| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2023-47003 | An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial of ... | E | |
| CVE-2023-47004 | Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allow... | E | |
| CVE-2023-47005 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by ... | R | |
| CVE-2023-47006 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by ... | R | |
| CVE-2023-47007 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by ... | R | |
| CVE-2023-47008 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by ... | R | |
| CVE-2023-47014 | A Cross-Site Request Forgery (CSRF) vulnerability in Sourcecodester Sticky Notes App Using PHP with ... | E | |
| CVE-2023-47016 | radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a cras... | E S | |
| CVE-2023-47020 | Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privilege... | E | |
| CVE-2023-47022 | Insecure Direct Object Reference in NCR Terminal Handler v.1.5.1 allows an unprivileged user to edit... | | |
| CVE-2023-47024 | Cross-Site Request Forgery (CSRF) in NCR Terminal Handler v.1.5.1 leads to a one-click account takeo... | | |
| CVE-2023-47025 | An issue in Free5gc v.3.3.0 allows a local attacker to cause a denial of service via the free5gc-com... | E | |
| CVE-2023-47033 | MultiSigWallet 0xF0C99 was discovered to contain a reentrancy vulnerability via the function execute... | E | |
| CVE-2023-47034 | A vulnerability in UniswapFrontRunBot 0xdB94c allows attackers to cause financial losses via unspeci... | | |
| CVE-2023-47035 | RPTC 0x3b08c was discovered to not conduct status checks on the parameter tradingOpen. This vulnerab... | E | |
| CVE-2023-47037 | Apache Airflow missing fix for CVE-2023-40611 in 2.7.1 (DAG run broken access) | S | |
| CVE-2023-47038 | Perl: write past buffer end via illegal user-defined unicode property | S | |
| CVE-2023-47039 | Perl: perl for windows binary hijacking vulnerability | S | |
| CVE-2023-47040 | ZDI-CAN-21698: Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-47041 | ZDI-CAN-21697: Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-47042 | ZDI-CAN-21696: Adobe Media Encoder MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-47043 | ZDI-CAN-21699: Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-47044 | ZDI-CAN-21789: Adobe Media Encoder MP4 File Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-47046 | ZDI-CAN-21684: Adobe Audition MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-47047 | ZDI-CAN-21685: Adobe Audition MP4 File Parsing Uninitialized Variable Remote Code Execution Vulnerability | | |
| CVE-2023-47048 | ZDI-CAN-21688: Adobe Audition MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-47049 | ZDI-CAN-21690: Adobe Audition MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-47050 | ZDI-CAN-21686: Adobe Audition M4A File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-47051 | ZDI-CAN-21683: Adobe Audition MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-47052 | ZDI-CAN-21687: Adobe Audition MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-47053 | ZDI-CAN-21689: Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-47054 | ZDI-CAN-21782: Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-47055 | ZDI-CAN-21765: Adobe Premiere Pro M4A File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-47056 | ZDI-CAN-21763: Adobe Premiere Pro MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-47057 | ZDI-CAN-21764: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-47058 | ZDI-CAN-21766: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-47059 | ZDI-CAN-21767: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-47060 | ZDI-CAN-21792: Adobe Premiere Pro MP4 File Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-47061 | ZDI-CAN-22278: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-47062 | ZDI-CAN-22284: Adobe Dimension GLTF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-47063 | Adobe Illustrator 2023 CC 27.7 Memory Corruption Out-Of-Bounds-Write Vulnerability IV. | | |
| CVE-2023-47064 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) | S | |
| CVE-2023-47065 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) | S | |
| CVE-2023-47066 | ZDI-CAN-21705: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2023-47067 | ZDI-CAN-21706: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2023-47068 | ZDI-CAN-21702: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2023-47069 | ZDI-CAN-21703: Adobe After Effects M4A File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | S | |
| CVE-2023-47070 | ZDI-CAN-21708: Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | S | |
| CVE-2023-47071 | ZDI-CAN-21704: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2023-47072 | ZDI-CAN-21790: Adobe After Effects MP4 File Uninitialized Variable Information Disclosure Vulnerability | S | |
| CVE-2023-47073 | ZDI-CAN-21709: Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | S | |
| CVE-2023-47074 | ZDI-CAN-21812: Adobe Illustrator JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-47075 | ZDI-CAN-22006: Adobe Illustrator JP2 File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-47076 | Adobe InDesign CC 2023 Memory Corruption Vulnerability IV. | | |
| CVE-2023-47077 | Adobe InDesign CC 2023 Memory Corruption Vulnerability VI. | | |
| CVE-2023-47078 | ZDI-CAN-22249: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-47079 | ZDI-CAN-22279: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-47080 | Adobe Substance 3D Stager v2.1.1 Vulnerability VI | | |
| CVE-2023-47081 | Adobe Substance 3D Stager v2.1.1 Vulnerability II | | |
| CVE-2023-47090 | NATS nats-server before 2.9.23 and 2.10.x before 2.10.2 has an authentication bypass. An implicit $G... | M | |
| CVE-2023-47091 | An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.2... | | |
| CVE-2023-47092 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by ... | R | |
| CVE-2023-47093 | An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.... | | |
| CVE-2023-47094 | A Stored Cross-Site Scripting (XSS) vulnerability in the Account Plans tab of System Settings in Vir... | E | |
| CVE-2023-47095 | A Stored Cross-Site Scripting (XSS) vulnerability in the Custom fields of Edit Virtual Server under ... | E | |
| CVE-2023-47096 | A Reflected Cross-Site Scripting (XSS) vulnerability in the Cloudmin Services Client under System Se... | E | |
| CVE-2023-47097 | A Stored Cross-Site Scripting (XSS) vulnerability in the Server Template under System Setting in Vir... | E | |
| CVE-2023-47098 | A Stored Cross-Site Scripting (XSS) vulnerability in the Manage Extra Admins under Administration Op... | E | |
| CVE-2023-47099 | A Stored Cross-Site Scripting (XSS) vulnerability in the Create Virtual Server in Virtualmin 7.7 all... | E | |
| CVE-2023-47100 | In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a ... | S | |
| CVE-2023-47101 | The installer (aka openvpn-client-installer) in Securepoint SSL VPN Client before 2.0.40 allows loca... | | |
| CVE-2023-47102 | UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message con... | E | |
| CVE-2023-47104 | tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a backquo... | E S | |
| CVE-2023-47105 | exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command exe... | | |
| CVE-2023-47106 | Incorrect processing of fragment in the URL leads to Authorization Bypass in Traefik | E | |
| CVE-2023-47107 | PILOS account takeover through password reset poisoning | | |
| CVE-2023-47108 | DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics | S | |
| CVE-2023-47109 | PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block | S | |
