CVE-2023-5xxx

There are 941 CVE in this subgroup.
Last updated: 
← Back to 2023
ID Summary Flags Max Score
CVE-2023-5000 Horizontal scrolling announcements <= 2.4 - Authenticated (Contributor+) SQL Injection via Shortcode
CVE-2023-5001 The Horizontal scrolling announcement for WordPress plugin for WordPress is vulnerable to Stored Cro...
S
CVE-2023-5002 Pgadmin4: remote code execution by an authenticated user
S
CVE-2023-5003 Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure
E
CVE-2023-5004 Hospital-management-system-in-php 378c157 - Blind SQL Injection
E
CVE-2023-5005 Autocomplete Location field Contact Form 7 < 3.0 - Admin+ Store Cross-Site Scripting
E
CVE-2023-5006 WP Discord Invite < 2.5.1 - Arbitrary Settings Update via CSRF
E
CVE-2023-5007 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi)
E
CVE-2023-5008 Student Information System v1.0 - Unauthenticated SQL Injection
E
CVE-2023-5009 Incorrect Authorization in GitLab
E S
CVE-2023-5010 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi)
E
CVE-2023-5011 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi)
E
CVE-2023-5012 Topaz OFD Protection Module Warsaw core.exe unquoted search path
CVE-2023-5013 Pluck CMS Installation install.php cross site scripting
E
CVE-2023-5014 Sakshi2610 Food Ordering Website categoryfood.php sql injection
E
CVE-2023-5015 UCMS cross site scripting
E
CVE-2023-5016 spider-flow API DataSourceController.java DriverManager.getConnection deserialization
E
CVE-2023-5017 lmxcms admin.php sql injection
CVE-2023-5018 SourceCodester Lost and Found Information System POST Parameter sql injection
CVE-2023-5019 Tongda OA delete.php sql injection
E
CVE-2023-5020 07FLY CRM Administrator Login Page sql injection
E
CVE-2023-5021 SourceCodester AC Repair and Services System cross site scripting
CVE-2023-5022 DedeCMS select_templets_post.php absolute path traversal
CVE-2023-5023 Tongda OA delete.php sql injection
E
CVE-2023-5024 Planno Comment cross site scripting
E
CVE-2023-5025 KOHA MARC search.pl cross site scripting
E
CVE-2023-5026 Tongda OA cross site scripting
E
CVE-2023-5027 SourceCodester Simple Membership System club_validator.php sql injection
E
CVE-2023-5028 China Unicom TEWA-800G debug log file
E
CVE-2023-5029 mccms 1 sql injection
E
CVE-2023-5030 Tongda OA delete.php sql injection
E
CVE-2023-5031 OpenRapid RapidCMS article-add.php sql injection
E
CVE-2023-5032 OpenRapid RapidCMS article-edit-run.php sql injection
E
CVE-2023-5033 OpenRapid RapidCMS cate-edit-run.php sql injection
E
CVE-2023-5034 SourceCodester My Food Recipe Image Upload index.php unrestricted upload
E
CVE-2023-5035 Cookie Without Secure Flag
M
CVE-2023-5036 Cross-Site Request Forgery (CSRF) in usememos/memos
E S
CVE-2023-5037 Authenticated Command Injection
CVE-2023-5038 Unauthenticated DoS
CVE-2023-5041 Track The Click < 0.3.12 - Author+ Time-Based Blind SQL Injection
E
CVE-2023-5042 Sensitive information disclosure due to insecure folder permissions. The following products are affe...
CVE-2023-5043 Ingress nginx annotation injection causes arbitrary command execution
M
CVE-2023-5044 Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
M
CVE-2023-5045 SQLi in Biltay's Kayısı
CVE-2023-5046 SQLi in Biltay's Procost
CVE-2023-5047 SQLi in DRDrive
CVE-2023-5048 The WDContactFormBuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '...
CVE-2023-5049 The Giveaways and Contests by RafflePress plugin for WordPress is vulnerable to Stored Cross-Site Sc...
S
CVE-2023-5050 The Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in ...
S
CVE-2023-5051 The CallRail Phone Call Tracking plugin for WordPress is vulnerable to Stored Cross-Site Scripting v...
S
CVE-2023-5052 Cross Site Scripting (XSS) in Servidor Uniforme Zero
S
CVE-2023-5053 SQL Injection in hospital-management-system-in-php 378c157 in index.php
E
CVE-2023-5054 The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creatio...
CVE-2023-5055 L2CAP: Possible Stack based buffer overflow in le_ecred_reconf_req()
E
CVE-2023-5056 Skupper-operator: privelege escalation via config map
CVE-2023-5057 ActivityPub for WordPress < 1.0.0 - Contributor+ Stored XSS
E
CVE-2023-5058 Improper Input Validation in the processing of user-supplied splash screen during system boot in Pho...
CVE-2023-5059 Santesoft Sante FFT Imaging Out-of-bounds Read
S
CVE-2023-5060 Cross-site Scripting (XSS) - DOM in librenms/librenms
E S
CVE-2023-5061 Missing Authorization in GitLab
E S
CVE-2023-5062 The WordPress Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wp_chart...
CVE-2023-5063 The Widget Responsive for Youtube plugin for WordPress is vulnerable to Stored Cross-Site Scripting ...
S
CVE-2023-5068 Delta Electronics DIAScreen Out-of-bounds Write
S
CVE-2023-5070 The Social Media Share Buttons & Social Sharing Icons plugin for WordPress is vulnerable to Sensitiv...
S
CVE-2023-5071 The Sitekit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sitekit_iframe' s...
S
CVE-2023-5072 DoS Vulnerability in JSON-Java
E
CVE-2023-5073 The iframe forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'iframe' ...
E
CVE-2023-5074 Authentication Bypass in D-Link D-View 8
E
CVE-2023-5075 A buffer overflow was reported in the FmpSipoCapsuleDriver driver in the IdeaPad Duet 3-10IGL5 that ...
S
CVE-2023-5076 The Ziteboard Online Whiteboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi...
S
CVE-2023-5077 Vault's Google Cloud Secrets Engine Removed Existing IAM Conditions When Creating / Updating Rolesets
CVE-2023-5078 A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker wit...
S
CVE-2023-5079 Lenovo LeCloud App improper input validation allows attackers to access arbitrary components and arb...
S
CVE-2023-5080 A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow lo...
S
CVE-2023-5081 An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a loca...
S
CVE-2023-5082 History Log by click5 < 1.0.13 - Admin+ Time-Based Blind SQL Injection
E
CVE-2023-5084 Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp
E S
CVE-2023-5085 The Advanced Menu Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'advM...
S
CVE-2023-5086 The Copy Anything to Clipboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
S
CVE-2023-5087 PageLayer < 1.7.8 - Author+ Stored XSS
E
CVE-2023-5088 Qemu: improper ide controller reset can lead to mbr overwrite
S
CVE-2023-5089 Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
E
CVE-2023-5090 Kernel: kvm: svm: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs
S
CVE-2023-5091 Mali GPU Kernel Driver allows improper GPU processing operations
S
CVE-2023-5096 The HTML filter and csv-file search plugin for WordPress is vulnerable to Stored Cross-Site Scriptin...
S
CVE-2023-5097 Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.Th...
CVE-2023-5098 Campaign Monitor Forms < 2.5.6 - Subscriber+ Arbitrary Options Update
E
CVE-2023-5099 The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in ve...
