| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2023-44000 | An issue in Otakara lapis totuka mini-app on Line v13.6.1 allows attackers to send crafted malicious... | E | |
| CVE-2023-44001 | An issue in Ailand clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifi... | E | |
| CVE-2023-44002 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-44008 | File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code... | E | |
| CVE-2023-44009 | File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code... | E | |
| CVE-2023-44011 | An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted sc... | E | |
| CVE-2023-44012 | Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbit... | E | |
| CVE-2023-44013 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow... | | |
| CVE-2023-44014 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack o... | | |
| CVE-2023-44015 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow... | | |
| CVE-2023-44016 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow... | | |
| CVE-2023-44017 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow... | | |
| CVE-2023-44018 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow... | | |
| CVE-2023-44019 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow... | | |
| CVE-2023-44020 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow... | | |
| CVE-2023-44021 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow... | | |
| CVE-2023-44022 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow... | | |
| CVE-2023-44023 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow... | | |
| CVE-2023-44024 | SQL injection vulnerability in KnowBand Module One Page Checkout, Social Login & Mailchimp (superche... | S | |
| CVE-2023-44025 | SQL injection vulnerability in addify Addifyfreegifts v.1.0.2 and before allows a remote attacker to... | | |
| CVE-2023-44031 | Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows... | | |
| CVE-2023-44037 | An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows a ... | | |
| CVE-2023-44038 | In VeridiumID before 3.5.0, the identity provider page allows an unauthenticated attacker to discove... | | |
| CVE-2023-44039 | In VeridiumID before 3.5.0, the WebAuthn API allows an internal unauthenticated attacker (who can pa... | | |
| CVE-2023-44040 | In VeridiumID before 3.5.0, the identity provider page is susceptible to a cross-site scripting (XSS... | | |
| CVE-2023-44042 | A stored cross-site scripting (XSS) vulnerability in /settings/index.php of Black Cat CMS 1.4.1 allo... | E | |
| CVE-2023-44043 | A reflected cross-site scripting (XSS) vulnerability in /install/index.php of Black Cat CMS 1.4.1 al... | E | |
| CVE-2023-44044 | Super Store Finder v3.6 and below was discovered to contain a SQL injection vulnerability via the Se... | E | |
| CVE-2023-44047 | Sourcecodester Toll Tax Management System v1 is vulnerable to SQL Injection.... | E | |
| CVE-2023-44048 | Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add category.... | E | |
| CVE-2023-44061 | File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to ... | E | |
| CVE-2023-44075 | Cross Site Scripting vulnerability in Small CRM in PHP v.3.0 allows a remote attacker to execute arb... | E | |
| CVE-2023-44077 | Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP... | | |
| CVE-2023-44078 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-44080 | An issue in PGYER codefever v.2023.8.14-2ce4006 allows a remote attacker to execute arbitrary code v... | | |
| CVE-2023-44081 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)... | S | |
| CVE-2023-44082 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)... | S | |
| CVE-2023-44083 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)... | S | |
| CVE-2023-44084 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)... | S | |
| CVE-2023-44085 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)... | S | |
| CVE-2023-44086 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)... | S | |
| CVE-2023-44087 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009)... | S | |
| CVE-2023-44088 | SQL Injection in Visual Console | S | |
| CVE-2023-44089 | XSS in Visual Console | S | |
| CVE-2023-44090 | UnautH SQL Injection | S | |
| CVE-2023-44091 | Unauth Time-Based SQL Injection | S | |
| CVE-2023-44092 | OS Command Injection | S | |
| CVE-2023-44093 | Vulnerability of package names' public keys not being verified in the security module.Successful exp... | | |
| CVE-2023-44094 | Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerab... | | |
| CVE-2023-44095 | Use-After-Free (UAF) vulnerability in the surfaceflinger module.Successful exploitation of this vuln... | | |
| CVE-2023-44096 | Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of... | | |
| CVE-2023-44097 | Vulnerability of the permission to access device SNs being improperly managed.Successful exploitatio... | | |
| CVE-2023-44098 | Vulnerability of missing encryption in the card management module. Successful exploitation of this v... | | |
| CVE-2023-44099 | Vulnerability of data verification errors in the kernel module. Successful exploitation of this vuln... | | |
| CVE-2023-44100 | Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this v... | | |
| CVE-2023-44101 | The Bluetooth module has a vulnerability in permission control for broadcast notifications.Successfu... | | |
| CVE-2023-44102 | Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this v... | | |
| CVE-2023-44103 | Out-of-bounds read vulnerability in the Bluetooth module.Successful exploitation of this vulnerabili... | | |
| CVE-2023-44104 | Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this v... | | |
| CVE-2023-44105 | Vulnerability of permissions not being strictly verified in the window management module.Successful ... | | |