| CVE-2023-47110 | Any value can be changed in the configuration table by an employee having access to block reassurance module | | |
| CVE-2023-47111 | ZITADEL race condition in lockout policy execution | S | |
| CVE-2023-47112 | Authenticated users can view job names and groups they do not have authorization to view in Rundeck | | |
| CVE-2023-47113 | DLL Search Order Hijacking vulnerability in BleachBit for Windows | M | |
| CVE-2023-47114 | Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages | S | |
| CVE-2023-47115 | Label Studio XSS Vulnerability on Avatar Upload | E S | |
| CVE-2023-47116 | Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` Protections | E S | |
| CVE-2023-47117 | Object Relational Mapper Leak Vulnerability in Filtering Task in Label Studio | E S | |
| CVE-2023-47118 | Heap buffer overflow in T64 codec decompression | | |
| CVE-2023-47119 | HTML injection in oneboxed links | S | |
| CVE-2023-47120 | Discourse DoS through Onebox favicon URL | S | |
| CVE-2023-47121 | Discourse SSRF vulnerability in Embedding | S | |
| CVE-2023-47122 | Gitsign's Rekor public keys fetched from upstream API instead of local TUF client. | S | |
| CVE-2023-47123 | iTop vulnerable to XSS vulnerability in n:n relations "tagset" widget | S | |
| CVE-2023-47124 | Denial of service whith ACME HTTPChallenge in Traefik | | |
| CVE-2023-47125 | By-passing Cross-Site Scripting Protection in HTML Sanitizer | S | |
| CVE-2023-47126 | Information Disclosure in Install Tool in typo3/cms-install | S | |
| CVE-2023-47127 | Weak Authentication in Session Handling in typo3/cms-core | S | |
| CVE-2023-47128 | piccolo SQL Injection via named transaction savepoints | E S | |
| CVE-2023-47129 | Statamic CMS remote code execution via front-end form uploads | S | |
| CVE-2023-47130 | Unsafe deserialization of user data in yiisoft/yii | S | |
| CVE-2023-47131 | The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log fi... | | |
| CVE-2023-47132 | An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain escalated... | | |
| CVE-2023-47140 | IBM CICS Transaction Gateway improper access controls | | |
| CVE-2023-47141 | IBM Db2 denial of service | S | |
| CVE-2023-47142 | IBM Tivoli Application Dependency Discovery Manager privilege escalation | S | |
| CVE-2023-47143 | IBM Tivoli Application Dependency Discovery Manager HOST header injection | | |
| CVE-2023-47144 | IBM Tivoli Application Dependency Discovery Manager cross-site scripting | S | |
| CVE-2023-47145 | IBM Db2 for Windows privilege escalation | | |
| CVE-2023-47146 | IBM QRadar SIEM information disclosure | S | |
| CVE-2023-47147 | IBM Secure Proxy file manipulation | S | |
| CVE-2023-47148 | IBM Storage Protect Plus Server information disclosure | S | |
| CVE-2023-47150 | IBM Common Cryptographic Architecture denial of service | | |
| CVE-2023-47152 | IBM Db2 information disclosure | S | |
| CVE-2023-47158 | IBM Db2 denial of service | S | |
| CVE-2023-47159 | IBM Sterling File Gateway information disclosure | | |
| CVE-2023-47160 | IBM Cognos Controller XML external entity injection | | |
| CVE-2023-47161 | IBM UrbanCode Deploy denial of service | | |
| CVE-2023-47162 | IBM Secure Proxy cross-site scripting | S | |
| CVE-2023-47163 | Remarshal prior to v0.17.1 expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Bi... | S | |
| CVE-2023-47164 | Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and earlier allows a remote unauthenticated a... | | |
| CVE-2023-47165 | Improper conditions check in the Intel(R) Data Center GPU Max Series 1100 and 1550 products may allo... | | |
| CVE-2023-47166 | A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L ... | | |
| CVE-2023-47167 | A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-L... | E | |
| CVE-2023-47168 | Open redirect in /oauth/ | S | |
| CVE-2023-47169 | Improper buffer restrictions in Intel(R) Media SDK software all versions may allow an authenticated ... | | |
| CVE-2023-47170 | Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2023.... | R | |
| CVE-2023-47171 | An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path function... | E | |
| CVE-2023-47172 | Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Securit... | | |
| CVE-2023-47174 | Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untr... | | |
| CVE-2023-47175 | Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal... | | |
| CVE-2023-47177 | WordPress Linker Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47178 | WordPress The Plus Addons for Elementor Pro plugin <= 5.2.8 - Unauthenticated Local File Inclusion vulnerability | S | |
| CVE-2023-47179 | WordPress WooODT Lite plugin <= 2.4.6 - Arbitrary Site Option Update vulnerability | S | |
| CVE-2023-47180 | WordPress Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugin <= 2.16.0 - Arbitrary Content Deletion vulnerability | S | |
| CVE-2023-47181 | WordPress IdeaPush Plugin <= 8.52 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47182 | WordPress Login Screen Manager Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47183 | WordPress GiveWP plugin <= 2.33.1 - Broken Access Control vulnerability | S | |
| CVE-2023-47184 | WordPress Admin Bar & Dashboard Access Control Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47185 | WordPress wpDiscuz Plugin <= 7.6.11 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47186 | WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.11 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47187 | WordPress Animated Rotating Words plugin <= 5.4 - Broken Access Control vulnerability | S | |
| CVE-2023-47188 | WordPress Simple Job Board plugin <= 2.10.5 - Broken Access Control vulnerability | S | |
| CVE-2023-47189 | WordPress Defender Security plugin <= 4.2.0 - Masked Login Area View Bypass vulnerability | S | |
| CVE-2023-47190 | WordPress Apollo13 Framework Extensions Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47191 | WordPress Youzify Plugin <= 1.2.2 is vulnerable to Insecure Direct Object References (IDOR) | S | |
| CVE-2023-47192 | An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker ... | | |
| CVE-2023-47193 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at... | | |
| CVE-2023-47194 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at... | | |
| CVE-2023-47195 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at... | | |
| CVE-2023-47196 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at... | | |
| CVE-2023-47197 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at... | | |
| CVE-2023-47198 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at... | | |
| CVE-2023-47199 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at... | | |
| CVE-2023-47200 | A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could a... | | |
| CVE-2023-47201 | A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could a... | | |
| CVE-2023-47202 | A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a loc... | | |
| CVE-2023-47204 | Unsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execu... | S | |
| CVE-2023-47207 | Delta Electronics InfraSuite Device Master Deserialization of Untrusted Data | S | |
| CVE-2023-47209 | A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp... | E | |
| CVE-2023-47210 | Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 2... | | |
| CVE-2023-47211 | A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager ... | E | |
| CVE-2023-47212 | A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.2... | | |
| CVE-2023-47213 | First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated attacke... | | |