S
CVE-2023-5100 Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote...
S
CVE-2023-5101 Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged re...
S
CVE-2023-5102 Insufficient Control Flow Management in RDT400 in SICK APU allows an unprivileged remote attacker t...
S
CVE-2023-5103 Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged re...
S
CVE-2023-5104 Improper Input Validation in nocodb/nocodb
E S
CVE-2023-5105 Frontend File Manager < 22.6 - Editor+ Arbitrary File Download
E
CVE-2023-5106 Incorrect Authorization in GitLab
S
CVE-2023-5108 Easy Newsletter Signups <= 1.0.4 - Admin+ SQLi
E
CVE-2023-5109 The WP Mailto Links – Protect Email Addresses plugin for WordPress is vulnerable to Stored Cross-Sit...
E
CVE-2023-5110 The BSK PDF Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'bsk-pdfm-...
S
CVE-2023-5111 Os Commerce 4.12.56860 - Cross Site Scripting Reflected (XSS)
E
CVE-2023-5112 Os Commerce 4.12.56860 - Cross Site Scripting Reflected (XSS)
E
CVE-2023-5113 Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)
CVE-2023-5114 The idbbee plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'idbbe...
E
CVE-2023-5115 Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files
CVE-2023-5116 The Live updates from Excel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via th...
CVE-2023-5117 Exposure of Sensitive Information Due to Incompatible Policies in GitLab
S
CVE-2023-5118 Stored cross-site scripting vulnerability in Kofax Capture software
CVE-2023-5119 Forminator and Forminator Pro < 1.27.0 - Admin+ Stored Cross-Site Scripting
E
CVE-2023-5120 The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scr...
S
CVE-2023-5121 The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scr...
S
CVE-2023-5122 SSRF in CSV Datasource Plugin
CVE-2023-5123 Improper Path Sanitization in JSON Datasource Plugin
CVE-2023-5124 PageLayer < 1.8.0 - Author+ Stored XSS
E
CVE-2023-5125 The Contact Form by FormGet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'f...
S
CVE-2023-5126 The Delete Me plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'plugin_delete_m...
S
CVE-2023-5127 The WP Font Awesome plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes...
S
CVE-2023-5128 The TCD Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'map' shor...
CVE-2023-5129 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicat...
R
CVE-2023-5130 Delta Electronics WPLSoft Buffer-Overflow
CVE-2023-5131 Delta Electronics ISPSoft Heap Buffer-Overflow
CVE-2023-5132 The Soisy Pagamento Rateale plugin for WordPress is vulnerable to unauthorized access of data due to...
CVE-2023-5133 User Activity Log Pro < 2.3.4 - IP Spoofing
E
CVE-2023-5134 The Easy Registration Forms for WordPress is vulnerable to Information Disclosure via the 'erforms_u...
S
CVE-2023-5135 The Simple Cloudflare Turnstile plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi...
E S
CVE-2023-5136 Incorrect Permission Assignment in the TopoGrafix DataPlugin for GPX
CVE-2023-5137 Simply Excerpts <= 1.4 - Admin+ Stored XSS
E
CVE-2023-5138 Glitch detection not active by default in Silicon Labs Secure Vault High devices
CVE-2023-5139 Potential buffer overflow vulnerability in the Zephyr STM32 Crypto driver
E
CVE-2023-5140 Bonus for Woo < 5.8.3 - Reflected Cross-Site Scripting
E
CVE-2023-5141 BSK Contact Form 7 Blacklist <= 1.0.1 - Reflected Cross-Site Scripting
E
CVE-2023-5142 H3C ER6300G2 Config File userLogin.asp path traversal
E
CVE-2023-5143 D-Link DAR-7000 webmailattach.php Privilege Escalation
E
CVE-2023-5144 D-Link DAR-7000/DAR-8000 updateos.php unrestricted upload
E S
CVE-2023-5145 D-Link DAR-7000 licence.php unrestricted upload
E
CVE-2023-5146 D-Link DAR-7000/DAR-8000 updatelib.php unrestricted upload
E S
CVE-2023-5147 D-Link DAR-7000 updateos.php unrestricted upload
E S
CVE-2023-5148 D-Link DAR-7000/DAR-8000 uploadfile.php unrestricted upload
E
CVE-2023-5149 D-Link DAR-7000 userattestation.php unrestricted upload
E
CVE-2023-5150 D-Link DAR-7000/DAR-8000 web.php unrestricted upload
E
CVE-2023-5151 D-Link DAR-8000 autheditpwd.php sql injection
E
CVE-2023-5152 D-Link DAR-7000/DAR-8000 importexport.php sql injection
E
CVE-2023-5153 D-Link DAR-8000 querysql.php sql injection
E
CVE-2023-5154 D-Link DAR-8000 changelogo.php unrestricted upload
E
CVE-2023-5155 SQLi in Utarit's Smart Deposit System
CVE-2023-5156 Glibc: dos due to memory leak in getaddrinfo.c
S
CVE-2023-5157 Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6
CVE-2023-5158 Possible dos from guest to host invringh_kiov_advance in vhost driver at drivers/vhost/vringh.c
S
CVE-2023-5159 A User Manager role with user edit permissions could manage/update bots
S
CVE-2023-5160 Full name disclosure via team top membership with Show Full Name option disabled
S
CVE-2023-5161 The Modal Window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in...
S
CVE-2023-5162 The Options for Twenty Seventeen plugin for WordPress is vulnerable to Stored Cross-Site Scripting v...
S
CVE-2023-5163 The Weather Atlas Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'shor...
S
CVE-2023-5164 The Bellows Accordion Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via sho...
S
CVE-2023-5165 Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell
S
CVE-2023-5166 Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL
S
CVE-2023-5167 User Activity Log Pro < 2.3.4 - Unauthenticated Stored Cross-Site Scripting via User Agent
E
CVE-2023-5168 A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an...
CVE-2023-5169 A compromised content process could have provided malicious data in a `PathRecording` resulting in a...
S
CVE-2023-5170 In canvas rendering, a compromised content process could have caused a surface to change unexpectedl...
CVE-2023-5171 During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allo...
S
CVE-2023-5172 A hashtable in the Ion Engine could have been mutated while there was a live interior reference, le...
CVE-2023-5173 In a non-standard configuration of Firefox, an integer overflow could have occurred based on network...
CVE-2023-5174 If Windows failed to duplicate a handle during process creation, the sandbox code may have inadverte...
CVE-2023-5175 During process shutdown, it was possible that an `ImageBitmap` was created that would later be used ...
CVE-2023-5176 Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these b...
CVE-2023-5177 Vrm 360 3D Model Viewer <= 1.2.1 - Full Path Disclosure
E
CVE-2023-5178 Kernel: use after free in nvmet_tcp_free_crypto in nvme
S
CVE-2023-5179 An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for t...
CVE-2023-5180 Out-of-bounds Write vulnerability exists in ODA Drawings SDK before 2024.12
CVE-2023-5181 WP Discord Invite < 2.5.2 - Admin+ Stored Cross Site Scripting
E
CVE-2023-5182 Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the...
S
CVE-2023-5183 Authenticated RCE due to unsafe JSON deserialization
S
CVE-2023-5184 Potential signed to unsigned conversion errors and buffer overflow vulnerabilities in the Zephyr IPM driver
E
CVE-2023-5185 Gym Management System Project v1.0 - Insecure File Upload
E
CVE-2023-5186 Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who c...