| CVE-2023-44106 | API permission management vulnerability in the Fwk-Display module.Successful exploitation of this vu... | | |
| CVE-2023-44107 | Vulnerability of defects introduced in the design process in the screen projection module.Successfu... | | |
| CVE-2023-44108 | Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerab... | | |
| CVE-2023-44109 | Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may affect s... | | |
| CVE-2023-44110 | Out-of-bounds access vulnerability in the audio module.Successful exploitation of this vulnerability... | | |
| CVE-2023-44111 | Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of ... | | |
| CVE-2023-44112 | Out-of-bounds access vulnerability in the device authentication module. Successful exploitation of t... | | |
| CVE-2023-44113 | Vulnerability of missing permission verification for APIs in the Designed for Reliability (DFR) modu... | | |
| CVE-2023-44114 | Out-of-bounds array vulnerability in the dataipa module.Successful exploitation of this vulnerabilit... | | |
| CVE-2023-44115 | Vulnerability of improper permission control in the Booster module. Impact: Successful exploitation ... | | |
| CVE-2023-44116 | Vulnerability of access permissions not being strictly verified in the APPWidget module.Successful e... | | |
| CVE-2023-44117 | Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitat... | | |
| CVE-2023-44118 | Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this vulnera... | | |
| CVE-2023-44119 | Vulnerability of mutual exclusion management in the kernel module.Successful exploitation of this vu... | | |
| CVE-2023-44120 | A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected product... | | |
| CVE-2023-44121 | LG ThinQ Service - Intent redirection with system privilege/LaunchAnyWhere | | |
| CVE-2023-44122 | LockScreenSettings - Theft arbitrary files with system privilege | | |
| CVE-2023-44123 | Bluetooth - Theft and (over-)write of arbitrary files with system privilege via PendingIntent hijacking | | |
| CVE-2023-44124 | Screen recording - Theft of arbitrary files with system privilege | | |
| CVE-2023-44125 | Personalized service - Theft and (over-)write of arbitrary files with system privilege via PendingIntent hijacking | | |
| CVE-2023-44126 | Call management - Implicit intents disclose telephony data such as phone numbers, call states, contacts | | |
| CVE-2023-44127 | Call management - Implicit activity intents disclose contact details and phone numbers | | |
| CVE-2023-44128 | LGInstallService - Deletion of arbitrary files with system privilege | | |
| CVE-2023-44129 | Messaging - Gaining access to arbitrary content providers via QClipIntentReceiverActivity | | |
| CVE-2023-44141 | Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legit... | | |
| CVE-2023-44142 | WordPress Inactive Logout plugin <= 3.2.2 - Broken Access Control vulnerability | S | |
| CVE-2023-44143 | WordPress Bamboo Columns Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44144 | WordPress Dreamfox Media Payment gateway per Product for Woocommerce Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-44145 | WordPress Anchor Episodes Index (Spotify for Podcasters) Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-44146 | WordPress Checkfront Online Booking System Plugin <= 3.6 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-44147 | WordPress Comment Blacklist Updater plugin <= 1.1.0 - Broken Access Control vulnerability | S | |
| CVE-2023-44148 | WordPress Astra Bulk Edit plugin <= 1.2.7 - Broken Access Control vulnerability | S | |
| CVE-2023-44149 | WordPress Brands for WooCommerce plugin <= 3.8.2.2 - Broken Access Control vulnerability | S | |
| CVE-2023-44150 | WordPress ProfilePress Plugin <= 4.13.2 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-44151 | WordPress Pre-Publish Checklist plugin <= 1.1.1 - Broken Access Control vulnerability | S | |
| CVE-2023-44152 | Sensitive information disclosure and manipulation due to improper authentication. The following prod... | | |
| CVE-2023-44153 | Sensitive information disclosure due to cleartext storage of sensitive information in memory. The fo... | | |
| CVE-2023-44154 | Sensitive information disclosure and manipulation due to improper authorization. The following produ... | | |
| CVE-2023-44155 | Sensitive information leak through log files. The following products are affected: Acronis Cyber Pro... | | |
| CVE-2023-44156 | Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis ... | | |
| CVE-2023-44157 | Local privilege escalation due to insecure folder permissions. The following products are affected: ... | | |
| CVE-2023-44158 | Sensitive information disclosure due to insufficient token field masking. The following products are... | | |
| CVE-2023-44159 | Sensitive information disclosure due to cleartext storage of sensitive information. The following pr... | | |
| CVE-2023-44160 | Sensitive information manipulation due to cross-site request forgery. The following products are aff... | | |
| CVE-2023-44161 | Sensitive information manipulation due to cross-site request forgery. The following products are aff... | | |
| CVE-2023-44162 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-44163 | Online Movie Ticket Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi) | E | |
| CVE-2023-44164 | Online Movie Ticket Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi) | E | |
| CVE-2023-44165 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-44166 | Online Movie Ticket Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi) | E | |
| CVE-2023-44167 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-44168 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-44169 | SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin... | E | |
| CVE-2023-44170 | SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin... | E | |
| CVE-2023-44171 | SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin... | E | |