| CVE-2023-47215 | Stored cross-site scripting vulnerability which is exploiting a behavior of the XSS Filter exists in... | | |
| CVE-2023-47216 | Liteos-A has a missing release of resource vulnerability | | |
| CVE-2023-47217 | Arkruntime has a buffer overflow vulnerability | | |
| CVE-2023-47218 | QTS, QuTS hero, QuTScloud | S | |
| CVE-2023-47219 | QuMagie | S | |
| CVE-2023-47220 | Media Streaming add-on | S | |
| CVE-2023-47221 | Photo Station | S | |
| CVE-2023-47222 | Media Streaming add-on | S | |
| CVE-2023-47223 | WordPress Basic Interactive World Map Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47224 | WordPress WP Travel plugin <= 7.8.0 - Broken Access Control vulnerability | S | |
| CVE-2023-47225 | WordPress Short URL plugin <= 1.6.8 - Broken Access Control vulnerability | | |
| CVE-2023-47226 | WordPress Post Sliders & Post Grids Plugin <= 1.0.20 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47227 | WordPress Social Feed | All social media in one place Plugin <= 1.5.4.6 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47228 | WordPress Layer Slider Plugin <= 1.1.9.7 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47229 | WordPress Download Top 25 Social Icons Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47230 | WordPress Contact Forms by Cimatti Plugin <= 1.6.0 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47231 | WordPress ShortCodes UI Plugin <= 1.9.8 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47233 | The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-fre... | S | |
| CVE-2023-47234 | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted ... | S | |
| CVE-2023-47235 | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDAT... | S | |
| CVE-2023-47236 | WordPress iPages Flipbook Plugin <= 1.4.8 is vulnerable to SQL Injection | S | |
| CVE-2023-47237 | WordPress WP Google My Business Auto Publish Plugin <= 3.7 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47238 | WordPress Top 10 Plugin <= 3.3.2 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47239 | WordPress Easy PayPal Shopping Cart Plugin <= 1.1.10 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47240 | WordPress CBX Map for Google Map & OpenStreetMap Plugin <= 1.1.11 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47241 | WordPress CoCart – Headless ecommerce plugin <= 3.11.2 - Broken Access Control vulnerability | S | |
| CVE-2023-47242 | WordPress ANAC XML Bandi di Gara Plugin <= 7.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47243 | WordPress MSHOP MY SITE Plugin <= 1.1.6 is vulnerable to Broken Access Control | | |
| CVE-2023-47244 | WordPress Email Marketing for WooCommerce by Omnisend Plugin <= 1.13.8 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-47245 | WordPress ANAC XML Viewer Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47246 | In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an... | KEV E | |
| CVE-2023-47247 | In SysAid On-Premise before 23.3.34, there is an edge case in which an end user is able to delete a ... | | |
| CVE-2023-47248 | PyArrow, PyArrow: Arbitrary code execution when loading a malicious data file | S | |
| CVE-2023-47249 | In International Color Consortium DemoIccMAX 79ecb74, a CIccXmlArrayType:::ParseText function (for u... | E | |
| CVE-2023-47250 | In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 se... | E | |
| CVE-2023-47251 | In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the pr... | E | |
| CVE-2023-47252 | An issue was discovered in PnpSmm in Insyde InsydeH2O with kernel 5.0 through 5.6. There is a possib... | | |
| CVE-2023-47253 | Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/... | E | |
| CVE-2023-47254 | An OS Command Injection in the CLI interface on DrayTek Vigor167 version 5.2.2, allows remote attack... | E | |
| CVE-2023-47256 | ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers vi... | | |
| CVE-2023-47257 | ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code e... | | |
| CVE-2023-47258 | Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter.... | | |
| CVE-2023-47259 | Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter.... | | |
| CVE-2023-47260 | Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails.... | | |
| CVE-2023-47261 | Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnec... | E | |
| CVE-2023-47262 | The startup process and device configurations of the Abbott ID NOW device, before v7.1, can be inter... | M | |
| CVE-2023-47263 | Certain WithSecure products allow a Denial of Service (DoS) in the antivirus engine when scanning a ... | | |
| CVE-2023-47264 | Certain WithSecure products have a buffer over-read whereby processing certain fuzz file types may c... | | |
| CVE-2023-47265 | Apache Airflow: DAG Params alllow to embed unchecked Javascript | S | |
| CVE-2023-47267 | An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VP... | | |
| CVE-2023-47271 | PKP-WAL (aka PKP Web Application Library or pkp-lib) before 3.3.0-16, as used in Open Journal System... | S | |
| CVE-2023-47272 | Roundcube 1.5.x before 1.5.6 and 1.6.x before 1.6.5 allows XSS via a Content-Type or Content-Disposi... | S | |
| CVE-2023-47279 | Delta Electronics InfraSuite Device Master Path Traversal | S | |
| CVE-2023-47282 | Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before vers... | | |
| CVE-2023-47283 | Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker ... | S | |
| CVE-2023-47304 | An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows loc... | E | |
| CVE-2023-47307 | Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2... | E | |
| CVE-2023-47308 | In the module "Newsletter Popup PRO with Voucher/Coupon code" (newsletterpop) before version 2.6.1 f... | S | |
| CVE-2023-47309 | Nukium nkmgls before version 3.0.2 is vulnerable to Cross Site Scripting (XSS) via NkmGlsCheckoutMod... | E S | |
| CVE-2023-47311 | An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Cli... | E | |
| CVE-2023-47312 | Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leak... | E | |
| CVE-2023-47313 | Headwind MDM Web panel 5.22.1 is vulnerable to Directory Traversal. The application uses an API call... | E | |
| CVE-2023-47314 | Headwind MDM Web panel 5.22.1 is vulnerable to cross-site scripting (XSS). The file upload function ... | E | |
| CVE-2023-47315 | Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to a hard-coded JWT Secr... | E | |
| CVE-2023-47316 | Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control. The Web panel allows users ... | E | |
| CVE-2023-47320 | Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is ... | E | |
| CVE-2023-47321 | Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control via the "Porlet Deployer" which allo... | E | |
| CVE-2023-47322 | The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF)... | E | |
| CVE-2023-47323 | The notification/messaging feature of Silverpeas Core 6.3.1 does not enforce access control on the I... | E | |
| CVE-2023-47324 | Silverpeas Core 6.3.1 is vulnerable to Cross Site Scripting (XSS) via the message/notification featu... | E S | |
| CVE-2023-47325 | Silverpeas Core 6.3.1 administrative "Bin" feature is affected by broken access control. A user with... | E | |
| CVE-2023-47326 | Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) via the Domain SQL Create f... | E | |
| CVE-2023-47327 | The "Create a Space" feature in Silverpeas Core 6.3.1 is reserved for use by administrators. This fu... | E | |
| CVE-2023-47335 | Insecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows att... | | |
| CVE-2023-47345 | Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via cra... | E | |