CVE-2023-5187 Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convin...
CVE-2023-5188 WAGO Improper Input Validation in IEC61850 Server / Telecontrol
CVE-2023-5189 Hub: insecure galaxy-importer tarfile extraction
E
CVE-2023-5190 Open redirect vulnerability in the Countries Management’s edit region page in Liferay Portal 7.4.3.4...
CVE-2023-5192 Excessive Data Query Operations in a Large Data Table in pimcore/demo
E S
CVE-2023-5193 System Role with manage posts permission can read posts of Direct Messages
S
CVE-2023-5194 A system/user manager can demote / deactivate another manager
S
CVE-2023-5195 A team member can soft delete other teams that they are not part of
S
CVE-2023-5196 DoS via Channel Notification Properties
S
CVE-2023-5197 Use-after-free in Linux kernel's netfilter: nf_tables component
S
CVE-2023-5198 Incorrect Authorization in GitLab
E S
CVE-2023-5199 The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in ...
E
CVE-2023-5200 The flowpaper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'flipbook' short...
S
CVE-2023-5201 The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and incl...
CVE-2023-5203 WP Sessions Time Monitoring Full Automatic < 1.0.9 - Unauthenticated SQL injection
E
CVE-2023-5204 The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions...
E S
CVE-2023-5205 The Add Custom Body Class plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
CVE-2023-5207 Execution with Unnecessary Privileges in GitLab
E S
CVE-2023-5209 Bookly < 22.5 - Admin+ Stored XSS
E
CVE-2023-5210 AMP+ Plus <= 3.0 - Reflected Cross Site Scripting
E
CVE-2023-5211 Fattura24 < 6.2.8 - Reflected Cross-Site Scripting
E
CVE-2023-5212 The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and ...
S
CVE-2023-5214 CVE-2023-5214 - Privilege Escalation in Puppet Bolt
CVE-2023-5215 Libnbd: crash or misbehaviour when nbd server returns an unexpected block size
E S
CVE-2023-5217 Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1...
KEV E S
CVE-2023-5218 Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker t...
CVE-2023-5221 ForU CMS index.php code injection
E
CVE-2023-5222 Viessmann Vitogate 300 Web Management Interface vitogate.cgi isValidUser hard-coded password
E
CVE-2023-5223 HimitZH HOJ Topic sandbox
E
CVE-2023-5226 Improper Control of Generation of Code ('Code Injection') in GitLab
E S
CVE-2023-5227 Unrestricted Upload of File with Dangerous Type in thorsten/phpmyfaq
S
CVE-2023-5228 User Registration < 3.0.4.2 - Admin+ Stored XSS
E
CVE-2023-5229 E2Pdf < 1.20.20 - Admin+ Stored Cross-Site Scriping
E
CVE-2023-5230 The TM WooCommerce Compare & Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Script...
CVE-2023-5231 The Magic Action Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode...
CVE-2023-5232 The Font Awesome More Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'i...
CVE-2023-5233 The Font Awesome Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via '...
CVE-2023-5234 The Related Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripti...
S
CVE-2023-5235 Ovic Responsive WPBakery < 1.2.9 - Subscriber+ Option Update
E
CVE-2023-5236 Infinispan: circular reference on marshalling leads to dos
CVE-2023-5237 Memberlite Shortcodes < 1.3.9 - Contributor+ Stored XSS via Shortcode
E
CVE-2023-5238 EventPrime < 3.2.0 - Reflected HTML Injection on keyword parameter
E
CVE-2023-5239 Security & Malware scan by CleanTalk < 2.121 - IP Spoofing
E
CVE-2023-5240 Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allow...
CVE-2023-5241 The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, ...
S
CVE-2023-5243 Login screen manager <= 3.5.2 - Admin+ Stored XSS
E
CVE-2023-5244 Cross-site Scripting (XSS) - Reflected in microweber/microweber
S
CVE-2023-5245 Using MLeap for loading a saved model (zip archive) can lead to path traversal/arbitrary file creation and possibly remote code execution.
E S
CVE-2023-5246 Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 112771...
M
CVE-2023-5247 Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mits...
M
CVE-2023-5249 Mali GPU Kernel Driver allows improper GPU memory processing operations
S
CVE-2023-5250 The Grid Plus plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and incl...
CVE-2023-5251 The Grid Plus plugin for WordPress is vulnerable to unauthorized modification of data and loss of da...
CVE-2023-5252 The FareHarbor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in v...
S
CVE-2023-5253 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0
S
CVE-2023-5254 The ChatBot plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, ...
E S
CVE-2023-5255 Denial of Service for Revocation of Auto Renewed Certificates
CVE-2023-5256 Drupal core - Critical - Cache poisoning - SA-CORE-2023-006
CVE-2023-5257 WhiteHSBG JNDIExploit HTTPServer.java handleFileRequest path traversal
E
CVE-2023-5258 OpenRapid RapidCMS addgood.php sql injection
E
CVE-2023-5259 ForU CMS cms_admin.php denial of service
E
CVE-2023-5260 SourceCodester Simple Membership System group_validator.php sql injection
E
CVE-2023-5261 Tongda OA 2017 delete.php sql injection
E
CVE-2023-5262 OpenRapid RapidCMS uploadicon.php isImg unrestricted upload
E
CVE-2023-5263 ZZZCMS Database Backup File save.php restore permission
E
CVE-2023-5264 huakecms cms_content.php sql injection
E
CVE-2023-5265 Tongda OA 2017 delete.php sql injection
E
CVE-2023-5266 DedeBIZ tags_main.php sql injection
E
CVE-2023-5267 Tongda OA 2017 delete.php sql injection
E
CVE-2023-5268 DedeBIZ makehtml_taglist_action.php sql injection
E
CVE-2023-5269 SourceCodester Best Courier Management System GET Parameter parcel_list.php sql injection
E
CVE-2023-5270 SourceCodester Best Courier Management System view_parcel.php sql injection
E
CVE-2023-5271 SourceCodester Best Courier Management System edit_parcel.php sql injection
E
CVE-2023-5272 SourceCodester Best Courier Management System GET Parameter edit_parcel.php sql injection
E
CVE-2023-5273 SourceCodester Best Courier Management System manage_parcel_status.php cross site scripting
E
CVE-2023-5274 Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to ca...
CVE-2023-5275 Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to ca...
CVE-2023-5276 SourceCodester Engineers Online Portal downloadable_student.php sql injection
E
CVE-2023-5277 SourceCodester Engineers Online Portal student_avatar.php unrestricted upload
E
CVE-2023-5278 SourceCodester Engineers Online Portal login.php sql injection
E
CVE-2023-5279 SourceCodester Engineers Online Portal my_classmates.php sql injection
E
CVE-2023-5280 SourceCodester Engineers Online Portal my_students.php sql injection
E
CVE-2023-5281 SourceCodester Engineers Online Portal remove_inbox_message.php sql injection
E
CVE-2023-5282 SourceCodester Engineers Online Portal seed_message_student.php sql injection
E
CVE-2023-5283 SourceCodester Engineers Online Portal teacher_signup.php sql injection
E
CVE-2023-5284 SourceCodester Engineers Online Portal upload_save_student.php unrestricted upload
E
CVE-2023-5285 Tongda OA 2017 delete.php sql injection
E
CVE-2023-5286 SourceCodester Expense Tracker App Category add_category.php cross site scripting
E
CVE-2023-5287 BEECMS cross site scripting
E
CVE-2023-5288 A remote unauthorized attacker may connect to the SIM1012, interact with the device and change conf...
