBoi Steroids for Elementor < 2.1.5 - Subscriber+ Attachment Deletion
E
CVE-2023-0337 Cross-site Scripting (XSS) - Reflected in lirantal/daloradius
E S
CVE-2023-0338 Cross-site Scripting (XSS) - Reflected in lirantal/daloradius
E S
CVE-2023-0339 AM Web Policy Agent path traversal
M
CVE-2023-0340 Custom Content Shortcode <= 4.0.2 - Contributor+ LFI
E
CVE-2023-0341 Stack Buffer Overflow in editorconfig-core-c
E S
CVE-2023-0342 MongoDB Ops Manager may disclose sensitive information in Diagnostic Archive
CVE-2023-0343 CVE-2023-0343
CVE-2023-0344 CVE-2023-0344
CVE-2023-0345 CVE-2023-0345
CVE-2023-0346 CVE-2023-0346
CVE-2023-0347 CVE-2023-0347
CVE-2023-0348 CVE-2023-0348
CVE-2023-0349 CVE-2023-0349
CVE-2023-0350 CVE-2023-0350
CVE-2023-0351 CVE-2023-0351
CVE-2023-0352 CVE-2023-0352
CVE-2023-0353 CVE-2023-0353
CVE-2023-0354 CVE-2023-0354
CVE-2023-0355 CVE-2023-0355
CVE-2023-0356 SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP...
M
CVE-2023-0357 Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the applic...
E
CVE-2023-0358 Use After Free in gpac/gpac
E S
CVE-2023-0359 ipv6: Missing ipv6 nullptr-check in handle_ra_input
E
CVE-2023-0360 Location Weather < 1.3.4 - Contributor+ Stored XSS
E
CVE-2023-0361 A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. Th...
E S
CVE-2023-0362 Themify Portfolio Post < 1.2.2 - Contributor+ Stored XSS
E
CVE-2023-0363 Scheduled Announcements Widget < 1.0 - Contributor+ Stored XSS
E
CVE-2023-0364 real.Kit < 5.1.1 - Contributor+ Stored XSS
E
CVE-2023-0365 React Webcam <= 1.2.0 - Contributor+ Stored XSS
E
CVE-2023-0366 Loan Comparison < 1.5.3 - Contributor+ Stored XSS via shortcode
E
CVE-2023-0367 Pricing Tables For WPBakery Page Builder < 3.0 - Contributor+ Stored XSS
E
CVE-2023-0368 Responsive Tabs For WPBakery Page Builder <= 1.1 - Contributor+ Stored XSS
E
CVE-2023-0369 GoToWP <= 5.1.1 - Contributor+ Stored XSS
E
CVE-2023-0370 WPB Advanced FAQ <= 1.0.6 - Contributor+ Stored XSS
E
CVE-2023-0371 EmbedSocial < 1.1.28 - Contributor+ Stored XSS
E
CVE-2023-0372 EmbedStories < 0.7.5 - Contributor+ Stored XSS
E
CVE-2023-0373 Lightweight Accordion < 1.5.15 - Contributor+ Stored XSS
E
CVE-2023-0374 W4 Post List < 2.4.6 - Contributor+ Stored XSS
E
CVE-2023-0375 Easy Affiliate Links < 3.7.1 - Contributor+ Stored XSS
E
CVE-2023-0376 Qubely < 1.8.5 - Contributor+ Stored XSS
E
CVE-2023-0377 Scriptless Social Sharing < 3.2.2 - Contributor+ Stored XSS
E
CVE-2023-0378 Greenshift < 5.0 - Contributor+ Stored XSS
E
CVE-2023-0379 Spotlight Social Feeds < 1.4.3 - Contributor+ Stored XSS
E
CVE-2023-0380 Easy Digital Downloads < 3.1.0.5 - Contributor+ Stored XSS
E
CVE-2023-0381 GigPress <= 2.3.28 - Subscriber+ SQLi
E
CVE-2023-0382 Uncontrolled Resource Consumption in M-Files Server
S
CVE-2023-0383 Uncontrolled Resource Consuption in M-Files Server
S
CVE-2023-0384 Uncontrolled Resource Consuption in M-Files Server
S
CVE-2023-0385 The Custom 404 Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
S
CVE-2023-0386 A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file ...
S
CVE-2023-0387 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2023-0388 Random Text <= 0.3.0 - Subscriber+ SQLi
E
CVE-2023-0389 Calculated Fields Form < 1.1.151 - Admin+ Stored Cross-Site Scripting via Dropdown Fields
E
CVE-2023-0391 MGT-COMMERCE CloudPanel Shared Certificate
E
CVE-2023-0392 The LDAP Agent Update service with versions prior to 5.18 used an unquoted path, which could allow a...
CVE-2023-0394 A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the netw...
S
CVE-2023-0395 menu shortcode <= 1.0 - Contributor+ Stored XSS via Shortcode
E
CVE-2023-0396 Buffer Overreads in Bluetooth HCI
E
CVE-2023-0397 DoS: Invalid Initialization in le_read_buffer_size_complete
E
CVE-2023-0398 Cross-Site Request Forgery (CSRF) in modoboa/modoboa
E S
CVE-2023-0399 Image Over Image For WPBakery Page Builder < 3.0 - Contributor+ Stored XSS
E
CVE-2023-0400 The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This...
S
CVE-2023-0401 NULL dereference during PKCS7 data verification
S
CVE-2023-0402 The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
E S
CVE-2023-0403 The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
E
CVE-2023-0404 The Events Made Easy plugin for WordPress is vulnerable to authorization bypass due to a missing cap...
S
CVE-2023-0405 GPT3 AI Content Writer < 1.4.38 - Subscriber+ Arbitrary Post Content Update
E
CVE-2023-0406 Cross-Site Request Forgery (CSRF) in modoboa/modoboa
E S
CVE-2023-0410 Cross-site Scripting (XSS) - Generic in builderio/qwik
S
CVE-2023-0411 Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows de...
S
CVE-2023-0412 TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service vi...
S
CVE-2023-0413 Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service v...
S
CVE-2023-0414 Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection...
S
CVE-2023-0415 iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service v...
S
CVE-2023-0416 GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via...
S
CVE-2023-0417 Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial o...