| CVE-2023-47346 | Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a... | E | |
| CVE-2023-47347 | Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via cra... | E | |
| CVE-2023-47350 | Cross-Site Request Forgery (CSRF) vulnerability in SwiftyEdit Content Management System prior to v1.... | S | |
| CVE-2023-47352 | Technicolor TC8715D devices have predictable default WPA2 security passwords. An attacker who scans ... | | |
| CVE-2023-47353 | An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows at... | E | |
| CVE-2023-47354 | An issue in the PowerOffWidgetReceiver function of Super Reboot (Root) Recovery v1.0.3 allows attack... | E | |
| CVE-2023-47355 | The com.eypcnnapps.quickreboot (aka Eyuep Can Yilmaz {ROOT] Quick Reboot) application 1.0.8 for Andr... | E | |
| CVE-2023-47357 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-47359 | Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Bu... | E | |
| CVE-2023-47360 | Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet... | E | |
| CVE-2023-47363 | The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send mal... | E | |
| CVE-2023-47364 | The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send mali... | E | |
| CVE-2023-47365 | The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to se... | E | |
| CVE-2023-47366 | The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send mal... | E | |
| CVE-2023-47367 | The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to send m... | E | |
| CVE-2023-47368 | The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send mali... | E | |
| CVE-2023-47369 | The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers to s... | E | |
| CVE-2023-47370 | The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicio... | E | |
| CVE-2023-47372 | The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers to s... | E | |
| CVE-2023-47373 | The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send mal... | E | |
| CVE-2023-47379 | Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile pict... | S | |
| CVE-2023-47380 | Admidio v4.2.12 and below is vulnerable to Cross Site Scripting (XSS).... | E S | |
| CVE-2023-47384 | MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the functio... | | |
| CVE-2023-47390 | Headscale through 0.22.3 writes bearer tokens to info-level logs.... | E | |
| CVE-2023-47392 | An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts ... | | |
| CVE-2023-47393 | An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the mainte... | | |
| CVE-2023-47397 | WeBid <=1.2.2 is vulnerable to code injection via admin/categoriestrans.php.... | E | |
| CVE-2023-47415 | Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vu... | | |
| CVE-2023-47417 | Cross Site Scripting (XSS) vulnerability in the component /shells/embedder.html of DZSlides after v2... | | |
| CVE-2023-47418 | Remote Code Execution (RCE) vulnerability in o2oa version 8.1.2 and before, allows attackers to crea... | E | |
| CVE-2023-47422 | An access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12.11, ... | E | |
| CVE-2023-47430 | Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 allows attackers to cause a deni... | | |
| CVE-2023-47435 | An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass authe... | | |
| CVE-2023-47437 | A vulnerability has been identified in Pachno 1.0.6 allowing an authenticated attacker to execute a ... | | |
| CVE-2023-47438 | SQL Injection vulnerability in Reportico Till 8.1.0 allows attackers to obtain sensitive information... | | |
| CVE-2023-47440 | Gladys Assistant v4.27.0 and prior is vulnerable to Directory Traversal. The patch of CVE-2023-43256... | S | |
| CVE-2023-47444 | An issue discovered in OpenCart 4.0.0.0 to 4.0.2.3 allows authenticated backend users having common/... | E | |
| CVE-2023-47445 | Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in presc... | E | |
| CVE-2023-47446 | Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php pag... | E | |
| CVE-2023-47452 | An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privile... | E | |
| CVE-2023-47453 | An Untrusted search path vulnerability in Sohu Video Player 7.0.15.0 allows local users to gain esca... | E | |
| CVE-2023-47454 | An Untrusted search path vulnerability in NetEase CloudMusic 2.10.4 for Windows allows local users t... | E | |
| CVE-2023-47455 | Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the ... | E | |
| CVE-2023-47456 | Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by funct... | E | |
| CVE-2023-47458 | An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the l... | | |
| CVE-2023-47459 | An issue in Knovos Discovery v.22.67.0 allows a remote attacker to obtain sensitive information via ... | E | |
| CVE-2023-47460 | SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote attacker to execute arbitr... | E | |
| CVE-2023-47462 | Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and before allows a remote attacker to ... | E | |
| CVE-2023-47463 | Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote atta... | | |
| CVE-2023-47464 | Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote atta... | E | |
| CVE-2023-47465 | An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via t... | S | |
| CVE-2023-47466 | TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a cra... | E | |
| CVE-2023-47467 | Directory Traversal vulnerability in jeecg-boot v.3.6.0 allows a remote privileged attacker to obtai... | | |
| CVE-2023-47470 | Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b6... | S | |
| CVE-2023-47471 | Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a den... | S | |
| CVE-2023-47473 | Directory Traversal vulnerability in fuwushe.org iFair versions 23.8_ad0 and before allows an attack... | E | |
| CVE-2023-47480 | An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges via ... | | |
| CVE-2023-47488 | Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain... | | |
| CVE-2023-47489 | CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute ar... | | |
| CVE-2023-47503 | An issue in jflyfox jfinalCMS v.5.1.0 allows a remote attacker to execute arbitrary code via a craft... | E | |
| CVE-2023-47504 | WordPress Elementor plugin <= 3.16.4 - Auth. Arbitrary Attachment Read vulnerability | S | |
| CVE-2023-47505 | WordPress Elementor Website Builder Plugin <= 3.16.4 is vulnerable to Cross Site Scripting (XSS) | E S | |
| CVE-2023-47506 | WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to SQL Injection | | |
| CVE-2023-47507 | WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to PHP Object Injection | | |
| CVE-2023-47508 | WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47509 | WordPress Edit WooCommerce Templates Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47510 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPSolutions-HQ WPDBSpringClean plugin ... | | |
| CVE-2023-47511 | WordPress Pinyin Slugs Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47512 | WordPress Product Enquiry for WooCommerce Plugin <= 3.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47513 | WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.3.2 - Content Injection vulnerability | S | |
| CVE-2023-47514 | WordPress Star CloudPRNT for WooCommerce Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47515 | WordPress Seers | GDPR & CCPA Cookie Consent & Compliance plugin <= 8.1.1 - Broken Access Control vulnerability | S | |