S
CVE-2023-5289 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb
E S
CVE-2023-5290 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2023-5291 The Blog Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'AWL-BlogFilte...
S
CVE-2023-5292 The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripti...
S
CVE-2023-5293 ECshop leancloud.php sql injection
E S
CVE-2023-5294 ECshop order.php sql injection
E S
CVE-2023-5295 The Blog Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'vivafbcomment...
CVE-2023-5296 Xinhu RockOA Password password recovery
E
CVE-2023-5297 Xinhu RockOA start backup
E
CVE-2023-5298 Tongda OA 2017 delete.php sql injection
E
CVE-2023-5299 Fuji Electric Tellus Lite V-Simulator Improper Access Control
S
CVE-2023-5300 TTSPlanning sql injection
E
CVE-2023-5301 DedeCMS album_add.php AddMyAddon os command injection
E
CVE-2023-5302 SourceCodester Best Courier Management System Manage Account Page cross site scripting
E
CVE-2023-5303 Online Banquet Booking System Account Detail view-booking-detail.php cross site scripting
CVE-2023-5304 Online Banquet Booking System Service Booking book-services.php cross site scripting
CVE-2023-5305 Online Banquet Booking System Contact Us Page mail.php cross site scripting
CVE-2023-5306 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2023-5307 Photos and Files Contest Gallery – Contact Form < 21.2.8.1 - Unauthenticated Stored XSS via HTTP Headers
E
CVE-2023-5308 The Podcast Subscribe Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ...
S
CVE-2023-5309 Broken Session Management in Puppet Enterprise
CVE-2023-5310 Z-Wave Denial of Service caused by Stream of Packets
CVE-2023-5311 The WP EXtra plugin for WordPress is vulnerable to unauthorized modification of data due to a missin...
E S
CVE-2023-5312 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-43226. Reason: ...
R
CVE-2023-5313 phpkobo Ajax Poll Script ajax-poll.php improper enforcement of a single, unique action
E
CVE-2023-5314 The WP EXtra plugin for WordPress is vulnerable to unauthorized access to restricted functionality d...
S
CVE-2023-5315 The Google Maps made Simple plugin for WordPress is vulnerable to SQL Injection via the plugin's sho...
S
CVE-2023-5316 Cross-site Scripting (XSS) - DOM in thorsten/phpmyfaq
S
CVE-2023-5317 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
S
CVE-2023-5318 Use of Hard-coded Credentials in microweber/microweber
S
CVE-2023-5319 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
S
CVE-2023-5320 Cross-site Scripting (XSS) - DOM in thorsten/phpmyfaq
S
CVE-2023-5321 Missing Authorization in hamza417/inure
E S
CVE-2023-5322 D-Link DAR-7000 edit_manageadmin.php sql injection
E
CVE-2023-5323 Cross-site Scripting (XSS) - Generic in dolibarr/dolibarr
S
CVE-2023-5324 eeroOS Ethernet Interface denial of service
E
CVE-2023-5325 Woocommerce Vietnam Checkout < 2.0.6 - Unauthenticated Stored XSS
E
CVE-2023-5326 SATO CL4NX-J Plus WebConfig improper authentication
E
CVE-2023-5327 SATO CL4NX-J Plus path traversal
E
CVE-2023-5328 SATO CL4NX-J Plus Cookie improper authentication
E
CVE-2023-5329 Field Logic DataCube4 Web API improper authentication
E
CVE-2023-5330 Denial of Service via Opengraph Data Cache
S
CVE-2023-5331 File Information Leak via IDOR in file_id in Draft Posts
S
CVE-2023-5332 Dependency on Vulnerable Third-Party Component in GitLab
E S
CVE-2023-5333 Denial of Service via multiple identical User IDs in /api/v4/users/ids
S
CVE-2023-5334 The WP Responsive header image slider plugin for WordPress is vulnerable to Stored Cross-Site Script...
CVE-2023-5335 The Buzzsprout Podcasting plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'buz...
E
CVE-2023-5336 The iPanorama 360 – WordPress Virtual Tour Builder plugin for WordPress is vulnerable to SQL Injecti...
S
CVE-2023-5337 The Contact form Form For All plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ...
CVE-2023-5338 The Theme Blvd Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shor...
CVE-2023-5339 Mattermost Desktop logs all keystrokes during initial run after fresh installation 
S
CVE-2023-5340 Five Star Restaurant Menu and Food Ordering < 2.4.11 - Unauthenticated PHP Object Injection
E
CVE-2023-5341 Imagemagick: heap use-after-free in coders/bmp.c
S
CVE-2023-5343 Popup Box < 3.7.9 - Admin+ Stored XSS
E
CVE-2023-5344 Heap-based Buffer Overflow in vim/vim
E S
CVE-2023-5345 Use-after-free in Linux kernel's fs/smb/client component
S
CVE-2023-5346 Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potential...
CVE-2023-5347 Unauthenticated Firmware Upgrade
E M
CVE-2023-5348 Product Catalog Enquiry for WooCommerce < 5.0.3 - Unauthenticated Stored XSS via Arbitrary Setting Update
E
CVE-2023-5349 Draw while calling getdrawinfo()
E S
CVE-2023-5350 SQL Injection in salesagility/suitecrm
E S
CVE-2023-5351 Cross-site Scripting (XSS) - Stored in salesagility/suitecrm
E S
CVE-2023-5352 Awesome Support < 6.1.5 - Insufficient permission check in wpas_edit_reply
E
CVE-2023-5353 Improper Access Control in salesagility/suitecrm
E S
CVE-2023-5354 Awesome Support < 6.1.5 - Reflected Cross-Site Scripting
E
CVE-2023-5355 Awesome Support < 6.1.5 - Submitter+ Arbitrary File Deletion
E
CVE-2023-5356 Incorrect Authorization in GitLab
E S
CVE-2023-5357 The Instagram for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via sh...
S
CVE-2023-5358 Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier ...
CVE-2023-5359 W3 Total Cache <= 2.7.5 - Sensitive Credentials Stored in Plaintext
S
CVE-2023-5360 Royal Elementor Addons and Templates < 1.3.79 - Unauthenticated Arbitrary File Upload
E
CVE-2023-5362 The Carousel, Recent Post Slider and Banner Slider plugin for WordPress is vulnerable to Stored Cros...
E S
CVE-2023-5363 Incorrect cipher key & IV length processing
S
CVE-2023-5365 HP LIFE Android Mobile – Potential Escalation of Privilege, Information Disclosure
CVE-2023-5366 Openvswitch don't match packets on nd_target field
S
CVE-2023-5367 Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty
S
CVE-2023-5368 msdosfs data disclosure
S
CVE-2023-5369 copy_file_range insufficient capability rights check
CVE-2023-5370 arm64 boot CPUs may lack speculative execution protections
CVE-2023-5371 Memory Allocation with Excessive Size Value in Wireshark
E S
CVE-2023-5372 The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5...