| CVE-2023-44172 | SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin... | E | |
| CVE-2023-44173 | Online Movie Ticket Booking System v1.0 - Reflected Cross-Site Scripting (XSS) | E | |
| CVE-2023-44174 | Online Movie Ticket Booking System v1.0 - Stored Cross-Site Scripting (XSS) | E | |
| CVE-2023-44175 | Junos OS and Junos OS Evolved: Receipt of a specific genuine PIM packet causes RPD crash | S | |
| CVE-2023-44176 | Junos OS : Stack overflow vulnerability in CLI command processing | S | |
| CVE-2023-44177 | Junos OS and Junos OS Evolved: Stack overflow vulnerability in CLI command processing | S | |
| CVE-2023-44178 | Junos OS : Stack overflow vulnerability in CLI command processing | S | |
| CVE-2023-44181 | Junos OS: QFX5k: l2 loop in the overlay impacts the stability in a EVPN/VXLAN environment | S | |
| CVE-2023-44182 | Junos OS and Junos OS Evolved: An Unchecked Return Value in multiple users interfaces affects confidentiality and integrity of device operations | S | |
| CVE-2023-44183 | Junos OS: QFX5000 Series, EX4600 Series: In a VxLAN scenario an adjacent attacker within the VxLAN sending genuine packets may cause a DMA memory leak to occur. | S | |
| CVE-2023-44184 | Junos OS and Junos OS Evolved: High CPU load due to specific NETCONF command | S | |
| CVE-2023-44185 | Junos OS and Junos OS Evolved: In an BGP scenario RPD crashes upon receiving and processing a specific malformed ISO VPN BGP UPDATE packet | S | |
| CVE-2023-44186 | Junos OS and Junos OS Evolved: RPD crash when attempting to send a very long AS PATH to a non-4-byte-AS capable BGP neighbor | S | |
| CVE-2023-44187 | Junos OS Evolved: 'file copy' CLI command can disclose password to shell users | S | |
| CVE-2023-44188 | Junos OS: jkdsd crash due to multiple telemetry requests | S | |
| CVE-2023-44189 | Junos OS Evolved: PTX10003 Series: MAC address validation bypass vulnerability | S | |
| CVE-2023-44190 | Junos OS Evolved: PTX10001, PTX10004, PTX10008, PTX10016: MAC address validation bypass vulnerability | S | |
| CVE-2023-44191 | Junos OS: QFX5000 Series and EX4000 Series: Denial of Service (DoS) on a large scale VLAN due to PFE hogging | S | |
| CVE-2023-44192 | Junos OS: QFX5000 Series: DMA memory leak is observed when specific DHCP packets are transmitted over pseudo-VTEP | S | |
| CVE-2023-44193 | Junos OS: MX Series: An FPC crash is observed when CFM is enabled in a VPLS scenario and a specific LDP related command is run | S | |
| CVE-2023-44194 | Junos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privileges | S | |
| CVE-2023-44195 | Junos OS Evolved: Packets which are not destined to the router can reach the RE | S | |
| CVE-2023-44196 | Junos OS Evolved: PTX10003 Series: Packets which are not destined to the router can reach the RE | S | |
| CVE-2023-44197 | Junos OS and Junos OS Evolved: An rpd crash may occur when BGP is processing newly learned routes | S | |
| CVE-2023-44198 | Junos OS: SRX Series and MX Series: SIP ALG doesn't drop specifically malformed retransmitted SIP packets | S | |
| CVE-2023-44199 | Junos OS: MX Series: In a PTP scenario a prolonged routing protocol churn can trigger an FPC reboot | S | |
| CVE-2023-44201 | Junos OS and Junos OS Evolved: A local attacker can retrieve sensitive information and elevate privileges on the device to an authorized user. | S | |
| CVE-2023-44203 | Junos OS: QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600: Packet flooding will occur when IGMP traffic is sent to an isolated VLAN | S | |
| CVE-2023-44204 | Junos OS and Junos OS Evolved: The rpd will crash upon receiving a malformed BGP UPDATE message | S | |
| CVE-2023-44205 | Sensitive information disclosure due to improper authorization. The following products are affected:... | | |
| CVE-2023-44206 | Sensitive information disclosure and manipulation due to improper authorization. The following produ... | | |
| CVE-2023-44207 | Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products are ... | | |
| CVE-2023-44208 | Sensitive information disclosure and manipulation due to missing authorization. The following produc... | | |
| CVE-2023-44209 | Local privilege escalation due to improper soft link handling. The following products are affected: ... | | |
| CVE-2023-44210 | Sensitive information disclosure and manipulation due to missing authorization. The following produc... | S | |
| CVE-2023-44211 | Sensitive information disclosure and manipulation due to missing authorization. The following produc... | | |
| CVE-2023-44212 | Sensitive information disclosure and manipulation due to missing authorization. The following produc... | | |
| CVE-2023-44213 | Sensitive information disclosure due to excessive collection of system information. The following pr... | | |
| CVE-2023-44214 | Sensitive information disclosure due to missing authorization. The following products are affected: ... | | |
| CVE-2023-44216 | PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transpar... | E | |
| CVE-2023-44217 | A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.33... | | |
| CVE-2023-44218 | A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain acce... | | |
| CVE-2023-44219 | A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI cli... | | |
| CVE-2023-44220 | SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Se... | | |
| CVE-2023-44221 | Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remo... | KEV | |
| CVE-2023-44227 | WordPress Simple File List Plugin <= 6.1.9 is vulnerable to Arbitrary File Deletion | S | |