S
CVE-2023-0418 Video Central for WordPress <= 1.3.0 - Contributor+ Stored XSS
E
CVE-2023-0419 Shortcode for Font Awesome < 1.4.1 - Contributor+ Stored XSS
E
CVE-2023-0420 Custom Post Type and Taxonomy GUI Manager <= 1.1 - Stored XSS via CSRF
E
CVE-2023-0421 Cloud Manager <= 1.0 - Reflected XSS
E
CVE-2023-0422 Article Directory <= 1.3 - Admin+ Stored XSS
E
CVE-2023-0423 WordPress Amazon S3 Plugin < 1.6 - Reflected XSS
E
CVE-2023-0424 MS-Reviews <= 1.5 - Subscriber+ Stored XSS
E
CVE-2023-0425 Buffer overflow in global memory region
S
CVE-2023-0426 Stack overflow in filename or in boundary
S
CVE-2023-0428 Watu Quiz < 3.3.8.2 - Reflected XSS
E
CVE-2023-0429 Watu Quiz < 3.3.8.3 - Admin+ Stored XSS
E
CVE-2023-0430 Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed wit...
CVE-2023-0431 File Away <= 3.9.9.0.1 - Contributor+ Stored XSS via Shortcode
E
CVE-2023-0432 CVE-2023-0432
S
CVE-2023-0433 Heap-based Buffer Overflow in vim/vim
E S
CVE-2023-0434 Improper Input Validation in pyload/pyload
E S
CVE-2023-0435 Excessive Attack Surface in pyload/pyload
E S
CVE-2023-0436 Secret logging may occur in debug mode of Atlas Operator
CVE-2023-0437 MongoDB client C Driver may infinitely loop when validating certain BSON input data
CVE-2023-0438 Cross-Site Request Forgery (CSRF) in modoboa/modoboa
E S
CVE-2023-0439 NEX-Forms < 8.4.4 - Authenticated Stored XSS
E
CVE-2023-0440 Observable Discrepancy in healthchecks/healthchecks
E S
CVE-2023-0441 Gallery Blocks with Lightbox < 3.0.8 - Subscriber+ Arbitrary Options Update
E
CVE-2023-0442 Loan Comparison < 1.5.2 - Reflected XSS via shortcode
E
CVE-2023-0443 AnyWhere Elementor < 1.2.8 - Freemius API Key Disclosure
E
CVE-2023-0444 A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a....
CVE-2023-0446 The My YouTube Channel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its set...
S
CVE-2023-0447 The My YouTube Channel plugin for WordPress is vulnerable to authorization bypass due to a missing c...
S
CVE-2023-0448 The WP Helper Lite WordPress plugin, in versions < 4.3, returns all GET parameters unsanitized in th...
E
CVE-2023-0449 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2023-0450 An issue has been discovered in GitLab affecting all versions starting from 8.1 to 15.8.5, and from ...
CVE-2023-0451 Econolite EOS versions prior to 3.2.23 lack a password requirement for gaining “READONLY” access to ...
CVE-2023-0452 Econolite EOS versions prior to 3.2.23 use a weak hash algorithm for encrypting privileged user cred...
CVE-2023-0453 WP Private Message < 1.0.6 - Private Message Disclosure via IDOR
E
CVE-2023-0454 OrangeScrum version 2.0.11 allows an authenticated external attacker to delete arbitrary local files...
E
CVE-2023-0455 Unrestricted Upload of File with Dangerous Type in unilogies/bumsys
E S
CVE-2023-0456 Apicast proxies the api call with incorrect jwt token to the api backend without proper authorization check
E
CVE-2023-0457 Information Disclosure Vulnerability in MELSEC Series
M
CVE-2023-0458 Spectre V1 Gadget in do_prlimit in the Linux Kernel
S
CVE-2023-0459 Copy_from_user Spectre-V1 Gadget in Linux Kernel
S
CVE-2023-0460 Remote code execution in YouTube Android Player API SDK
CVE-2023-0461 Use-after-free vulnerability in the Linux Kernel
S
CVE-2023-0462 Arbitrary code execution through yaml global parameters
CVE-2023-0463 The force offline MFA prompt setting is not respected when switching to offline mode in Devolutions ...
CVE-2023-0464 Excessive Resource Usage Verifying X.509 Policy Constraints
S
CVE-2023-0465 Invalid certificate policies in leaf certificates are silently ignored
S
CVE-2023-0466 Certificate policy check not enabled
S
CVE-2023-0467 WP Dark Mode < 4.0.8 - Subscriber+ Local File Inclusion
E
CVE-2023-0468 A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcompon...
E S
CVE-2023-0469 A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring sub...
E S
CVE-2023-0470 Cross-site Scripting (XSS) - Stored in modoboa/modoboa
E S
CVE-2023-0471 Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to...
CVE-2023-0472 Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to poten...
CVE-2023-0473 Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attack...
CVE-2023-0474 Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinc...
CVE-2023-0475 Go-Getter Vulnerable to Decompression Bombs
CVE-2023-0476 A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied inpu...
S
CVE-2023-0477 Auto Featured Image < 3.9.16 - Author+ Arbitrary File Upload
E
CVE-2023-0479 Print Invoice & Delivery Notes for WooCommerce < 4.7.2 - Reflected XSS
E
CVE-2023-0480 VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administ...
E
CVE-2023-0481 In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the Fil...
S
CVE-2023-0482 In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and M...
S
CVE-2023-0483 An issue has been discovered in GitLab affecting all versions starting from 12.1 before 15.7.8, all ...
CVE-2023-0484 Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks < 1.1.6 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0485 An issue has been discovered in GitLab affecting all versions starting from 13.11 before 15.8.5, all...
CVE-2023-0486 VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance's admini...
E
CVE-2023-0487 My Sticky Elements < 2.0.9 - Admin+ SQLi
E
CVE-2023-0488 Cross-site Scripting (XSS) - Stored in pyload/pyload
E S
CVE-2023-0489 SlideOnline <= 1.2.1 - Contributor+ Stored XSS
E
CVE-2023-0490 f(x) TOC <= 1.1.0 - Contributor+ Stored XSS
E
CVE-2023-0491 Schedulicity - Easy Online Scheduling <= 2.21 - Contributor+ Stored XSS
E
CVE-2023-0492 GS Products Slider for WooCommerce < 1.5.9 - Contributor+ Stored XSS
E
CVE-2023-0493 Improper Neutralization of Equivalent Special Elements in btcpayserver/btcpayserver
E S
CVE-2023-0494 A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerCl...