CVE-2023-5373 SourceCodester Online Computer and Laptop Store Master.php register sql injection
E
CVE-2023-5374 SourceCodester Online Computer and Laptop Store products.php sql injection
E
CVE-2023-5375 Open Redirect in mosparo/mosparo
E S
CVE-2023-5376 TFTP Without Authentication
E M
CVE-2023-5377 Out-of-bounds Read in gpac/gpac
E S
CVE-2023-5378 Stored XSS in SmodBIP and MegaBIP
CVE-2023-5379 Undertow: ajp request closes connection exceeding maxrequestsize
CVE-2023-5380 Xorg-x11-server: use-after-free bug in destroywindow
S
CVE-2023-5381 The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a...
S
CVE-2023-5382 The Funnelforms Free plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up...
S
CVE-2023-5383 The Funnelforms Free plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up...
S
CVE-2023-5384 Infinispan: credentials returned from configuration as clear text
M
CVE-2023-5385 The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to ...
S
CVE-2023-5386 The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to ...
S
CVE-2023-5387 The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to ...
S
CVE-2023-5388 NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack coul...
CVE-2023-5389 An attacker could potentially exploit this vulnerability, leading to the ability to modify files on...
CVE-2023-5390 An attacker could potentially exploit this vulnerability, leading to files being read from the Honey...
CVE-2023-5391 A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker to...
CVE-2023-5392 C300 information leak due to an analysis feature which allows extracting more memory over the networ...
CVE-2023-5393 Server receiving a malformed message that causes a disconnect to a hostname may causing a stack over...
CVE-2023-5394 Server receiving a malformed message that where the GCL message hostname may be too large which may ...
CVE-2023-5395 Server receiving a malformed message that uses the hostname in an internal table may cause a stack o...
CVE-2023-5396 Server receiving a malformed message creates connection for a hostname that may cause a stack overfl...
CVE-2023-5397 Server receiving a malformed message to create a new connection could lead to an attacker performing...
CVE-2023-5398 Server receiving a malformed message based on a list of IPs resulting in heap corruption causing a d...
CVE-2023-5399 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulner...
CVE-2023-5400 Server receiving a malformed message based on a using the specified key values can cause a heap over...
CVE-2023-5401 Server receiving a malformed message based on a using the specified key values can cause a stack ove...
CVE-2023-5402 A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote code exec...
CVE-2023-5403 Server hostname translation to IP address manipulation which could lead to an attacker performing re...
CVE-2023-5404 Server receiving a malformed message can cause a pointer to be overwritten which can result in a rem...
CVE-2023-5405 Server information leak for the CDA Server process memory can occur when an error is generated in re...
CVE-2023-5406 Server communication with a controller can lead to remote code execution using a specially crafted m...
CVE-2023-5407 Controller denial of service due to improper handling of a specially crafted message received by the...
CVE-2023-5408 Openshift: modification of node role labels
CVE-2023-5409 HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models ...
S
CVE-2023-5410 A potential security vulnerability has been reported in the system BIOS of certain HP PC products, w...
CVE-2023-5411 The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to ...
S
CVE-2023-5412 The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via t...
E S
CVE-2023-5413 The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site S...
S
CVE-2023-5414 The Icegram Express plugin for WordPress is vulnerable to Directory Traversal in versions up to, and...
S
CVE-2023-5415 The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to ...
S
CVE-2023-5416 The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to ...
S
CVE-2023-5417 The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to ...
S
CVE-2023-5419 The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to ...
S
CVE-2023-5421 Possible XSS execution in customer information
S
CVE-2023-5422 SSL Certificates are not checked for E-Mail Handling
S
CVE-2023-5423 SourceCodester Online Pizza Ordering System sql injection
CVE-2023-5424 WS Form LITE <= 1.9.217 - Unauthenticated CSV Injection
S
CVE-2023-5425 The Post Meta Data Manager plugin for WordPress is vulnerable to unauthorized modification of data d...
S
CVE-2023-5426 The Post Meta Data Manager plugin for WordPress is vulnerable to unauthorized modification of data d...
S
CVE-2023-5427 Mali GPU Kernel Driver allows improper GPU processing operations
E S
CVE-2023-5428 The Image vertical reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the...
E S
CVE-2023-5429 The Information Reel plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode ...
E S
CVE-2023-5430 The Jquery news ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcod...
E S
CVE-2023-5431 The Left right image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the p...
E S
CVE-2023-5432 The Jquery news ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'jquery...
S
CVE-2023-5433 The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in...
E S
CVE-2023-5434 The Superb slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's sh...
E S
CVE-2023-5435 The Up down image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plug...
E S
CVE-2023-5436 The Vertical marquee plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode ...
E S
CVE-2023-5437 The WP fade in text news plugin for WordPress is vulnerable to SQL Injection via the plugin's shortc...
E S
CVE-2023-5438 The wp image slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcod...
E S
CVE-2023-5439 The Wp photo text slider 50 plugin for WordPress is vulnerable to SQL Injection via the plugin's sho...
E S
CVE-2023-5441 NULL Pointer Dereference in vim/vim
E S
CVE-2023-5442 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6991. Reason: ...
R
CVE-2023-5443 User Enumeration in EDM Informatic's E-Invoice Software
CVE-2023-5444 CSRF in ePO leading to privilege escalation
CVE-2023-5445 An open redirect vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2, allows a remot...
CVE-2023-5447 Use-After-Free in Service for Hardware Support App for Fingerprint Driver
CVE-2023-5448 The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Cross-Site Request Forg...
S
CVE-2023-5449 A potential security vulnerability has been identified in certain HP Displays supporting the Theft D...
S
CVE-2023-5450 BIG-IP Edge Client for macOS vulnerability
CVE-2023-5451 Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to...
S
CVE-2023-5452 Cross-site Scripting (XSS) - Stored in snipe/snipe-it
E S
CVE-2023-5454 Templately < 2.2.6 - Arbitrary post trashing via Missing Authorization
E
CVE-2023-5455 Ipa: invalid csrf protection
M
CVE-2023-5456 A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web applicati...
CVE-2023-5457 A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework...
CVE-2023-5458 CITS Support svg, webp Media and TTF,OTF File Upload < 3.0 - Author+ Stored XSS via SVG
E
CVE-2023-5459 Delta Electronics DVP32ES2 PLC Password Transmission denial of service
E
CVE-2023-5460 Delta Electronics WPLSoft Modbus Data Packet heap-based overflow
E
CVE-2023-5461 Delta Electronics WPLSoft Modbus cleartext transmission
E
CVE-2023-5462 XINJE XD5E-30R-E Modbus denial of service
E
CVE-2023-5463 XINJE XDPPro cfgmgr32.dll uncontrolled search path
E
CVE-2023-5464 The Jquery accordion slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's ...
E S
CVE-2023-5465 The Popup with fancybox plugin for WordPress is vulnerable to SQL Injection via the plugin's shortco...
S
CVE-2023-5466 The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcod...
S
CVE-2023-5467 The GEO my WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode...
CVE-2023-5468 The Slick Contact Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dcscf...
CVE-2023-5469 The Drop Shadow Boxes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dropsha...
S
CVE-2023-5470 The Etsy Shop plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'etsy-shop' shor...
S
CVE-2023-5471 codeprojects Farmacia index.php sql injection
E
CVE-2023-5472 Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to pot...