| CVE-2023-47516 | WordPress Category Post List Widget Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47517 | WordPress SendPress Newsletters Plugin <= 1.23.11.6 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47518 | WordPress Restrict Categories Plugin <= 2.6.4 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47519 | WordPress WooCommerce Product Table Lite Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47520 | WordPress Responsive Column Widgets Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47521 | WordPress Q2W3 Post Order Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47522 | WordPress Photo Feed Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47523 | WordPress Auto Tag Creator plugin <= 1.0.2 - Broken Access Control vulnerability | | |
| CVE-2023-47524 | WordPress CodeBard's Patron Button and Widgets for Patreon Plugin <= 2.1.9 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47525 | WordPress Event Management Tickets Booking Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47526 | WordPress Chartify Plugin <= 2.0.6 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47527 | WordPress WP Edit Username Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47528 | WordPress WP Edit Username Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47529 | WordPress Cloud Templates & Patterns collection Plugin <= 1.2.2 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-47530 | WordPress Redirect 404 Error Page to Homepage or Custom Page with Logs Plugin <= 1.8.7 is vulnerable to SQL Injection | S | |
| CVE-2023-47531 | WordPress Droit Dark Mode Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47532 | WordPress WP Crowdfunding Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47533 | WordPress Countdown and CountUp, WooCommerce Sales Timer Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47534 | A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0... | S | |
| CVE-2023-47535 | Rejected reason: Not used... | R | |
| CVE-2023-47536 | An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and belo... | S | |
| CVE-2023-47537 | An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6, ... | S | |
| CVE-2023-47539 | An improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS authentic... | S | |
| CVE-2023-47540 | An improper neutralization of special elements used in an os command ('os command injection') in For... | S | |
| CVE-2023-47541 | An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiS... | S | |
| CVE-2023-47542 | A improper neutralization of special elements used in a template engine [CWE-1336] in FortiManager v... | S | |
| CVE-2023-47543 | An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet FortiPortal ... | S | |
| CVE-2023-47544 | WordPress Atarim Plugin <= 3.12 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47545 | WordPress Forms for Mailchimp by Optin Cat Plugin <= 2.5.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47546 | WordPress OneClick Chat to Order Plugin <= 1.0.4.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47547 | WordPress Products, Order & Customers Export for WooCommerce Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47548 | WordPress Integrate Google Drive Plugin <= 1.3.2 is vulnerable to Open Redirection | S | |
| CVE-2023-47549 | WordPress EazyDocs Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47550 | WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47551 | WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47552 | WordPress Image Hover Effects Plugin <= 5.5 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47553 | WordPress UserHeat Plugin Plugin <= 1.1.6 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47554 | WordPress Actueel Financieel Nieuws – Denk Internet Solutions Plugin <= 5.1.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47556 | WordPress Device Theme Switcher Plugin <= 3.0.2 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47557 | WordPress Visitor Traffic Real Time Statistics plugin <= 7.2 - Broken Access Control vulnerability | S | |
| CVE-2023-47558 | WordPress Who Hit The Page – Hit Counter Plugin <= 1.4.14.3 is vulnerable to SQL Injection | | |
| CVE-2023-47559 | QuMagie | S | |
| CVE-2023-47560 | QuMagie | S | |
| CVE-2023-47561 | Photo Station | S | |
| CVE-2023-47562 | Photo Station | S | |
| CVE-2023-47563 | Video Station | S | |
| CVE-2023-47564 | Qsync Central | S | |
| CVE-2023-47565 | Legacy VioStor NVR | KEV S | |
| CVE-2023-47566 | QTS, QuTS hero, QuTScloud | S | |
| CVE-2023-47567 | QTS, QuTS hero, QuTScloud | S | |
| CVE-2023-47568 | QTS, QuTS hero, QuTScloud | S | |
| CVE-2023-47573 | An issue discovered in Relyum RELY-PCIe 22.2.1 devices. The authorization mechanism is not enforced ... | | |
| CVE-2023-47574 | An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB ... | | |
| CVE-2023-47575 | An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. The web interfaces o... | | |
| CVE-2023-47576 | An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticat... | | |
| CVE-2023-47577 | An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password ... | | |
| CVE-2023-47578 | Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (C... | | |
| CVE-2023-47579 | Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to... | | |
| CVE-2023-47580 | Multiple improper restriction of operations within the bounds of a memory buffer issues exist in TEL... | | |
| CVE-2023-47581 | Out-of-bounds read vulnerability exists in TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0 an... | | |
| CVE-2023-47582 | Access of uninitialized pointer vulnerability exists in TELLUS V4.0.17.0 and earlier and TELLUS Lite... | | |
| CVE-2023-47583 | Multiple out-of-bounds read vulnerabilities exist in TELLUS Simulator V4.0.17.0 and earlier. If a us... | | |
| CVE-2023-47584 | Out-of-bounds write vulnerability exists in V-Server V4.0.18.0 and earlier and V-Server Lite V4.0.18... | | |
| CVE-2023-47585 | Out-of-bounds read vulnerability exists in V-Server V4.0.18.0 and earlier and V-Server Lite V4.0.18.... | | |
| CVE-2023-47586 | Multiple heap-based buffer overflow vulnerabilities exist in V-Server V4.0.18.0 and earlier and V-Se... | | |
| CVE-2023-47609 | SQL injection vulnerability in OSS Calendar versions prior to v.2.0.3 allows a remote authenticated ... | | |
| CVE-2023-47610 | A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6... | M | |
| CVE-2023-47611 | A CWE-269: Improper Privilege Management vulnerability exists in Telit Cinterion BGS5, Telit Cinteri... | S | |
| CVE-2023-47612 | A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinteri... | M | |
| CVE-2023-47613 | A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5... | M | |
| CVE-2023-47614 | A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit ... | S | |
| CVE-2023-47615 | A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists in... | M | |
| CVE-2023-47616 | A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit ... | M | |
| CVE-2023-47617 | A post authentication command injection vulnerability exists when configuring the web group member o... | E | |
| CVE-2023-47618 | A post authentication command execution vulnerability exists in the web filtering functionality of T... | E | |
| CVE-2023-47619 | Audiobookshelf Server-Side Request Forgery and Arbitrary File Read Vulnerability | E | |
| CVE-2023-47620 | Scrypted reflected Cross-site Scripting vulnerability | E | |
| CVE-2023-47621 | Remote code execution via file uploads in guest-entries | S | |
| CVE-2023-47622 | iTop vulnerable to XSS vulnerability in dashlet refresh | S | |
| CVE-2023-47623 | Scrypted reflected Cross-site Scripting vulnerability | E | |
| CVE-2023-47624 | Audiobookshelf Arbitrary File Read Vulnerability | E | |
| CVE-2023-47625 | Global Buffer Overflow leading to denial of service in PX4-Autopilot | E S | |
| CVE-2023-47626 | iTop vulnerable to XSS vulnerability in authent-token | | |