S
CVE-2023-0495 HT Slider For Elementor < 1.4.0 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0496 HT Event < 1.4.6 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0497 HT Portfolio < 1.1.6 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0498 WP Education < 1.2.7 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0499 QuickSwish < 1.1.0 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0500 WP Film Studio < 1.3.5 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0501 WP Insurance < 2.1.4 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0502 WP News <= 1.1.9 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0503 Free WooCommerce Theme 99fy Extension < 1.2.8 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0504 HT Politic < 2.3.8 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0505 Ever Compare <= 1.2.3 - Arbitrary Plugin Activation via CSRF
E
CVE-2023-0506 ByDemes Group Airspace CCTV Web Service Improper Access Control
S
CVE-2023-0507 Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch,...
CVE-2023-0508 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') in GitLab
CVE-2023-0509 Improper Certificate Validation in pyload/pyload
E S
CVE-2023-0511 AM Java Policy Agent path traversal
CVE-2023-0512 Divide By Zero in vim/vim
E S
CVE-2023-0513 isoftforce Dreamer CMS cross site scripting
E S
CVE-2023-0514 Membership Database <= 1.0 - Reflected XSS
E
CVE-2023-0515 SourceCodester Online Tours & Travels Management System Parameter forget_password.php sql injection
E
CVE-2023-0516 SourceCodester Online Tours & Travels Management System Parameter forget_password.php sql injection
E
CVE-2023-0518 An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 before 15.6.7...
CVE-2023-0519 Cross-site Scripting (XSS) - Stored in modoboa/modoboa
E S
CVE-2023-0520 RapidExpCart <= 1.0 - Stored XSS via CSRF
E
CVE-2023-0522 Enable/Disable Auto Login when Register <= 1.1.0 - Settings Update via CSRF
E
CVE-2023-0523 An issue has been discovered in GitLab affecting all versions starting from 15.6 before 15.8.5, 15.9...
CVE-2023-0524 As part of our Security Development Lifecycle, a potential privilege escalation issue was identified...
CVE-2023-0525 Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 mode...
CVE-2023-0526 Post Shortcode <= 2.0.9 - Contributor+ Stored Cross-Site Scripting
E
CVE-2023-0527 PHPGurukul Online Security Guards Hiring System search-request.php cross site scripting
E
CVE-2023-0528 SourceCodester Online Tours & Travels Management System abc.php sql injection
E
CVE-2023-0529 SourceCodester Online Tours & Travels Management System add_payment.php sql injection
E
CVE-2023-0530 SourceCodester Online Tours & Travels Management System approve_user.php sql injection
E
CVE-2023-0531 SourceCodester Online Tours & Travels Management System booking_report.php sql injection
E
CVE-2023-0532 SourceCodester Online Tours & Travels Management System disapprove_user.php sql injection
E
CVE-2023-0533 SourceCodester Online Tours & Travels Management System expense_report.php sql injection
E
CVE-2023-0534 SourceCodester Online Tours & Travels Management System expense_report.php sql injection
E
CVE-2023-0535 Donation Block For PayPal < 2.1.0 - Contributor+ Stored XSS
E
CVE-2023-0536 Wp-D3 <= 2.4.1 - Contributor+ Stored XSS
E
CVE-2023-0537 Product Slider For WooCommerce Lite <= 1.1.7 - Contributor+ Stored XSS
E
CVE-2023-0538 Campaign URL Builder < 1.8.2 - Contributor+ Stored XSS
E
CVE-2023-0539 GS Insever Portfolio < 1.4.5 - Contributor+ Stored XSS
E
CVE-2023-0540 GS Filterable Portfolio < 1.6.1 - Contributor+ Stored XSS
E
CVE-2023-0541 GS Books Showcase < 1.3.1 - Contributor+ Stored XSS
E
CVE-2023-0542 Custom Post Type List Shortcode <= 1.4.4 - Contributor+ Stored XSS
E
CVE-2023-0543 Arigato Autoresponder and Newsletter < 2.1.7.2 - Admin+ Stored XSS
E
CVE-2023-0544 WP Login Box <= 2.0.2 - Admin+ Stored XSS
E
CVE-2023-0545 Hostel < 1.1.5.2 - Admin+ Stored XSS
E
CVE-2023-0546 FluentForms < 4.3.25 - Contributor+ Stored XSS via Custom HTML Form Field
E
CVE-2023-0547 OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email...
CVE-2023-0548 Namaste! LMS < 2.5.9.4 - Admin+ Stored XSS
E
CVE-2023-0549 YAFNET Private Message PostPrivateMessage cross site scripting
E S
CVE-2023-0550 The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in ...
S
CVE-2023-0551 REST API TO MiniProgram <= 4.6.1 - Subscriber+ Attachment Deletion
E
CVE-2023-0552 Pie Register < 3.8.2.3 - Open Redirect
E
CVE-2023-0553 The Quick Restaurant Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its ...
S
CVE-2023-0554 The Quick Restaurant Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in versio...
S
CVE-2023-0555 The Quick Restaurant Menu plugin for WordPress is vulnerable to authorization bypass due to a missin...
S
CVE-2023-0556 The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capabi...
E S
CVE-2023-0557 The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions u...
E S
CVE-2023-0558 The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure toke...
E
CVE-2023-0559 GS Portfolio for Envato < 1.4.0 - Contributor+ Stored XSS
E
CVE-2023-0560 SourceCodester Online Tours & Travels Management System practice_pdf.php sql injection
E
CVE-2023-0561 SourceCodester Online Tours & Travels Management System s.php sql injection
E
CVE-2023-0562 PHPGurukul Bank Locker Management System Login index.php sql injection
E
CVE-2023-0563 PHPGurukul Bank Locker Management System Assign Locker add-locker-form.php cross site scripting
E
CVE-2023-0564 Weak Password Requirements in froxlor/froxlor
E S
CVE-2023-0565 Business Logic Errors in froxlor/froxlor
E S
CVE-2023-0566 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in froxlor/froxlor
E S
CVE-2023-0567 password_verify() always returns true for some invalid hashes
E
CVE-2023-0568 Array overrun in common path resolve code
E S
CVE-2023-0569 Weak Password Requirements in publify/publify
S
CVE-2023-0570 SourceCodester Online Tours & Travels Management System payment_operation.php sql injection
E
CVE-2023-0571 SourceCodester Canteen Management System Add Customer createcustomer.php cross site scripting
E
CVE-2023-0572 Unchecked Error Condition in froxlor/froxlor
E S
CVE-2023-0574 Server-Side Request Forgery
S
CVE-2023-0575 Remote Code Execution
S
CVE-2023-0576 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2023-0577 Multiple XSS in ASOS Information Technologies' Sobiad
CVE-2023-0578 Multiple XSS in ASOS Information Technologies' Book Cites
CVE-2023-0579 YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi
E
CVE-2023-0580 Information Disclosure vulnerability in My Control System (on-premise)
CVE-2023-0581 The PrivateContent plugin for WordPress is vulnerable to protection mechanism bypass due to the use ...