CVE-2023-5473 Use after free in Cast in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who had com...
CVE-2023-5474 Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who co...
CVE-2023-5475 Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70 allowed an attacker...
CVE-2023-5476 Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to...
CVE-2023-5477 Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local at...
CVE-2023-5478 Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote at...
CVE-2023-5479 Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an at...
CVE-2023-5480 Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote a...
CVE-2023-5481 Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote a...
CVE-2023-5482 Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attack...
CVE-2023-5483 Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote att...
CVE-2023-5484 Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote ...
CVE-2023-5485 Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote at...
CVE-2023-5486 Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attac...
CVE-2023-5487 Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attack...
CVE-2023-5488 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform updatelib.php unrestricted upload
E S
CVE-2023-5489 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform uploadfile.php unrestricted upload
E
CVE-2023-5490 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform userattestation.php unrestricted upload
E
CVE-2023-5491 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform updatelib.php unrestricted upload
E
CVE-2023-5492 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform licence.php unrestricted upload
E
CVE-2023-5493 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform web.php unrestricted upload
E
CVE-2023-5494 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform download.php os command injection
E
CVE-2023-5495 QDocs Smart School HTTP POST Request sql injection
E
CVE-2023-5496 Translator PoqDev Add-On Select Text cross site scripting
E
CVE-2023-5497 Tongda OA 2017 delete.php sql injection
E
CVE-2023-5498 Cross-Site Request Forgery (CSRF) in chiefonboarding/chiefonboarding
E S
CVE-2023-5499 Shenzhen Reachfar v28 information exposure
S
CVE-2023-5500 Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability
CVE-2023-5504 The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and includ...
S
CVE-2023-5505 BackWPup <= 4.0.1 - Authenticated (Administrator+) Directory Traversal
S
CVE-2023-5506 The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing cap...
S
CVE-2023-5507 The ImageMapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'imagemap' sho...
S
CVE-2023-5508 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2023-5509 myStickymenu < 2.6.5 - Subscriber+ Arbitrary Form Leads Deletion
E
CVE-2023-5510 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2023-5511 Cross-Site Request Forgery (CSRF) in snipe/snipe-it
E S
CVE-2023-5512 Improper Control of Generation of Code ('Code Injection') in GitLab
E S
CVE-2023-5513 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2023-5514 The response messages received from the eSOMS report generation using certain parameter queries wit...
CVE-2023-5515 The responses for web queries with certain parameters disclose internal path of resources. This inf...
CVE-2023-5516 Poorly constructed webap requests and URI components with special characters trigger unhandled erro...
CVE-2023-5517 Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled
S
CVE-2023-5519 EventPrime < 3.2.0 - Booking Creation via CSRF
E
CVE-2023-5520 Out-of-bounds Read in gpac/gpac
E S
CVE-2023-5521 Incorrect Authorization in tiann/kernelsu
E S
CVE-2023-5522 Mobile app freezes when receiving a post with hundreds of emojis
S
CVE-2023-5523 M-Files Web Companion allows Remote Code Execution
S
CVE-2023-5524 M-Files Web Companion allows Remote Code Execution for some filetypes
S
CVE-2023-5525 Limit Login Attempts Reloaded < 2.25.26 - Admin+ Missing Authorization to Toggle Plugin Auto-Update
E
CVE-2023-5527 Business Directory Plugin <= 6.4.3 - Authenticated (Author+) CSV Injection
CVE-2023-5528 Kubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation
S
CVE-2023-5529 Advanced Page Visit Counter <= 8.0.6 - Admin+ Stored XSS
E
CVE-2023-5530 Ninja Forms < 3.6.34 - Admin+ Stored XSS
E
CVE-2023-5531 The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery ...
S
CVE-2023-5532 The ImageMapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, ...
S
CVE-2023-5533 The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing...
S
CVE-2023-5534 The AI ChatBot plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, a...
S
CVE-2023-5535 Use After Free in vim/vim
E S
CVE-2023-5536 A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privi...
M
CVE-2023-5537 The Delete Usermeta plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up ...
S
CVE-2023-5538 The MpOperationLogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the IP Req...
E
CVE-2023-5539 Moodle: authenticated remote code execution risk in lesson
S
CVE-2023-5540 Moodle: authenticated remote code execution risk in imscp
S
CVE-2023-5541 Moodle: xss risk when using csv grade import method
S
CVE-2023-5542 Moodle: students can view other users in "only see own membership" groups
S
CVE-2023-5543 Moodle: duplicating a bigbluebutton activity assigns the same meeting id
S
CVE-2023-5544 Moodle: stored xss and potential idor risk in wiki comments
S
CVE-2023-5545 Moodle: auto-populated h5p author name causes a potential information leak
S
CVE-2023-5546 Moodle: stored xss in quiz grading report via user id number
S
CVE-2023-5547 Moodle: xss risk when previewing data in course upload tool
S
CVE-2023-5548 Moodle: cache poisoning risk with endpoint revision numbers
S
CVE-2023-5549 Moodle: insufficient capability checks when updating the parent of a course category
S
CVE-2023-5550 Moodle: rce due to lfi risk in some misconfigured shared hosting environments
S
CVE-2023-5551 Moodle: forum summary report shows students from other groups when in separate groups mode
S
CVE-2023-5552 A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with f...
CVE-2023-5553 During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the pro...
CVE-2023-5554 Lack of TLS certificate verification in log transmission of a financial module within LINE Client fo...
CVE-2023-5555 Cross-site Scripting (XSS) - Generic in frappe/lms
E S
CVE-2023-5556 Cross-site Scripting (XSS) - Reflected in structurizr/onpremises
E S
CVE-2023-5557 Tracker-miners: sandbox escape
E
CVE-2023-5558 LearnPress < 4.2.5.5 - Reflected Cross-Site Scripting
E
CVE-2023-5559 10Web Booster < 2.24.18 - Unauthenticated Arbitrary Option Deletion
E
CVE-2023-5560 WP-UserOnline < 2.88.3 - Unauthenticated Stored XSS
E
CVE-2023-5561 WordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure
E
CVE-2023-5562 Unsafe default allows for cross-site scripting attacks in KNIME Server and KNIME Business Hub
M
CVE-2023-5563 The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when...
CVE-2023-5564 Cross-site Scripting (XSS) - Stored in froxlor/froxlor
E S
CVE-2023-5565 The Shortcode Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'shortmenu'...
E
CVE-2023-5566 The Simple Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcod...
E
CVE-2023-5567 The QR Code Tag plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'qrcodetag' sh...
CVE-2023-5568 Samba: heap buffer overflow with freshness tokens in the heimdal kdc
CVE-2023-5570 User Enumeration in Inohom's Home Manager Gateway
CVE-2023-5571 Improper Input Validation in vriteio/vrite
E S
CVE-2023-5572 Server-Side Request Forgery (SSRF) in vriteio/vrite
E S
CVE-2023-5573 Allocation of Resources Without Limits or Throttling in vriteio/vrite
E S
CVE-2023-5574 Xorg-x11-server: use-after-free bug in damagedestroy
S
CVE-2023-5575 Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlie...
CVE-2023-5576 The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive Information...
S
CVE-2023-5577 The Bitly's plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpbi...