| CVE-2023-47627 | Request smuggling in aiohttp | E S | |
| CVE-2023-47628 | Session Expiration Misconfiguration in datahub | E | |
| CVE-2023-47629 | Privilege escalation through email sign-up in datahub | | |
| CVE-2023-47630 | Attacker can cause Kyverno user to unintentionally consume insecure image | | |
| CVE-2023-47631 | vantage6 Node accepts non-whitelisted algorithms from malicious server | S | |
| CVE-2023-47633 | Uncontrolled Resource Consumption in Traefik | E | |
| CVE-2023-47634 | Decidim has race condition in Endorsements | | |
| CVE-2023-47635 | Decidim vulnerable to possible CSRF attack at questionnaire templates preview | S | |
| CVE-2023-47636 | Full Path Disclosure via re-export document in pimcore/admin-ui-classic-bundle | E S | |
| CVE-2023-47637 | SQL Injection in Admin Grid Filter API in Pimcore | E S | |
| CVE-2023-47638 | Rejected reason: Confirm reference is not public.... | R | |
| CVE-2023-47639 | API Platform Core can leak exceptions message that may contain sensitive information | | |
| CVE-2023-47640 | Insecure Use of HMAC-SHA1 For Session Signing in datahub | | |
| CVE-2023-47641 | Inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` in aiohttp | E S | |
| CVE-2023-47642 | Stream description leaks to ex-subscribers in Zulip | S | |
| CVE-2023-47643 | SuiteCRM has Unauthenticated Graphql Introspection Enabled | E S | |
| CVE-2023-47644 | WordPress ProfileGrid Plugin <= 5.6.6 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47645 | WordPress RegistrationMagic Plugin <= 5.2.2.6 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47646 | WordPress Recently viewed and most viewed products Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47647 | WordPress BadgeOS plugin <= 3.7.1.6 - Broken Access Control vulnerability | | |
| CVE-2023-47648 | WordPress EazyDocs plugin <= 2.3.5 - Broken Access Control vulnerability | S | |
| CVE-2023-47649 | WordPress Best Restaurant Menu by PriceListo Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47650 | WordPress Add Local Avatar Plugin <= 12.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47651 | WordPress WP Links Page Plugin <= 4.9.4 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47652 | WordPress Auto Affiliate Links Plugin <= 6.4.2.4 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47653 | WordPress TWB Woocommerce Reviews Plugin <= 1.7.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47654 | WordPress BZScore – Live Score Plugin <= 1.03 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47655 | WordPress ANAC XML Bandi di Gara Plugin <= 7.5 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47656 | WordPress ANAC XML Bandi di Gara Plugin <= 7.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47657 | WordPress Direct Checkout – Quick View – Buy Now For WooCommerce Plugin <= 1.5.8 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47658 | WordPress Extra Product Options for WooCommerce Plugin <= 3.0.3 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47659 | WordPress Lava Directory Manager Plugin <= 1.1.34 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47660 | WordPress Product Visibility by Country for WooCommerce Plugin <= 1.4.9 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47661 | WordPress Dragfy Addons for Elementor plugin <= 1.0.2 - Broken Access Control + CSRF vulnerability | | |
| CVE-2023-47662 | WordPress Live Gold Price & Silver Price Charts Widgets Plugin <= 2.4 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47663 | WordPress Foyer plugin <= 1.7.5 - Content Injection vulnerability | | |
| CVE-2023-47664 | WordPress Plainview Protect Passwords Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47665 | WordPress Plainview Protect Passwords Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47666 | WordPress Code Snippets Plugin <= 3.5.0 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47667 | WordPress WP Full Stripe Free plugin <= 7.0.16 - Cross Site Request Forgery (CSRF) vulnerability on every Setting Save | S | |
| CVE-2023-47668 | WordPress Restrict Content Plugin <= 3.2.7 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-47669 | WordPress Profile Builder Plugin <= 3.10.3 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47670 | WordPress Korea SNS Plugin <= 1.6.3 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47671 | WordPress Vertical scroll recent post Plugin <= 14.0 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47672 | WordPress WP Category Post List Widget Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47673 | WordPress Post Pay Counter Plugin <= 2.784 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47674 | Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remo... | | |
| CVE-2023-47675 | CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to e... | S | |
| CVE-2023-47677 | A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of... | E | |
| CVE-2023-47678 | An improper access control vulnerability exists in RT-AC87U all versions. An attacker may read or wr... | | |
| CVE-2023-47679 | WordPress Qi Addons For Elementor plugin <= 1.6.3 - Local File Inclusion vulnerability | S | |
| CVE-2023-47680 | WordPress Qi Addons For Elementor Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47681 | WordPress WooCommerce Checkout Manager plugin <= 7.3.0 - Broken Access Control vulnerability | S | |
| CVE-2023-47682 | WordPress WP User Frontend plugin <= 3.6.5 - Authenticated Privilege Escalation vulnerability | S | |
| CVE-2023-47683 | WordPress Social Login, Social Sharing by miniOrange plugin <= 7.6.6 - Authenticated Privilege Escalation vulnerability | S | |
| CVE-2023-47684 | WordPress Essential Grid Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47685 | WordPress Preloader Matrix Plugin <= 2.0.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47686 | WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.2.2 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47687 | WordPress Woo Custom and Sequential Order Number Plugin <= 2.6.0 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47688 | WordPress Youtube SpeedLoad Plugin <= 0.6.3 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47689 | WordPress Animator plugin <= 3.0.10 - Unauthenticated Plugin Settings Change Vulnerability | S | |
| CVE-2023-47690 | WordPress Additional Order Filters for WooCommerce Plugin <= 1.10 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47691 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-47692 | WordPress Flo Forms plugin <= 1.0.41 - Broken Access Control vulnerability | S | |
| CVE-2023-47693 | WordPress Ultimate Addons for Contact Form 7 plugin <= 3.2.6 - Broken Access Control vulnerability | S | |
| CVE-2023-47694 | WordPress Mini Cart Drawer For WooCommerce plugin <= 4.0.0 - Broken Access Control vulnerability | S | |
| CVE-2023-47695 | WordPress Shortcodes Finder Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47696 | WordPress Product Enquiry for WooCommerce Plugin <= 3.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47697 | WordPress WP Event Manager Plugin <= 3.1.39 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47698 | WordPress Japanized For WooCommerce plugin <= 2.6.4 - Multiple Broken Access Control vulnerability | S | |
| CVE-2023-47699 | IBM Secure Proxy cross-site scripting | | |
| CVE-2023-47700 | IBM Storage Virtualize improper certificate validation | | |
| CVE-2023-47701 | IBM Db2 denial of service | | |
| CVE-2023-47702 | IBM Security Guardium Key Lifecycle Manager directory traversal | | |
| CVE-2023-47703 | IBM Security Guardium Key Lifecycle Manager information disclosure | | |