| CVE-2023-44228 | WordPress Onclick Show Popup Plugin <= 8.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44229 | WordPress Tiny Carousel Horizontal Slider Plugin <= 8.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44230 | WordPress Popup contact form Plugin <= 7.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44231 | WordPress Contact Form Plugin <= 2.0.10 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44232 | WordPress WP Hide Pages Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44233 | WordPress FooGallery Plugin <= 2.2.44 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-44234 | WordPress WP GPX Maps plugin <= 1.7.08 - Broken Access Control vulnerability | | |
| CVE-2023-44235 | WordPress WP Captcha plugin <= 2.0.0 - Captcha Bypass vulnerability | | |
| CVE-2023-44236 | WordPress WP Captcha Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44237 | WordPress WP Site Protector Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44238 | WordPress Remove slug from custom post type Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44239 | WordPress WWM Social Share On Image Hover Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44240 | WordPress Timthumb Vulnerability Scanner Plugin <= 1.54 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44241 | WordPress Keap Landing Pages Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44242 | WordPress Images Slideshow by 2J Plugin <= 1.3.54 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44243 | WordPress Instant CSS Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-44244 | WordPress FooGallery Plugin <= 2.2.44 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-44245 | WordPress Contractor Contact Form Website to Workflow Tool Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44246 | WordPress Shockingly Simple Favicon Plugin <= 1.8.2 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44247 | A double free vulnerability [CWE-415] in Fortinet FortiOS before 7.0.0 may allow a privileged attack... | S | |
| CVE-2023-44248 | An improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 an... | S | |
| CVE-2023-44249 | An authorization bypass through user-controlled key [CWE-639] vulnerability in Fortinet FortiManager... | S | |
| CVE-2023-44250 | An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.... | S | |
| CVE-2023-44251 | ** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path ... | S | |
| CVE-2023-44252 | ** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet FortiW... | S | |
| CVE-2023-44253 | An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet Fo... | S | |
| CVE-2023-44254 | An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer version... | S | |
| CVE-2023-44255 | An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager bef... | S | |
| CVE-2023-44256 | A server-side request forgery vulnerability [CWE-918] in Fortinet FortiAnalyzer version 7.4.0, versi... | E S | |
| CVE-2023-44257 | WordPress Mang Board WP Plugin <= 1.7.6 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44258 | WordPress Schema App Structured Data plugin <= 1.23.1 - Broken Access Control + CSRF vulnerability | S | |
| CVE-2023-44259 | WordPress Mediavine Control Panel Plugin <= 2.10.2 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44260 | WordPress Woocommerce ESTO Plugin <= 2.23.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44261 | WordPress Block Plugin Update Plugin <= 3.3 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44262 | WordPress Blocks Plugin <= 1.6.41 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44263 | WordPress Social Metrics Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44264 | WordPress The Awesome Feed – Custom Feed Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44265 | WordPress Popup contact form Plugin <= 7.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44266 | WordPress WP Adminify Plugin <= 3.1.6 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44267 | Online Art Gallery v1.0 - Multiple Unauthenticated SQL Injections (SQLi) | E | |
| CVE-2023-44268 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-44270 | An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to... | S | |
| CVE-2023-44271 | An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably alloc... | S | |
| CVE-2023-44272 | A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user ... | S | |
| CVE-2023-44273 | Consensys gnark-crypto through 0.11.2 allows Signature Malleability. This occurs because deserialisa... | S | |
| CVE-2023-44275 | OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard.... | E S | |
| CVE-2023-44276 | OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard.... | E S | |
| CVE-2023-44277 | Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a... | | |
| CVE-2023-44278 | Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain... | | |
| CVE-2023-44279 | Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain... | | |
| CVE-2023-44281 | Dell Pair Installer version prior to 1.2.1 contains an elevation of privilege vulnerability. A low ... | | |
| CVE-2023-44282 | Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its ... | | |
| CVE-2023-44283 | In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (b... | | |
| CVE-2023-44284 | Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain ... | | |
| CVE-2023-44285 | Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a... | | |
| CVE-2023-44286 | Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain ... | | |
| CVE-2023-44288 | Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through ... | | |
| CVE-2023-44289 | Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability... | | |
| CVE-2023-44290 | Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability.... | | |
| CVE-2023-44291 | Dell DM5500 5.14.0.0 contains an OS command injection vulnerability in the appliance. A remote at... | | |
| CVE-2023-44292 | Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its ... | | |
| CVE-2023-44293 | In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.0... | | |
| CVE-2023-44294 | In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.0... | | |