CVE-2023-5578 Portábilis i-Educar HTTP GET Request agenda_imprimir.php cross site scripting
CVE-2023-5579 yhz66 Sandbox User Data information disclosure
E
CVE-2023-5580 SourceCodester Library System index.php sql injection
E
CVE-2023-5581 SourceCodester Medicine Tracker System index.php cross site scripting
E
CVE-2023-5582 ZZZCMS Personal Profile Page cross site scripting
E
CVE-2023-5583 The WP Simple Galleries plugin for WordPress is vulnerable to PHP Object Injection in versions up to...
E
CVE-2023-5584 Rejected reason: We have rejected this CVE as it was determined a non-security issue by the vendor....
R
CVE-2023-5585 SourceCodester Online Motorcycle Rental System Bike List cross site scripting
CVE-2023-5586 NULL Pointer Dereference in gpac/gpac
E S
CVE-2023-5587 SourceCodester Free Hospital Management System for Small Practices Parameter doctors.php sql injection
E
CVE-2023-5588 kphrx pleroma pack.ex Pleroma.Emoji.Pack path traversal
S
CVE-2023-5589 SourceCodester Judging Management System login.php sql injection
E
CVE-2023-5590 NULL Pointer Dereference in seleniumhq/selenium
E S
CVE-2023-5591 SQL Injection in librenms/librenms
S
CVE-2023-5592 Phoenix Contact: ProConOs prone to Download of Code Without Integrity Check
CVE-2023-5593 The out-of-bounds write vulnerability in the Windows-based SecuExtender SSL VPN Client software vers...
S
CVE-2023-5594 Improper following of a certificate's chain of trust in ESET security products
CVE-2023-5595 Denial of Service in gpac/gpac
E S
CVE-2023-5597 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x
CVE-2023-5598 Stored Cross-site Scripting (XSS) vulnerabilities affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x
CVE-2023-5599 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x
CVE-2023-5601 WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload
E
CVE-2023-5602 The Social Media Share Buttons & Social Sharing Icons plugin for WordPress is vulnerable to Cross-Si...
S
CVE-2023-5604 Asgaros Forum < 2.7.1 - Unauthenticated Arbitrary File Upload
E
CVE-2023-5605 URL Shortify < 1.7.9.1 - Admin+ Stored XSS
E
CVE-2023-5606 The ChatBot for WordPress is vulnerable to Stored Cross-Site Scripting via the FAQ Builder in versio...
S
CVE-2023-5607 An improper limitation of a path name to a restricted directory (path traversal) vulnerability in t...
S
CVE-2023-5609 Seraphinite Accelerator < 2.20.29 - Reflected XSS
E
CVE-2023-5610 Seraphinite Accelerator < 2.20.29 - Authenticated Arbitrary Redirect
E
CVE-2023-5611 Seraphinite Accelerator < 2.20.32 - Unauthorised Settings Reset/Import
E
CVE-2023-5612 Missing Authorization in GitLab
E S
CVE-2023-5613 The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plu...
S
CVE-2023-5614 The Theme Switcha plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
S
CVE-2023-5615 The Skype Legacy Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the p...
CVE-2023-5616 In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was...
CVE-2023-5617 Hitachi Vantara Pentaho Data Integration & Analytics - Server-generated Error Message Containing Sensitive Information
CVE-2023-5618 The Modern Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugi...
S
CVE-2023-5619 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6530. Reason: T...
R
CVE-2023-5620 Webpushr < 4.35.0 - Unauthenticated Stored XSS
E
CVE-2023-5621 The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
CVE-2023-5622 Privilege Escalation
S
CVE-2023-5623 Privilege Escalation
S
CVE-2023-5624 Blind SQL Injection
S
CVE-2023-5625 Python-eventlet: patch regression for cve-2021-21419 in some red hat builds
S
CVE-2023-5626 Cross-Site Request Forgery (CSRF) in pkp/ojs
E S
CVE-2023-5627 Incorrect Implementation of Authentication Algorithm Vulnerability
S
CVE-2023-5629 A CWE-601:URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability exists that could cause...
CVE-2023-5630 A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a privi...
CVE-2023-5631 Stored XSS vulnerability in Roundcube
KEV E S
CVE-2023-5632 Unconditionally adding an event to the epoll causes excessive CPU consumption
S
CVE-2023-5633 Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling
S
CVE-2023-5634 SQLi in ArslanSoft's Education Portal
CVE-2023-5635 User Enumeration in ArslanSoft's Education Portal
CVE-2023-5636 Malicious File Upload in ArslanSoft's Education Portal
CVE-2023-5637 Plaintext Storage of a Password in ArslanSoft's Education Portal
CVE-2023-5638 The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'w...
S
CVE-2023-5639 The Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
S
CVE-2023-5640 Article Analytics <= 1.0 - Unauthenticated SQL injection
E
CVE-2023-5641 Martins Free & Easy SEO Link buildings < 1.2.30 - Reflected XSS
E
CVE-2023-5642 Advantech R-SeeNet Unauthenticated Read/Write
E
CVE-2023-5643 Mali GPU Kernel Driver allows improper GPU memory processing operations
S
CVE-2023-5644 WP Mail Log < 1.1.3 – Incorrect Authorization in REST API Endpoints
E
CVE-2023-5645 WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs endpoint
E
CVE-2023-5646 Rejected reason: ** REJECT **DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5241. Reason: This re...
R
CVE-2023-5647 Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5212. Reason: This re...
R
CVE-2023-5650 An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions...
CVE-2023-5651 WP Hotel Booking < 2.0.8 - Subscriber+ Arbitrary Post Deletion
E
CVE-2023-5652 WP Hotel Booking < 2.0.8 - Unauthenticated SQLi
E
CVE-2023-5653 WassUp Real Time Analytics <= 1.9.4.5 - Unauthenticated Stored XSS
E
CVE-2023-5654 The React Developer Tools extension registers a message listener with window.addEventListener('messa...
S
CVE-2023-5655 Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5534. Reason: This re...
R
CVE-2023-5656 Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5533. Reason: This re...
R
CVE-2023-5658 The WP MapIt plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_...
S
CVE-2023-5659 The Interact: Embed A Quiz On Your Site plugin for WordPress is vulnerable to Stored Cross-Site Scri...
CVE-2023-5660 The SendPress Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
E
CVE-2023-5661 The Social Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's '...
E
CVE-2023-5662 The Sponsors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spo...
S
CVE-2023-5663 The News Announcement Scroll plugin for WordPress is vulnerable to SQL Injection via the plugin's sh...
S
CVE-2023-5664 The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the p...
S
CVE-2023-5665 Payment Forms for Paystack <= 3.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE-2023-5666 The Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tc...
E S
CVE-2023-5667 The Tab Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ...
S
CVE-2023-5668 The WhatsApp Share Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
S
CVE-2023-5669 The Featured Image Caption plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
E
CVE-2023-5671 HP Print and Scan Doctor for Windows may potentially be vulnerable to escalation of privilege. HP is...
CVE-2023-5672 WP Mail Log < 1.1.3 – Contributor+ LFI in wml_logs/send_mail endpoint
E
CVE-2023-5673 WP Mail Log < 1.1.3 – Contributor+ Arbitrary File Upload to RCE
E
CVE-2023-5674 WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs/send_mail endpoint
E
CVE-2023-5675 Quarkus: authorization flaw in quarkus resteasy reactive and classic when "quarkus.security.jaxrs.deny-unannotated-endpoints" or "quarkus.security.jaxrs.default-roles-allowed" properties are used.