CVE-2023-0582 Path Traversal in ForgeRock Access Managment
M
CVE-2023-0583 The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_vk_b...
S
CVE-2023-0584 The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_opti...
S
CVE-2023-0585 The All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multip...
CVE-2023-0586 The All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multip...
CVE-2023-0587 A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed ...
CVE-2023-0588 Catalyst Connect Zoho CRM Client Portal < 2.1.0 - Reflected XSS
E
CVE-2023-0589 WP Image Carousel <= 1.0.2 - Contributor+ Stored XSS
E
CVE-2023-0590 A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a r...
CVE-2023-0591 Path Traversal in ubi_reader
E S
CVE-2023-0592 Path traversal in jefferson
E S
CVE-2023-0593 Path traversal in yaffshiv
E S
CVE-2023-0594 Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch,...
CVE-2023-0595 A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinte...
CVE-2023-0597 A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memo...
S
CVE-2023-0598 GE Digital Proficy Code Injection
S
CVE-2023-0599 Rapid7 Metasploit Pro Stored XSS
CVE-2023-0600 WP Visitor Statistics (Real Time Traffic) < 6.9 - Unauthenticated SQLi
E
CVE-2023-0602 Twittee Text Tweet <= 1.0.8 - Reflected XSS
E
CVE-2023-0603 Sloth Logo Customizer <= 2.0.2 - Stored XSS via CSRF
E
CVE-2023-0604 WP Food Manager < 1.0.4 - Admin+ Stored XSS
E
CVE-2023-0605 Auto Rename Media On Upload < 1.1.0 - Admin+ Stored XSS
E
CVE-2023-0606 Cross-site Scripting (XSS) - Reflected in ampache/ampache
E S
CVE-2023-0607 Cross-site Scripting (XSS) - Stored in projectsend/projectsend
E S
CVE-2023-0608 Cross-site Scripting (XSS) - DOM in microweber/microweber
E S
CVE-2023-0609 Improper Authorization in wallabag/wallabag
E S
CVE-2023-0610 Improper Authorization in wallabag/wallabag
E S
CVE-2023-0611 TRENDnet TEW-652BRP Web Management Interface get_set.ccp command injection
E
CVE-2023-0612 TRENDnet TEW-811DRU httpd basic.asp buffer overflow
E
CVE-2023-0613 TRENDnet TEW-811DRU httpd security.asp memory corruption
E
CVE-2023-0614 The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LD...
CVE-2023-0615 A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V...
CVE-2023-0616 If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attem...
CVE-2023-0617 TRENDNet TEW-811DRU httpd guestnetwork.asp buffer overflow
E
CVE-2023-0618 TRENDnet TEW-652BRP Web Service cfg_op.ccp memory corruption
E
CVE-2023-0619 The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a mi...
CVE-2023-0620 Vault Vulnerable to SQL Injection When Configuring the Microsoft SQL Database Storage Backend
S
CVE-2023-0621 CVE-2023-0621
CVE-2023-0622 CVE-2023-0622
CVE-2023-0623 CVE-2023-0623
CVE-2023-0624 OrangeScrum version 2.0.11 allows an external attacker to obtain arbitrary user accounts from the ap...
E
CVE-2023-0625 Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog
S
CVE-2023-0626 Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route
S
CVE-2023-0627 Docker Desktop 4.11.x allows --no-windows-containers flag bypass
S
CVE-2023-0628 Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL
CVE-2023-0629 Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation restrictions via the raw Docker socket and launch privileged containers
CVE-2023-0630 Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection
E
CVE-2023-0631 Paid Memberships Pro < 2.9.12 - Subscriber+ SQL Injection
E
CVE-2023-0632 Inefficient Regular Expression Complexity in GitLab
E S
CVE-2023-0633 In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in LPE
S
CVE-2023-0634 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2023-0635 Privilege escalation to root
CVE-2023-0636 Remote Code Execution via Command Injection
CVE-2023-0637 TRENDnet TEW-811DRU Web Management Interface wan.asp memory corruption
E
CVE-2023-0638 TRENDnet TEW-811DRU Web Interface command injection
E
CVE-2023-0639 TRENDnet TEW-652BRP Web Management Interface get_set.ccp cross site scripting
CVE-2023-0640 TRENDnet TEW-652BRP Web Interface ping.ccp command injection
E
CVE-2023-0641 PHPGurukul Employee Leaves Management System changepassword.php weak password
E
CVE-2023-0642 Cross-Site Request Forgery (CSRF) in squidex/squidex
E S
CVE-2023-0643 Improper Handling of Additional Special Element in squidex/squidex
E S
CVE-2023-0644 PushAssist <= 3.0.8 - Reflected Cross-Site Scripting
E
CVE-2023-0645 Out of Bounds read in libjxl
S
CVE-2023-0646 dst-admin cavesConsole command injection
E
CVE-2023-0647 dst-admin kickPlayer command injection
E
CVE-2023-0648 dst-admin masterConsole command injection
E
CVE-2023-0649 dst-admin sendBroadcast command injection
E
CVE-2023-0650 YAFNET Signature cross site scripting
E S
CVE-2023-0651 FastCMS Template Management unrestricted upload
E
CVE-2023-0652 Local Privilege Escalation in Cloudflare WARP Installer (Windows)
CVE-2023-0654 Spoofing User's Activity Loads in WARP Mobile Client (Android)
CVE-2023-0655 SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacke...
CVE-2023-0656 A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker ...
CVE-2023-0657 Keycloak: impersonation via logout token exchange
CVE-2023-0658 Multilaser RE057/RE170 Backup File param.file.tgz information disclosure
CVE-2023-0659 BDCOM 1704-WGL Backup File param.file.tgz information disclosure
CVE-2023-0660 Smart Slider 3 < 3.5.1.14 - Contributor+ Stored XSS
E
CVE-2023-0661 Improper access control in Devolutions Server allows an authenticated user to access unauthorized se...