| CVE-2023-44295 | Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource t... | | |
| CVE-2023-44296 | Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vulnerability. A local attacker... | | |
| CVE-2023-44297 | Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active d... | | |
| CVE-2023-44298 | Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active d... | | |
| CVE-2023-44300 | Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. A loc... | | |
| CVE-2023-44301 | Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site Scripting Vulnerability. A network ... | | |
| CVE-2023-44302 | Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. A remote unauthent... | | |
| CVE-2023-44303 | RVTools, Version 3.9.2 and above, contain a sensitive data exposure vulnerability in the password e... | | |
| CVE-2023-44304 | Dell DM5500 contains a privilege escalation vulnerability in the appliance. A remote attacker wit... | | |
| CVE-2023-44305 | Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An u... | | |
| CVE-2023-44306 | Dell DM5500 contains a path traversal vulnerability in the appliance. A remote attacker with high... | | |
| CVE-2023-44308 | Open redirect vulnerability in adaptive media administration page in Liferay DXP 2023.Q3 before patc... | | |
| CVE-2023-44309 | Multiple stored cross-site scripting (XSS) vulnerabilities in the fragment components in Liferay Por... | | |
| CVE-2023-44310 | Stored cross-site scripting (XSS) vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3... | | |
| CVE-2023-44311 | Multiple reflected cross-site scripting (XSS) vulnerabilities in the Plugin for OAuth 2.0 module's O... | | |
| CVE-2023-44312 | Apache ServiceComb Service-Center: attacker can query all environment variables of the service-center server | | |
| CVE-2023-44313 | Apache ServiceComb Service-Center: attacker can perform SSRF through the frontend API | | |
| CVE-2023-44315 | A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application imp... | S | |
| CVE-2023-44317 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All version... | | |
| CVE-2023-44318 | Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can... | | |
| CVE-2023-44319 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All version... | | |
| CVE-2023-44320 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All version... | | |
| CVE-2023-44321 | Affected devices do not properly validate the length of inputs when performing certain configuration... | | |
| CVE-2023-44322 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All version... | | |
| CVE-2023-44323 | PDF Jbig2 memory-corruption Vulnerability - MSFT T5 | S | |
| CVE-2023-44324 | ZDI-CAN-21344: Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability | | |
| CVE-2023-44325 | ZDI-CAN-21666: Adobe Animate FLA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-44326 | ZDI-CAN-21866: Adobe Dimension GLTF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2023-44327 | ZDI-CAN-21793: Adobe Bridge MP4 File Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-44328 | ZDI-CAN-21797: Adobe Bridge MP4 File Parsing Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2023-44329 | ZDI-CAN-21798: Adobe Bridge MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-44330 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability III. | | |
| CVE-2023-44331 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability IV. | | |
| CVE-2023-44332 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability II. | | |
| CVE-2023-44333 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability V. | | |
| CVE-2023-44334 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability VI. | | |
| CVE-2023-44335 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability I. | | |
| CVE-2023-44336 | TALOS-2023-1794 - Adobe Acrobat Reader Thermometer use-after-free vulnerability | | |
| CVE-2023-44337 | ZDI-CAN-21509: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-44338 | ZDI-CAN-21493: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-44339 | ZDI-CAN-21422: Adobe Acrobat Reader DC AcroForm value Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-44340 | ZDI-CAN-21424: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-44341 | Adobe InDesign CC 2023 Memory Corruption Vulnerability I | | |
| CVE-2023-44342 | Adobe InDesign CC 2023 Memory Corruption Vulnerability II. | | |
| CVE-2023-44343 | Adobe InDesign CC 2023 Memory Corruption Vulnerability III. | | |
| CVE-2023-44344 | Adobe InDesign CC 2023 Memory Corruption Vulnerability V. | | |
| CVE-2023-44345 | Adobe InDesign CC 2023 Memory Corruption Vulnerability VII. | | |
| CVE-2023-44346 | Adobe InDesign CC 2023 Memory Corruption Vulnerability VIII. | | |
| CVE-2023-44347 | Adobe InDesign CC 2023 Memory Corruption Vulnerability IX. | | |
| CVE-2023-44348 | ZDI-CAN-21925: (bypass of VULN-24891) Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-44350 | ColdFusion | Deserialization of Untrusted Data (CWE-502) | | |
| CVE-2023-44351 | Adobe ColdFusion RCE Security Vulnerability | | |
| CVE-2023-44352 | Unauthenticate Reflected XSS on Adobe Coldfusion 2018 - 2021 - 2023 last version | | |
| CVE-2023-44353 | ColdFusion WDDX Deserialization Gadgets | | |
| CVE-2023-44355 | ColdFusion | Improper Input Validation (CWE-20) | | |
| CVE-2023-44356 | ZDI-CAN-21956: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-44357 | ZDI-CAN-21930: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-44358 | ZDI-CAN-21971: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-44359 | ZDI-CAN-21936: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-44360 | ZDI-CAN-21882: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-44361 | ZDI-CAN-22041: Adobe Acrobat Reader DC AcroForm Doc Object Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2023-44362 | ZDI-CAN-21791: Adobe Prelude MP4 File Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-44365 | ZDI-CAN-21931: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability | | |
| CVE-2023-44366 | ZDI-CAN-21928: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-44367 | ZDI-CAN-21929: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-44371 | ZDI-CAN-21998: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-44372 | TALOS-2023-1842 - Adobe Acrobat Reader U3D page event use-after-free vulnerability | | |
| CVE-2023-44373 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All version... | | |
| CVE-2023-44374 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All version... | | |
| CVE-2023-44375 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-44376 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-44377 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-44378 | gnark vulnerable to unsoundness in variable comparison/non-unique binary decomposition | S | |
| CVE-2023-44379 | baserCMS Cross-site Scripting vulnerability in Site search Feature | S | |
| CVE-2023-44381 | October CMS safe mode bypass using Page template injection | | |
| CVE-2023-44382 | October CMS safe mode bypass using Twig sandbox escape | | |
| CVE-2023-44383 | October CMS stored XSS by authenticated backend user with improper configuration | S | |
| CVE-2023-44384 | Discourse-Jira could make SSRF attack by setting Jira URL to an arbitrary location | S | |
| CVE-2023-44385 | Client-Side Request Forgery in Home Assistant iOS/macOS native Apps | | |
| CVE-2023-44386 | Incorrect request error handling triggers server crash in Vapor | S | |
| CVE-2023-44387 | Gradle has incorrect permission assignment for symlinked files used in copy or archiving operations | S | |
| CVE-2023-44388 | Malicious requests can fill up the log files resulting in a deinal of service in Discourse | | |
| CVE-2023-44389 | Zope management interface vulnerable to stored cross site scripting via the title property | S | |
| CVE-2023-44390 | HtmlSanitizer vulnerable to Cross-site Scripting in Foreign Content | S | |
| CVE-2023-44391 | Prevent unauthorized access to summary details in Discourse | | |
| CVE-2023-44392 | Arbitrary code execution vulnerability when using shared Kubernetes cluster | S | |
| CVE-2023-44393 | Piwigo Reflected XSS vulnerability | E S | |
| CVE-2023-44394 | Disclosure of project names to unauthorized users in MantisBT | S | |
| CVE-2023-44395 | Autolab has Path Traversal vulnerability in Assessment functionality | | |
| CVE-2023-44396 | iTop vulnerable to XSS in dashlet modifications ajax endpoints | S | |
| CVE-2023-44397 | CloudExplorer Lite permission bypass vulnerability | E | |
| CVE-2023-44398 | Out-of-bounds write in exiv2 | S | |
| CVE-2023-44399 | ZITADEL's password reset does not respect the "Ignoring unknown usernames" setting | | |
| CVE-2023-44400 | Uptime Kuma has Persistentent User Sessions | E S | |
| CVE-2023-44401 | Silverstripe GraqhQL's view permissions are bypassed for paginated lists of ORM data | | |
| CVE-2023-44402 | ASAR Integrity bypass via filetype confusion in electron | | |
| CVE-2023-44403 | D-Link DAP-1325 HNAP SetWLanRadioSettings Channel Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44404 | D-Link DAP-1325 get_value_from_app Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44405 | D-Link DAP-1325 get_value_of_key Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44406 | D-Link DAP-1325 SetAPLanSettings DeviceName Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44407 | D-Link DAP-1325 SetAPLanSettings Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44408 | D-Link DAP-1325 SetAPLanSettings IPAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44409 | D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44410 | D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability | | |
| CVE-2023-44411 | D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability | | |
| CVE-2023-44412 | D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability | | |
| CVE-2023-44413 | D-Link D-View shutdown_coreserver Missing Authentication Denial-of-Service Vulnerability | | |
| CVE-2023-44414 | D-Link D-View coreservice_action_script Exposed Dangerous Function Remote Code Execution Vulnerability | | |
| CVE-2023-44415 | D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44416 | D-Link DAP-2622 Telnet CLI Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44417 | D-Link DAP-2622 DDP Set IPv4 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44418 | D-Link DIR-X3260 Prog.cgi Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44419 | D-Link DIR-X3260 Prog.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44420 | D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability | | |
| CVE-2023-44421 | D-Link DIR-X3260 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44422 | D-Link DIR-X3260 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44423 | D-Link DIR-X3260 SetTriggerPPPoEValidate Password Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44424 | D-Link DIR-X3260 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44425 | D-Link DIR-X3260 SetSysEmailSettings AccountName Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44426 | D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44427 | D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44428 | MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44429 | GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | S | |
| CVE-2023-44430 | Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-44431 | BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44432 | Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-44433 | Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-44434 | Kofax Power PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-44435 | Kofax Power PDF File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-44436 | Kofax Power PDF File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-44437 | Ashlar-Vellum Cobalt Uncontrolled Search Path Element Remote Code Execution Vulnerability | | |