| CVE-2023-47704 | IBM Security Guardium Key Lifecycle Manager information disclosure | | |
| CVE-2023-47705 | IBM Security Guardium Key Lifecycle Manager improper input validation | | |
| CVE-2023-47706 | IBM Security Guardium Key Lifecycle Manager file upload | | |
| CVE-2023-47707 | IBM Security Guardium Key Lifecycle Manager cross-site scripting | S | |
| CVE-2023-47709 | IBM Security Guardium command injection | | |
| CVE-2023-47710 | IBM Security Guardium cross-site scripting | | |
| CVE-2023-47711 | IBM Security Guardium denial of service | | |
| CVE-2023-47712 | IBM Security Guardium privilege escalation | | |
| CVE-2023-47714 | IBM Sterling File Gateway cross-site scripting | | |
| CVE-2023-47715 | IBM Storage Protect Plus Server improper access control | | |
| CVE-2023-47716 | IBM FileNet Content Manager privilege escalation | | |
| CVE-2023-47717 | IBM Security Guardium denial of service | | |
| CVE-2023-47718 | IBM Maximo Asset Management cross-site request forgery | S | |
| CVE-2023-47722 | IBM API Connect information disclosure | | |
| CVE-2023-47726 | IBM QRadar Suite improper input validation | | |
| CVE-2023-47727 | IBM QRadar Suite Software file manipulation | | |
| CVE-2023-47728 | IBM QRadar Suite Software information disclosure | | |
| CVE-2023-47731 | IBM QRadar Suite Software cross-site scripting | | |
| CVE-2023-47741 | IBM i information disclosure | S | |
| CVE-2023-47742 | IBM QRadar Suite information dislosure | | |
| CVE-2023-47745 | IBM MQ Container information disclosure | | |
| CVE-2023-47746 | IBM Db2 denial of service | S | |
| CVE-2023-47747 | IBM Db2 denial of service | S | |
| CVE-2023-47754 | WordPress Delete Duplicate Posts Plugin <= 4.8.9 is vulnerable to Broken Access Control | S | |
| CVE-2023-47755 | WordPress WooCommerce Product Carousel Slider Plugin <= 3.3.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47756 | WordPress Welcome Email Editor plugin <= 5.0.6 - Broken Access Control vulnerability | S | |
| CVE-2023-47757 | WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control | S | |
| CVE-2023-47758 | WordPress Multi Step Form Plugin <= 1.7.11 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47759 | WordPress Chaty Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47760 | WordPress Essential Blocks plugin <= 4.2.0 - Broken Access Control vulnerability | S | |
| CVE-2023-47761 | WordPress Simple 301 Redirects by BetterLinks plugin <= 2.0.7 - Broken Access Control vulnerability | S | |
| CVE-2023-47762 | WordPress BetterDocs plugin <= 2.5.2 - Broken Access Control vulnerability | S | |
| CVE-2023-47763 | WordPress WP Custom Admin Interface plugin <= 7.31 - Broken Access Control vulnerability | S | |
| CVE-2023-47764 | WordPress Ditty plugin <= 3.1.24 - Broken Access Control vulnerability | S | |
| CVE-2023-47765 | WordPress CodeBard's Patron Button and Widgets for Patreon Plugin <= 2.1.9 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47766 | WordPress Post Status Notifier Lite Plugin <= 1.11.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47767 | WordPress Interactive World Map Plugin <= 3.2.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47768 | WordPress Footer Putter Plugin <= 1.17 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47769 | WordPress WP Maintenance plugin <= 6.1.3 - IP Filtering Bypass vulnerability | S | |
| CVE-2023-47770 | WordPress BeTheme theme <= 27.1.1 - Contributor+ Broken Access Control vulnerability | S | |
| CVE-2023-47771 | WordPress Essential Grid plugin <= 3.0.18 - Multiple Authenticated Broken Access Control vulnerability | S | |
| CVE-2023-47772 | WordPress Slider Revolution Plugin <= 6.6.14 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47773 | WordPress Permalinks Customizer Plugin <= 2.8.2 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47774 | WordPress Jetpack plugin < 12.7 - Auth. Iframe Injection vulnerability | S | |
| CVE-2023-47775 | WordPress wpDiscuz Plugin <= 7.6.11 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47776 | WordPress miniorange otp verification plugin <= 4.2.1 - Broken Access Control vulnerability | S | |
| CVE-2023-47777 | WordPress WooCommerce and WooCommerce Blocks plugins - Auth. Cross-Site Scripting (XSS) vulnerability | E S | |
| CVE-2023-47778 | WordPress LuckyWP Scripts Control plugin <= 1.2.1 - Broken Access Control vulnerability | S | |
| CVE-2023-47779 | WordPress Integration for Contact Form 7 and Constant Contact Plugin <= 1.1.4 is vulnerable to Open Redirection | S | |
| CVE-2023-47780 | WordPress EasyAzon – Amazon Associates Affiliate Plugin plugin <= 5.1.0 - Broken Access Control vulnerability | S | |
| CVE-2023-47781 | WordPress Thrive Theme Builder Theme < 3.24.2 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47782 | WordPress Thrive Theme Builder theme < 3.24.0 - Authenticated Privilege Escalation vulnerability | S | |
| CVE-2023-47783 | WordPress Thrive Theme Builder theme < 3.24.0 - Multiple Authenticated Broken Access Control vulnerability | S | |
| CVE-2023-47784 | WordPress Slider Revolution Plugin <= 6.6.15 is vulnerable to Arbitrary File Upload | S | |
| CVE-2023-47785 | WordPress LayerSlider Plugin <= 7.7.9 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47786 | WordPress LayerSlider Plugin <= 7.7.9 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47787 | WordPress WooCommerce Bookings Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47788 | WordPress Jetpack plugin < 12.7 - Contributor+ Broken Access Control vulnerability | S | |
| CVE-2023-47789 | WordPress WooCommerce Canada Post Shipping Plugin <= 2.8.3 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47790 | WordPress Pz-LinkCard Plugin <= 2.4.8 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47791 | WordPress Leadster Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47792 | WordPress Big File Uploads Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47793 | WordPress Acme Fix Images plugin <= 1.0.0 - Broken Access Control vulnerability | S | |
| CVE-2023-47795 | Stored cross-site scripting (XSS) vulnerability in the Document and Media widget in Liferay Portal 7... | | |
| CVE-2023-47797 | Reflected cross-site scripting (XSS) vulnerability on a content page’s edit page in Liferay Portal 7... | | |
| CVE-2023-47798 | Account lockout in Liferay Portal 7.2.0 through 7.3.0, and older unsupported versions, and Liferay D... | | |
| CVE-2023-47800 | Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsof... | E | |
| CVE-2023-47801 | An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security Adminis... | | |
| CVE-2023-47802 | A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Com... | | |
| CVE-2023-47803 | A vulnerability regarding improper limitation of a pathname to a restricted directory ('Path Travers... | | |
| CVE-2023-47804 | Apache OpenOffice: Macro URL arbitrary script execution | S | |
| CVE-2023-47805 | WordPress WPCafe plugin <= 2.2.22 - Broken Access Control vulnerability | S | |
| CVE-2023-47806 | WordPress Disable User Login Plugin <= 1.3.7 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47807 | WordPress 10WebAnalytics plugin <= 1.2.12 - Broken Access Control vulnerability | | |
| CVE-2023-47808 | WordPress Add Widgets to Page Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS) | E | |
| CVE-2023-47809 | WordPress Accordion Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS) | E S | |
| CVE-2023-47810 | WordPress Ajax Domain Checker Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS) | E | |
| CVE-2023-47811 | WordPress Anywhere Flash Embed Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS) | E | |