CVE-2023-0662 DoS vulnerability when parsing multipart request body
CVE-2023-0663 Calendar Event Management System Login Page sql injection
E
CVE-2023-0664 A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able ...
S
CVE-2023-0665 Vault PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata
S
CVE-2023-0666 Wireshark RTPS Parsing Buffer Overflow
E
CVE-2023-0667 Wireshark MSMMS parsing buffer overflow
E
CVE-2023-0668 Wireshark IEEE-C37.118 parsing buffer overflow
E
CVE-2023-0669 Fortra GoAnywhere MFT License Response Servlet Command Injection
KEV E S
CVE-2023-0670 Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator permis...
CVE-2023-0671 Code Injection in froxlor/froxlor
E S
CVE-2023-0673 SourceCodester Online Eyewear Shop sql injection
CVE-2023-0674 XXL-JOB New Password updatePwd cross-site request forgery
E
CVE-2023-0675 Calendar Event Management System sql injection
E
CVE-2023-0676 Cross-site Scripting (XSS) - Reflected in phpipam/phpipam
E S
CVE-2023-0677 Cross-site Scripting (XSS) - Reflected in phpipam/phpipam
E S
CVE-2023-0678 Missing Authorization in phpipam/phpipam
E S
CVE-2023-0679 SourceCodester Canteen Management System removeUser.php sql injection
E
CVE-2023-0680 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2023-0681 Rapid7 Nexpose Uncontrolled URL Redirect
CVE-2023-0683 A valid, authenticated XCC user with read only access may gain elevated privileges through a specifi...
S
CVE-2023-0684 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
CVE-2023-0685 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
CVE-2023-0686 SourceCodester Online Eyewear Shop HTTP POST Request update_cart sql injection
CVE-2023-0687 A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerabilit...
S
CVE-2023-0688 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via...
S
CVE-2023-0689 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via...
S
CVE-2023-0690 Boundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured
S
CVE-2023-0691 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via...
S
CVE-2023-0692 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via...
S
CVE-2023-0693 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via...
S
CVE-2023-0694 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via...
S
CVE-2023-0695 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by us...
S
CVE-2023-0696 Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentiall...
CVE-2023-0697 Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 ...
CVE-2023-0698 Out of bounds read in WebRTC in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to pe...
CVE-2023-0699 Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potential...
CVE-2023-0700 Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote at...
CVE-2023-0701 Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who ...
CVE-2023-0702 Type confusion in Data Transfer in Google Chrome prior to 110.0.5481.77 allowed a remote attacker wh...
CVE-2023-0703 Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who con...
CVE-2023-0704 Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote...
CVE-2023-0705 Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had o...
CVE-2023-0706 SourceCodester Medical Certificate Generator App manage_record.php sql injection
CVE-2023-0707 SourceCodester Medical Certificate Generator App function.php delete_record sql injection
CVE-2023-0708 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by us...
S
CVE-2023-0709 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by us...
S
CVE-2023-0710 The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by us...
S
CVE-2023-0711 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
CVE-2023-0712 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
CVE-2023-0713 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
CVE-2023-0714 Metform Elementor Contact Form Builder <= 3.2.4 - Unauthenticated Double-Extension Arbitrary File Upload
S
CVE-2023-0715 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
CVE-2023-0716 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
CVE-2023-0717 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
CVE-2023-0718 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
CVE-2023-0719 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
CVE-2023-0720 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capab...
CVE-2023-0721 The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in ve...
S
CVE-2023-0722 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
CVE-2023-0723 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
CVE-2023-0724 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
CVE-2023-0725 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
CVE-2023-0726 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
CVE-2023-0727 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
CVE-2023-0728 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
CVE-2023-0729 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
S
CVE-2023-0730 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up t...
CVE-2023-0731 The Interactive Geo Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the a...
S
CVE-2023-0732 SourceCodester Online Eyewear Shop POST Request Users.php registration cross site scripting
CVE-2023-0733 Newsletter Popup <= 1.2 - Unauthenticated Stored XSS
E
CVE-2023-0734 Improper Authorization in wallabag/wallabag
E S
CVE-2023-0735 Cross-Site Request Forgery (CSRF) in wallabag/wallabag
E S
CVE-2023-0736 Cross-site Scripting (XSS) - Stored in wallabag/wallabag
E S
CVE-2023-0737 CSRF in wallabag/wallabag
E S
CVE-2023-0738 OrangeScrum version 2.0.11 allows an external attacker to obtain arbitrary user accounts from the ap...
E
CVE-2023-0739 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in answerdev/answer
E S
CVE-2023-0740 Cross-site Scripting (XSS) - Stored in answerdev/answer
E S
CVE-2023-0741 Cross-site Scripting (XSS) - DOM in answerdev/answer
E S
CVE-2023-0742 Cross-site Scripting (XSS) - Stored in answerdev/answer
E S
CVE-2023-0743 Cross-site Scripting (XSS) - Generic in answerdev/answer
E S
CVE-2023-0744 Improper Access Control in answerdev/answer
E S
CVE-2023-0745 Arbitrary File Write in High Availability Backup Upload
S
CVE-2023-0746 XSS Vulnerability in GigaVue-FM
S
CVE-2023-0747 Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver
E S
CVE-2023-0748 Open Redirect in btcpayserver/btcpayserver
E S
CVE-2023-0749 Ocean Extra < 2.1.3 - Subscriber+ Arbitrary Post Content Disclosure
E
CVE-2023-0750 Yellowbrik PEC-1864 authentication bypass
M
CVE-2023-0751 GELI silently omits the keyfile if read from stdin
S
CVE-2023-0754 The affected products are vulnerable to an integer overflow or wraparound, which could  allow an at...
S
CVE-2023-0755 The affected products are vulnerable to an improper validation of array index, which could allow an...
S
CVE-2023-0756 An issue has been discovered in GitLab affecting all versions before 15.9.6, all versions starting f...
CVE-2023-0757 Phoenix Contact ProConOS prone to Incorrect Permission Assignment for Critical Resource
CVE-2023-0758 glorylion JFinalOA SysOrg.java sql injection
E
CVE-2023-0759 Privilege Chaining in cockpit-hq/cockpit
E S
CVE-2023-0760 Heap-based Buffer Overflow in gpac/gpac
E S
CVE-2023-0761 Clock In Portal <= 2.1 - Staff Deletion via CSRF
E
CVE-2023-0762 Clock In Portal <= 2.1 - Designation Deletion via CSRF
E
CVE-2023-0763 Clock In Portal <= 2.1 - Holidays Deletion via CSRF
E
CVE-2023-0764 Gallery by BestWebSoft < 4.7.0 - Author+ Stored Cross-Site Scripting
E
CVE-2023-0765 Gallery by BestWebSoft < 4.7.0 - Author+ SQL Injection
E
CVE-2023-0766 Newsletter Popup <= 1.2 - Record Deletion via CSRF
E
CVE-2023-0767 An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memor...