| CVE-2023-44438 | Ashlar-Vellum Argon Uncontrolled Search Path Element Remote Code Execution Vulnerability | | |
| CVE-2023-44439 | Ashlar-Vellum Xenon Uncontrolled Search Path Element Remote Code Execution Vulnerability | | |
| CVE-2023-44440 | Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability | | |
| CVE-2023-44441 | GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44442 | GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44443 | GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44444 | GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability | | |
| CVE-2023-44445 | NETGEAR CAX30 SSO Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44446 | GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability | S | |
| CVE-2023-44447 | TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability | | |
| CVE-2023-44448 | TP-Link Archer A54 libcmm.so dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-44449 | NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability | | |
| CVE-2023-44450 | NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44451 | Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability | | |
| CVE-2023-44452 | Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability | | |
| CVE-2023-44463 | An issue was discovered in pretix before 2023.7.1. Incorrect parsing of configuration files causes t... | S | |
| CVE-2023-44464 | pretix before 2023.7.2 allows Pillow to parse EPS files.... | S | |
| CVE-2023-44466 | An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an int... | E S | |
| CVE-2023-44467 | langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker t... | S | |
| CVE-2023-44469 | A Server-Side Request Forgery issue in the OpenID Connect Issuer in LemonLDAP::NG before 2.17.1 allo... | S | |
| CVE-2023-44470 | WordPress Kv TinyMCE Editor Add Fonts Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44471 | WordPress Backend Localization Plugin <= 2.1.10 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44472 | WordPress Unyson plugin <= 2.7.28 - Broken Access Control vulnerability | | |
| CVE-2023-44473 | WordPress Table of Contents Plus Plugin <= 2302 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-44474 | WordPress Tiger Forms Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-44475 | WordPress Add Shortcodes Actions And Filters Plugin <= 2.0.9 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44476 | WordPress CopyRightPro Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44477 | WordPress Cooked Plugin <= 1.7.13 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44478 | WordPress Events Rich Snippets for Google plugin <= 1.8 - CSRF Leading to Privilege Escalation vulnerability | | |
| CVE-2023-44479 | WordPress WP Jump Menu Plugin <= 3.6.4 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44480 | Leave Management System Project v1.0 - Multiple Authenticated SQL Injections (SQLi) | E | |
| CVE-2023-44481 | Leave Management System Project v1.0 - Multiple Authenticated SQL Injections (SQLi) | E | |
| CVE-2023-44482 | Leave Management System Project v1.0 - Multiple Authenticated SQL Injections (SQLi) | E | |
| CVE-2023-44483 | Apache Santuario: Private Key disclosure in debug-log output | | |
| CVE-2023-44484 | Online Blood Donation Management System v1.0 - Stored Cross-Site Scripting (XSS) | E | |
| CVE-2023-44485 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-44486 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancell... | KEV E S | |
| CVE-2023-44488 | VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.... | S | |
| CVE-2023-44689 | e-Gov Client Application (Windows version) versions prior to 2.1.1.0 and e-Gov Client Application (m... | | |
| CVE-2023-44690 | Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /m... | E | |
| CVE-2023-44693 | D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /impor... | E | |
| CVE-2023-44694 | D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/m... | E | |
| CVE-2023-44709 | PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an int... | E | |
| CVE-2023-44752 | An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass authenticati... | E | |
| CVE-2023-44753 | A stored cross-site scripting (XSS) vulnerability fin Student Management System v1.0 allows attacker... | E | |
| CVE-2023-44755 | Sacco Management system v1.0 was discovered to contain a SQL injection vulnerability via the passwor... | | |
| CVE-2023-44758 | GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to e... | E | |
| CVE-2023-44760 | Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to exe... | E | |
| CVE-2023-44761 | Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS versions affected to 8.5.13 and ... | E | |
| CVE-2023-44762 | A Cross Site Scripting (XSS) vulnerability in Concrete CMS from versions 9.2.0 to 9.2.2 allows an at... | E | |
| CVE-2023-44763 | Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file uploa... | E | |
| CVE-2023-44764 | A Cross Site Scripting (XSS) vulnerability in Concrete CMS before 9.2.3 exists via the Name paramete... | E | |
| CVE-2023-44765 | A Cross Site Scripting (XSS) vulnerability in Concrete CMS versions 8.5.12 and below, and 9.0 throug... | E | |
| CVE-2023-44766 | A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arb... | E | |
| CVE-2023-44767 | A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS con... | E | |
| CVE-2023-44769 | A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to exe... | E | |
| CVE-2023-44770 | A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute ... | E | |
| CVE-2023-44771 | A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to exe... | E | |