| CVE-2023-47812 | WordPress Bamboo Columns Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS) | E | |
| CVE-2023-47813 | WordPress Better RSS Widget Plugin <= 2.8.1 is vulnerable to Cross Site Scripting (XSS) | E | |
| CVE-2023-47814 | WordPress BMI Calculator Plugin Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47815 | WordPress BP Profile Shortcodes Extra Plugin <= 2.5.2 is vulnerable to Cross Site Scripting (XSS) | E | |
| CVE-2023-47816 | WordPress Charitable Plugin <= 1.7.0.13 is vulnerable to Cross Site Scripting (XSS) | E S | |
| CVE-2023-47817 | WordPress Daily Prayer Time Plugin <= 2023.10.13 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47818 | WordPress LWS Hide Login plugin <= 2.1.8 - Secret Login Page Location Disclosure on Multisites vulnerability | S | |
| CVE-2023-47819 | WordPress Easy Call Now by ThikShare Plugin <= 1.1.0 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47820 | WordPress WP Like Button plugin <= 1.7.0 - Broken Access Control vulnerability | | |
| CVE-2023-47821 | WordPress Email Encoder Bundle Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS) | E S | |
| CVE-2023-47822 | WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 4.10 - Broken Access Control vulnerability | S | |
| CVE-2023-47823 | WordPress FormCraft – Contact Form Builder for WordPress plugin <= 1.2.7 - Broken Access Control vulnerability | S | |
| CVE-2023-47824 | WordPress Legal Pages Plugin <= 1.3.8 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47825 | WordPress WP EXtra Plugin <= 6.4 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47826 | WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability | S | |
| CVE-2023-47827 | WordPress Events Addon for Elementor Plugin <= 2.1.3 is vulnerable to Broken Access Control | S | |
| CVE-2023-47828 | WordPress wpMandrill plugin <= 1.33 - Broken Access Control vulnerability | | |
| CVE-2023-47829 | WordPress Quick Call Button Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47830 | WordPress Live Preview for Contact Form 7 plugin <= 1.2.0 - Broken Access Control vulnerability | | |
| CVE-2023-47831 | WordPress DrawIt (draw.io) Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47832 | WordPress SearchIQ plugin <= 4.4 - Broken Access Control vulnerability | S | |
| CVE-2023-47833 | WordPress Theater for WordPress Plugin <= 0.18.3 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47834 | WordPress Quiz And Survey Master Plugin <= 8.1.13 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47835 | WordPress ARI Stream Quiz Plugin <= 1.2.32 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47836 | WordPress WP Meta and Date Remover plugin <= 2.3.0 - Broken Access Control vulnerability | S | |
| CVE-2023-47837 | WordPress ARMember plugin <= 4.0.10 - Membership Plan Bypass vulnerability | S | |
| CVE-2023-47838 | WordPress Conditional Fields for Contact Form 7 plugin <= 2.4.1 - Broken Access Control vulnerability | S | |
| CVE-2023-47839 | WordPress eCommerce Product Catalog Plugin <= 3.3.26 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47840 | WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE) | S | |
| CVE-2023-47841 | WordPress Analytify plugin <= 5.1.1 - Broken Access Control vulnerability | S | |
| CVE-2023-47842 | WordPress CataBlog plugin <= 1.7.0 - Arbitrary File Upload vulnerability | | |
| CVE-2023-47843 | WordPress CataBlog Plugin <= 1.7.0 is vulnerable to Arbitrary File Deletion | | |
| CVE-2023-47844 | WordPress Grab & Save Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS) | E | |
| CVE-2023-47845 | WordPress Grab & Save plugin <= 1.0.4 - Cross-Site Request Forgery (CSRF) vulnerability | | |
| CVE-2023-47846 | WordPress WP Githuber MD plugin <= 1.16.2 - Arbitrary File Upload vulnerability | S | |
| CVE-2023-47847 | WordPress PayTR Taksit Tablosu plugin <= 1.3.1 - Broken Access Control vulnerability | S | |
| CVE-2023-47848 | WordPress Tainacan Plugin <= 0.20.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47849 | WordPress BlossomThemes Email Newsletter plugin <= 2.2.4 - Broken Access Control vulnerability | S | |
| CVE-2023-47850 | WordPress Community by PeepSo Plugin <= 6.2.2.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47851 | WordPress Bootstrap Shortcodes Ultimate Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47852 | WordPress Link Whisper Free Plugin <= 0.6.5 is vulnerable to SQL Injection | S | |
| CVE-2023-47853 | WordPress myCred Plugin <= 2.6.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47854 | WordPress Parallax Image Plugin <= 1.7.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-47855 | Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allo... | | |
| CVE-2023-47856 | A stack-based buffer overflow vulnerability exists in the boa set_RadvdPrefixParam functionality of ... | E | |
| CVE-2023-47857 | multimedia camera has a UAF vulnerability | | |
| CVE-2023-47858 | Details of archived public channels are leaked to members of another team | S | |
| CVE-2023-47859 | Improper access control for some Intel(R) Wireless Bluetooth products for Windows before version 23.... | | |
| CVE-2023-47861 | A cross-site scripting (xss) vulnerability exists in the channelBody.php user name functionality of ... | E | |
| CVE-2023-47862 | A local file inclusion vulnerability exists in the getLanguageFromBrowser functionality of WWBN AVid... | | |
| CVE-2023-47865 | Username and Icon override can be used by members when Hardened Mode is enabled | S | |
| CVE-2023-47867 | MachineSense FeverWarn Improper Access Control | M | |
| CVE-2023-47868 | WordPress wpForo plugin <= 2.2.3 - Privilege Escalation vulnerability | S | |
| CVE-2023-47869 | WordPress wpForo plugin <= 2.2.5 - Broken Access Control + CSRF vulnerability | S | |
| CVE-2023-47870 | WordPress wpForo Forum Plugin <= 2.2.6 is vulnerable to Broken Access Control and Cross Site Request Forgery (CSRF) | | |
| CVE-2023-47871 | WordPress Contact Form to Any API plugin <= 1.1.6 - Broken Access Control vulnerability | S | |
| CVE-2023-47872 | WordPress wpForo Forum Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47873 | WordPress WP Child Theme Generator plugin <= 1.0.9 - Arbitrary File Upload vulnerability | | |
| CVE-2023-47874 | WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Broken Access Control | S | |
| CVE-2023-47875 | WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-47876 | WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47877 | WordPress Perfmatters Plugin < 2.2.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-47882 | The Kami Vision YI IoT com.yunyi.smartcamera application through 4.1.9_20231127 for Android allows a... | E | |
| CVE-2023-47883 | The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable... | E | |
| CVE-2023-47889 | The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, exposes several critical actions throu... | E | |
| CVE-2023-47890 | pyLoad 0.5.0 is vulnerable to Unrestricted File Upload.... | E | |
| CVE-2023-47990 | SQL Injection vulnerability in components/table_manager/html/edit_admin_table.php in CuppaCMS V1.0 a... | E | |
| CVE-2023-47992 | An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows att... | E | |
| CVE-2023-47993 | A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers... | E | |
| CVE-2023-47994 | An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0... | E | |
| CVE-2023-47995 | Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap... | | |
| CVE-2023-47996 | An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attacke... | E | |
| CVE-2023-47997 | An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an in... | E |