CVE-2023-0768 Avirato hotels online booking engine <= 5.0.5 - Subscriber+ SQLi
E
CVE-2023-0769 hiWeb Migration Simple <= 2.0.0.1 Reflected Cross-Site Scripting
E
CVE-2023-0770 Stack-based Buffer Overflow in gpac/gpac
E S
CVE-2023-0771 SQL Injection in ampache/ampache
E S
CVE-2023-0772 Popup Builder by OptinMonster < 2.12.2 - Subscriber+ Arbitrary Post Content Disclosure
E
CVE-2023-0773 Unauthorized Access Control Vulnerability in Uniview IP Camera
S
CVE-2023-0774 SourceCodester Medical Certificate Generator App action.php sql injection
E
CVE-2023-0775 Bluetooth LE Invalid prepare write request command leads to denial of service
CVE-2023-0776 Remote Code Execution in Baicells QRTB Platform
S
CVE-2023-0777 Authentication Bypass by Primary Weakness in modoboa/modoboa
E S
CVE-2023-0778 A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user...
CVE-2023-0779 net: shell: Improper input validation
CVE-2023-0780 Improper Restriction of Rendered UI Layers or Frames in cockpit-hq/cockpit
E S
CVE-2023-0781 SourceCodester Canteen Management System removeOrder.php query sql injection
E
CVE-2023-0782 Tenda AC23 httpd formGetSysToolDDNS out-of-bounds write
E
CVE-2023-0783 EcShop PHP File template.php unrestricted upload
E
CVE-2023-0784 SourceCodester Best Online News Portal Login Page sql injection
E
CVE-2023-0785 SourceCodester Best Online News Portal check_availability.php information exposure
E
CVE-2023-0786 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq
E S
CVE-2023-0787 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq
E S
CVE-2023-0788 Code Injection in thorsten/phpmyfaq
S
CVE-2023-0789 Command Injection in thorsten/phpmyfaq
S
CVE-2023-0790 Uncaught Exception in thorsten/phpmyfaq
E S
CVE-2023-0791 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
S
CVE-2023-0792 Code Injection in thorsten/phpmyfaq
E S
CVE-2023-0793 Weak Password Requirements in thorsten/phpmyfaq
E S
CVE-2023-0794 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
S
CVE-2023-0795 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to ...
E S
CVE-2023-0796 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to ...
E S
CVE-2023-0797 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiff...
E S
CVE-2023-0798 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to ...
E S
CVE-2023-0799 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to ...
E S
CVE-2023-0800 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to...
E S
CVE-2023-0801 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tif...
E S
CVE-2023-0802 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to...
E S
CVE-2023-0803 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to...
E S
CVE-2023-0804 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to...
E S
CVE-2023-0805 An issue has been discovered in GitLab EE affecting all versions starting from 15.2 before 15.9.6, a...
CVE-2023-0808 Deye/Revolt/Bosswerk Inverter Access Point Setting hard-coded password
E
CVE-2023-0809 In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that ar...
CVE-2023-0810 Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver
E S
CVE-2023-0811 Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM passw...
M
CVE-2023-0812 Active Directory Integration / LDAP Integration < 4.1.1 - Unauthenticated Data Disclosure
E
CVE-2023-0813 Network-observability-console-plugin-container: setting loki authtoken configuration to disable or host mode leads to authentication longer being enforced
CVE-2023-0814 The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to s...
S
CVE-2023-0815 Plaintext Password Present in the Web logs
S
CVE-2023-0816 Formidable Forms < 6.1 - IP Spoofing
E
CVE-2023-0817 Buffer Over-read in gpac/gpac
E S
CVE-2023-0818 Off-by-one Error in gpac/gpac
E S
CVE-2023-0819 Heap-based Buffer Overflow in gpac/gpac
E S
CVE-2023-0820 User Role by BestWebSoft < 1.6.7 - Privilege Escalation via CSRF
E
CVE-2023-0821 Nomad Client Vulnerable to Decompression Bombs in Artifact Block
CVE-2023-0822 Improper Authorization
S
CVE-2023-0823 Cookie Notice & Compliance for GDPR / CCPA < 2.4.7 - Contributor+ Stored XSS
E
CVE-2023-0824 UserPlus <= 2.0 - Stored XSS via CSRF
E
CVE-2023-0827 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2023-0828 Stored Cross Site Scripting in syslog section
S
CVE-2023-0829 Cross-Site Scripting (XSS) vulnerability in Plesk
S
CVE-2023-0830 EasyNAS backup.pl system os command injection
E
CVE-2023-0831 The Under Construction plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions ...
S
CVE-2023-0832 The Under Construction plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions ...
S
CVE-2023-0833 Red hat a-mq streams: component version with information disclosure flaw
E
CVE-2023-0834 Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacO...
CVE-2023-0835 markdown-pdf version 11.0.0 allows an external attacker to remotely obtain arbitrary local files. Th...
E
CVE-2023-0836 An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before ...
CVE-2023-0837 An improper authorization check of local device settings in TeamViewer Remote between version 15.41...
CVE-2023-0838 An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 bef...
CVE-2023-0839 Improper Error Handling in inSCADA
CVE-2023-0840 PHPCrazy cross site scripting
E
CVE-2023-0841 GPAC reframe_mp3.c mp3_dmx_process heap-based overflow
E
CVE-2023-0842 xml2js version 0.4.23 allows an external attacker to edit or add new properties to an object. This i...
E
CVE-2023-0844 Namaste! LMS < 2.6 - Admin+ Stored XSS
E
CVE-2023-0845 Consul Server Panic when Ingress and API Gateways Configured with Peering
CVE-2023-0846 Unauthenticated, stored XSS in display of alarm reduction-key
S
CVE-2023-0847 The Sub-IoT implementation of the DASH 7 Alliance protocol has a vulnerability that can lead to an ...
CVE-2023-0848 Netgear WNDR3700v2 Web Management Interface denial of service
CVE-2023-0849 Netgear WNDR3700v2 Web Interface command injection
E
CVE-2023-0850 Netgear WNDR3700v2 Web Interface denial of service
E
CVE-2023-0851 Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers an...