| CVE-2023-44793 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-44794 | An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privilege... | E | |
| CVE-2023-44796 | Cross Site Scripting (XSS) vulnerability in LimeSurvey before version 6.2.9-230925 allows a remote a... | E S | |
| CVE-2023-44807 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function.... | E | |
| CVE-2023-44808 | D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.... | E | |
| CVE-2023-44809 | D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.... | E | |
| CVE-2023-44811 | Cross Site Request Forgery (CSRF) vulnerability in MooSocial v.3.1.8 allows a remote attacker to exe... | | |
| CVE-2023-44812 | Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute ar... | E | |
| CVE-2023-44813 | Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute ar... | E | |
| CVE-2023-44821 | Gifsicle through 1.94, if deployed in a way that allows untrusted input to affect Gif_Realloc calls,... | E | |
| CVE-2023-44824 | An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a ... | E | |
| CVE-2023-44826 | Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local attacker to obtain sensitive i... | E | |
| CVE-2023-44827 | An issue in ZenTao Community Edition v.18.6 and before, ZenTao Biz v.8.6 and before, ZenTao Max v.4.... | E | |
| CVE-2023-44828 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword para... | E | |
| CVE-2023-44829 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parame... | E | |
| CVE-2023-44830 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in... | E | |
| CVE-2023-44831 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in th... | E | |
| CVE-2023-44832 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter... | E | |
| CVE-2023-44833 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter i... | E | |
| CVE-2023-44834 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter ... | E | |
| CVE-2023-44835 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the... | E | |
| CVE-2023-44836 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in th... | E | |
| CVE-2023-44837 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter i... | E | |
| CVE-2023-44838 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the TXPower parameter in... | E | |
| CVE-2023-44839 | D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Encryption parameter... | E | |
| CVE-2023-44846 | An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ notify.php com... | E | |
| CVE-2023-44847 | An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ Weixin.php com... | E | |
| CVE-2023-44848 | An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_template.php co... | | |
| CVE-2023-44852 | Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacke... | E | |
| CVE-2023-44853 | \An issue was discovered in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arb... | E | |
| CVE-2023-44854 | Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacke... | E | |
| CVE-2023-44855 | Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019 allows a remote attacker... | E | |
| CVE-2023-44856 | Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacke... | E | |
| CVE-2023-44857 | An issue in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via ... | E | |
| CVE-2023-44860 | An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service vi... | | |
| CVE-2023-44954 | Cross Site Scripting vulnerability in BigTree CMS v.4.5.7 allows a remote attacker to execute arbitr... | E | |
| CVE-2023-44959 | An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arb... | E | |
| CVE-2023-44961 | SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before allows a remote attacker t... | E | |
| CVE-2023-44962 | File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to r... | E | |
| CVE-2023-44973 | An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allo... | E | |
| CVE-2023-44974 | An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows... | E | |
| CVE-2023-44981 | Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication | | |
| CVE-2023-44982 | WordPress WP Retina 2x Plugin <= 6.4.5 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-44983 | WordPress Aruba HiSpeed Cache Plugin <= 2.0.6 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-44984 | WordPress bbp style pack Plugin <= 5.6.7 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-44985 | WordPress BuddyMeet Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-44986 | WordPress Abandoned Cart Lite for WooCommerce Plugin <= 5.15.2 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-44987 | WordPress Timely Booking Button Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-44988 | WordPress WP Custom Admin Interface plugin <= 7.32 - Broken Access Control vulnerability | S | |
| CVE-2023-44989 | WordPress CF7 Google Sheets Connector plugin <= 5.0.5 - Sensitive Data Exposure via Debug Log vulnerability | S | |
| CVE-2023-44990 | WordPress WOLF Plugin <= 1.0.7.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-44991 | WordPress Media File Renamer Plugin <= 5.6.9 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-44993 | WordPress ChatBot Plugin <= 4.7.8 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-44994 | WordPress ShortCodes UI Plugin <= 1.9.8 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44995 | WordPress WooCommerce Login Redirect Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44996 | WordPress Post View Count Plugin <= 1.8.2 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44997 | WordPress WP Forms Puzzle Captcha Plugin <= 4.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44998 | WordPress Category Meta Plugin <= 1.2.8 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-44999 | WordPress WooCommerce Stripe Gateway plugin <= 7.6.0 - Cross Site Request Forgery (CSRF) vulnerability | S |