CVE-2023-0852 Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction...
CVE-2023-0853 Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Print...
CVE-2023-0854 Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Mult...
CVE-2023-0855 Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers a...
CVE-2023-0856 Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and L...
CVE-2023-0857 Unintentional change of settings during initial registration of system administrators which uses con...
CVE-2023-0858 Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printe...
CVE-2023-0859 Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multif...
CVE-2023-0860 Improper Restriction of Excessive Authentication Attempts in modoboa/modoboa-installer
E S
CVE-2023-0861 Authenticated Command Injection in NetModule NSRW
CVE-2023-0862 Path Traversal in NetModule NSRW
CVE-2023-0863 Authentication to access the AC wallbox via its Bluetooth Low Energy (BLE) channel can be bypassed,
CVE-2023-0864 Configuration data is exchanged in plaintext and could be available to a nearby attacker if present during configuration or usage of the device via Bluetooth Low Energy (BLE).
CVE-2023-0865 WooCommerce Multiple Customer Addresses & Shipping < 21.7 - Arbitrary Address Creation/Deletion/Access/Update via IDOR
E
CVE-2023-0866 Heap-based Buffer Overflow in gpac/gpac
E S
CVE-2023-0867 Multiple stored and reflected Cross-site Scripting in webapp
S
CVE-2023-0868 Stealing Cookies using Reflected XSS via graph results
S
CVE-2023-0869 Cross-site scripting in outage/list.htm
S
CVE-2023-0870 Form Can Be Manipulated with Cross-Site Request Forgery (CSRF)
S
CVE-2023-0871 An XML External Entity injection vulnerability
S
CVE-2023-0872 ROLE_REST can be used to escalate to ROLE_ADMIN via /rest/users
S
CVE-2023-0873 Kanban Boards for WordPress < 2.5.21 - Admin+ Stored XSS
E
CVE-2023-0874 Klaviyo <= 3.0.10 - Admin+ Stored XSS
E
CVE-2023-0875 WP Meta SEO < 4.5.3 - Subscriber+ SQLi
E
CVE-2023-0876 WP Meta SEO < 4.5.3 - Subscriber+ Improper Authorization causing Arbitrary Redirect
E
CVE-2023-0877 Code Injection in froxlor/froxlor
E S
CVE-2023-0878 Cross-site Scripting (XSS) - Generic in nuxt/framework
E S
CVE-2023-0879 Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver
E S
CVE-2023-0880 Misinterpretation of Input in thorsten/phpmyfaq
E S
CVE-2023-0881 DDoS in Ubuntu package linux-bluefield
CVE-2023-0882 Authorization Bypass Through User-Controlled Key on Single Connect
S
CVE-2023-0883 SourceCodester Online Pizza Ordering System index.php sql injection
E
CVE-2023-0884 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-3759. Reason: This candidate...
R
CVE-2023-0885 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-0518. Reason: This candidate...
R
CVE-2023-0886 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-3411. Reason: This candidate...
R
CVE-2023-0887 phjounin TFTPD64-SE tftpd64_svc.exe unquoted search path
CVE-2023-0888 Authenticated eval injection in B. Braun Space Battery pack SP with Wi-Fi
S
CVE-2023-0889 TF Random Numbers < 2.0.1 - Subscriber+ Arbitrary Option Update
E
CVE-2023-0890 Shortcodes Ultimate < 5.12.8 - Subscriber+ Arbitrary Post Access
E
CVE-2023-0891 Stagtools < 2.3.7 - Contributor+ Stored XSS
E
CVE-2023-0892 BizLibrary <= 1.1 - Admin+ Stored XSS
E
CVE-2023-0893 Time Sheets < 1.29.3 - Admin+ Stored XSS
E
CVE-2023-0894 Pickup | Delivery | Dine-in date time <= 1.0.9 - Admin+ Stored XSS
E
CVE-2023-0895 The WP Coder – add custom html, css and js code plugin for WordPress is vulnerable to time-based SQL...
S
CVE-2023-0896 A default password was reported in Lenovo Smart Clock Essential with Alexa Built In that could allow...
S
CVE-2023-0897 Session FIxation in Sielco PolyEco1000
CVE-2023-0898 Uncontrolled Search Path Element in GE MiCOM S1 Agile
S
CVE-2023-0899 Steveas WP Live Chat Shoutbox <= 1.4.2 - Unauthenticated Stored XSS
E
CVE-2023-0900 AP Pricing Tables Lite <= 1.1.6 - Admin+ SQLi
E
CVE-2023-0901 Exposure of Sensitive Information to an Unauthorized Actor in pixelfed/pixelfed
E S
CVE-2023-0902 SourceCodester Simple Food Ordering System process_order.php cross site scripting
E
CVE-2023-0903 SourceCodester Employee Task Management System edit-task.php sql injection
E
CVE-2023-0904 SourceCodester Employee Task Management System task-details.php sql injection
E
CVE-2023-0905 SourceCodester Employee Task Management System changePasswordForEmployee.php improper authentication
E
CVE-2023-0906 SourceCodester Online Pizza Ordering System POST Parameter ajax.php delete_category missing authentication
CVE-2023-0907 Filseclab Twister Antivirus IoControlCode ffsmon.sys 0x220017 denial of service
E
CVE-2023-0908 Xoslab Easy File Locker xlkfs.sys MessageNotifyCallback denial of service
E
CVE-2023-0909 cxasm notepad-- Directory Comparison denial of service
E
CVE-2023-0910 SourceCodester Online Pizza Ordering System GET Parameter view_prod.php sql injection
CVE-2023-0911 Shortcodes Ultimate < 5.12.8 - Subscriber+ User Meta Disclosure
E
CVE-2023-0912 SourceCodester Auto Dealer Management System sql injection
E
CVE-2023-0913 SourceCodester Auto Dealer Management System sql injection
E
CVE-2023-0914 Improper Authorization in pixelfed/pixelfed
E S
CVE-2023-0915 SourceCodester Auto Dealer Management System sql injection
E
CVE-2023-0916 SourceCodester Auto Dealer Management System Users.php access control
E
CVE-2023-0917 SourceCodester Simple Customer Relationship Management System login.php sql injection
E
CVE-2023-0918 codeprojects Pharmacy Management System Avatar Image add.php unrestricted upload
E
CVE-2023-0919 Missing Authentication for Critical Function in kareadita/kavita
E S
CVE-2023-0921 Allocation of Resources Without Limits or Throttling in GitLab
CVE-2023-0922 The Samba AD DC administration tool, when operating against a remote LDAP server, will by default se...
M
CVE-2023-0923 Odh-notebook-controller-container: missing authorization allows for file contents disclosure
CVE-2023-0924 Zyrex Popup <= 1.0 - Admin+ Arbitrary File Upload
E
CVE-2023-0925 Software AG webMethods OneData Deserialization Vulnerability
CVE-2023-0926 Custom Permalinks <= 2.6.0 - Authenticated(Editor+) Stored Cross-Site Scripting
S
CVE-2023-0927 Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a rem...
CVE-2023-0928 Use after free in SwiftShader in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to ...
CVE-2023-0929 Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to poten...
CVE-2023-0930 Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to ...
CVE-2023-0931 Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potent...
CVE-2023-0932 Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attack...
CVE-2023-0933 Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potent...
CVE-2023-0934 Cross-site Scripting (XSS) - Stored in answerdev/answer
E S
CVE-2023-0935 DolphinPHP Incomplete Fix CVE-2021-46097 common.php os command injection
E
CVE-2023-0936 TP-Link Archer C50 Web Management Interface denial of service
E
CVE-2023-0937 VK All in One Expansion Unit < 9.87.1.0 - Reflected XSS
E
CVE-2023-0938 SourceCodester Music Gallery Site GET Request music_list.php sql injection
E
CVE-2023-0939 Multiple SQL Injection on NTN Information Technologies' Online Services software
S
CVE-2023-0940 ProfileGrid < 5.3.1 - Subscriber+ Arbitrary Password Reset
E
CVE-2023-0941 Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to pote...
CVE-2023-0942 The Japanized For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting v...
S
CVE-2023-0943 SourceCodester Best POS Management System Image save_settings unrestricted upload
CVE-2023-0944 Bhima version 1.27.0 allows an authenticated attacker with regular user permissions to update arbitr...
E
CVE-2023-0945 SourceCodester Best POS Management System cross site scripting
CVE-2023-0946 SourceCodester Best POS Management System sql injection
CVE-2023-0947 Path Traversal in flatpressblog/flatpress
E S
CVE-2023-0948 Japanized For WooCommerce < 2.5.8 - Reflected XSS
E
CVE-2023-0949 Cross-site Scripting (XSS) - Reflected in modoboa/modoboa
E S
CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing
CVE-2023-0951 Improper access controls on some API endpoints in Devolutions Server 2022.3.12 and earlier could al...
CVE-2023-0952 Improper access controls on entries in Devolutions Server 2022.3.12 and earlier could allow an auth...
CVE-2023-0953 Insufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and ear...
CVE-2023-0954 Debug feature in Sensormatic Electronics Illustra Dome and PTZ cameras
S
CVE-2023-0955 WP Statistics < 14.0 - Authenticated SQLi
E
CVE-2023-0956 TEL-STER TelWin SCADA WebInterface Path Traversal
S
CVE-2023-0957 An issue was discovered in Gitpod versions prior to release-2022.11.2.16. There is a Cross-Site WebS...
S
CVE-2023-0958 Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due t...
S
CVE-2023-0959 Bhima version 1.27.0 allows a remote attacker to update the privileges of any account registered in ...
E
CVE-2023-0960 SeaCMS Picture Management config.ftp.php deserialization
E
CVE-2023-0961 SourceCodester Music Gallery Site GET Request view_music_details.php sql injection
E
CVE-2023-0962 SourceCodester Music Gallery Site GET Request Master.php sql injection
E
CVE-2023-0963 SourceCodester Music Gallery Site POST Request Users.php access control
E
CVE-2023-0964 SourceCodester Sales Tracker Management System view_product.php sql injection
CVE-2023-0965 Key duplication in GSDK
S
CVE-2023-0966 SourceCodester Online Eyewear Shop cross site scripting
E
CVE-2023-0967 Bhima version 1.27.0 allows an attacker authenticated with normal user permissions to view sensitive...
E
CVE-2023-0968 The Watu Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dn’, 'em...
CVE-2023-0969 Global read overflow in Z/IP Gateway
CVE-2023-0970 Serial API Buffer Overflow in Z/IP Gateway
CVE-2023-0971 Command Authentication Bypass in Z/IP Gateway
CVE-2023-0972 Buffer overflow in S0 Decryption on Z/IP Gatweay
CVE-2023-0973 Step Tools Third-Party
S
CVE-2023-0975 A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local us...
CVE-2023-0976 A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to pla...
CVE-2023-0977 A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier,...
CVE-2023-0978 A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, a...
S
CVE-2023-0979 SQLi in MedDataPACS
CVE-2023-0980 SourceCodester Yoga Class Registration System Status Update update_status.php sql injection
CVE-2023-0981 SourceCodester Yoga Class Registration System Delete User sql injection
CVE-2023-0982 SourceCodester Yoga Class Registration System Add Class Entry sql injection
CVE-2023-0983 Stylish Cost Calculator Premium < 7.9.0 - Unauthenticated Stored XSS
E
CVE-2023-0985 Helmholz and MB Connect Line: Account takeover via password reset in multiple products
M
CVE-2023-0986 SourceCodester Sales Tracker Management System Edit User sql injection
CVE-2023-0987 SourceCodester Online Pizza Ordering System cross site scripting
E
CVE-2023-0988 SourceCodester Online Pizza Ordering System cross-site request forgery
E
CVE-2023-0989 Improper Ownership Management in GitLab
E S
CVE-2023-0992 The Shield Security plugin for WordPress is vulnerable to stored Cross-Site Scripting in versions up...
S
CVE-2023-0993 The Shield Security plugin for WordPress is vulnerable to Missing Authorization on the 'theme-plugin...
S
CVE-2023-0994 Exposure of Sensitive Information to an Unauthorized Actor in francoisjacquet/rosariosis
E S
CVE-2023-0995 Cross-site Scripting (XSS) - Stored in unilogies/bumsys
E S
CVE-2023-0996 There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libhe...
S
CVE-2023-0997 SourceCodester Moosikay E-Commerce System POST Parameter order.php sql injection
E
CVE-2023-0998 SourceCodester Alphaware Simple E-Commerce System Payment summary.php access control
E
CVE-2023-0999 SourceCodester Sales Tracker Management System cross-site request forgery
E
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.