M
CVE-2023-5676 Eclipse OpenJ9 possible infinite busy hang
S
CVE-2023-5677 Brandon Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcpt...
CVE-2023-5678 Excessive time spent in DH check / generation with large Q parameter value
S
CVE-2023-5679 Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution
S
CVE-2023-5680 Cleaning an ECS-enabled cache may cause excessive CPU load
S
CVE-2023-5681 Netentsec NS-ASG Application Security Gateway list_addr_fwresource_ip.php sql injection
E
CVE-2023-5682 Tongda OA delete.php sql injection
E
CVE-2023-5683 Byzoro Smart S85F Management Platform importconf.php os command injection
E
CVE-2023-5684 Byzoro Smart S85F Management Platform importexport.php os command injection
E
CVE-2023-5685 Xnio: stackoverflowexception when the chain of notifier states becomes problematically big
M
CVE-2023-5686 Heap-based Buffer Overflow in radareorg/radare2
E S
CVE-2023-5687 Cross-Site Request Forgery (CSRF) in mosparo/mosparo
E S
CVE-2023-5688 Cross-site Scripting (XSS) - DOM in modoboa/modoboa
E S
CVE-2023-5689 Cross-site Scripting (XSS) - DOM in modoboa/modoboa
E S
CVE-2023-5690 Cross-Site Request Forgery (CSRF) in modoboa/modoboa
E S
CVE-2023-5691 The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admi...
S
CVE-2023-5692 WordPress Core is vulnerable to Sensitive Information Exposure in versions up to, and including, 6....
CVE-2023-5693 CodeAstro Internet Banking System pages_reset_pwd.php sql injection
E
CVE-2023-5694 CodeAstro Internet Banking System pages_system_settings.php cross site scripting
E
CVE-2023-5695 CodeAstro Internet Banking System pages_reset_pwd.php cross site scripting
E
CVE-2023-5696 CodeAstro Internet Banking System pages_transfer_money.php cross site scripting
E
CVE-2023-5697 CodeAstro Internet Banking System pages_withdraw_money.php cross site scripting
E
CVE-2023-5698 CodeAstro Internet Banking System pages_deposit_money.php cross site scripting
E
CVE-2023-5699 CodeAstro Internet Banking System pages_view_client.php cross site scripting
E
CVE-2023-5700 Netentsec NS-ASG Application Security Gateway uploadiscgwrouteconf.php sql injection
E
CVE-2023-5701 vnotex vnote Markdown File cross site scripting
E
CVE-2023-5702 Viessmann Vitogate 300 direct request
E
CVE-2023-5703 The Gift Up Gift Cards for WordPress and WooCommerce plugin for WordPress is vulnerable to Stored Cr...
E S
CVE-2023-5704 The CPO Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin'...
S
CVE-2023-5705 The VK Filter Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugi...
S
CVE-2023-5706 The VK Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vk...
S
CVE-2023-5707 The SEO Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 's...
E S
CVE-2023-5708 The WP Post Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
S
CVE-2023-5709 The WD WidgetTwitter plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode ...
E
CVE-2023-5710 The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a miss...
S
CVE-2023-5711 The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a miss...
S
CVE-2023-5712 The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a miss...
S
CVE-2023-5713 The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a miss...
S
CVE-2023-5714 The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a miss...
S
CVE-2023-5715 The Website Optimization – Plerdy plugin for WordPress is vulnerable to Stored Cross-Site Scripting ...
S
CVE-2023-5716 ASUS Armoury Crate - Arbitrary File Write
S
CVE-2023-5717 Out-of-bounds write in Linux kernel's Linux Kernel Performance Events (perf) component
S
CVE-2023-5718 The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via the...
E S
CVE-2023-5719 Red Lion Crimson Improper Neutralization of Null Byte or NUL Character
S
CVE-2023-5720 Quarkus: build env information disclosure via gradle plugin
CVE-2023-5721 It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally...
CVE-2023-5722 Using iterative requests an attacker was able to learn the size of an opaque response, as well as th...
CVE-2023-5723 An attacker with temporary script access to a site could have set a cookie containing invalid charac...
CVE-2023-5724 Drivers are not always robust to extremely large draw calls and in some cases this scenario could ha...
CVE-2023-5725 A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance cou...
CVE-2023-5726 A website could have obscured the full screen notification by using the file open dialog. This could...
CVE-2023-5727 The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxb...
CVE-2023-5728 During garbage collection extra operations were performed on a object that should not be. This could...
CVE-2023-5729 A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. Th...
CVE-2023-5730 Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these b...
CVE-2023-5731 Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption a...
CVE-2023-5732 An attacker could have created a malicious link using bidirectional characters to spoof the location...
CVE-2023-5737 WordPress Backup & Migration < 1.4.4 - Subscriber+ Plugin Settings Update
E
CVE-2023-5738 WordPress Backup & Migration < 1.4.5 - Subscriber+ Stored XSS
E
CVE-2023-5739 Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to elevation of pr...
S
CVE-2023-5740 The Live Chat with Facebook Messenger plugin for WordPress is vulnerable to Stored Cross-Site Script...
CVE-2023-5741 The POWR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'powr-po...
CVE-2023-5742 The EasyRotator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ...
S
CVE-2023-5743 The Telephone Number Linker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via th...
S
CVE-2023-5744 The Very Simple Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via th...
E S
CVE-2023-5745 The Reusable Text Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'text...
CVE-2023-5746 A vulnerability regarding use of externally-controlled format string is found in the cgi component. ...
CVE-2023-5747 Command injection via wave install file
CVE-2023-5748 Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi componen...
CVE-2023-5749 EmbedPress < 3.9.2 - Reflected XSS
E
CVE-2023-5750 EmbedPress < 3.9.2 - Reflected XSS
E
CVE-2023-5751 CODESYS: Development system prone to DoS through exposure of resource to wrong sphere
CVE-2023-5752 Mercurial configuration injectable in repo revision when installing via pip
S
CVE-2023-5753 Potential buffer overflow vulnerabilities in the Zephyr Bluetooth subsystem
E
CVE-2023-5754 Improper Restriction of Excessive Authentication Attempts in Sielco PolyEco1000
CVE-2023-5755 Rejected reason: **REJECT** Duplicate of CVE-2023-46784. Please refer to CVE-2023-46784....
R
CVE-2023-5756 The Digital Publications by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forge...
CVE-2023-5757 WP Crowdfunding < 2.1.8 - Admin+ Stored XSS
E
CVE-2023-5758 When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to...
CVE-2023-5759 Unauthenticated Remote Denial-of-Service via Buffer in Helix Core
CVE-2023-5760 Time-of-check to time-of-use (TOCTOU) bug leads to full local privilege escalation.
S
CVE-2023-5761 The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable t...
S
CVE-2023-5762 Filr – Secure document library < 1.2.3.6 - Author+ RCE via file upload with phar ext
E
CVE-2023-5763 Glassfish remote code execution
CVE-2023-5764 Ansible: template injection
S
CVE-2023-5765 Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023....
CVE-2023-5766 A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows a...
CVE-2023-5767 A vulnerability exists in the webserver that affects the RTU500 series product versions listed bel...
CVE-2023-5768 A vulnerability exists in the HCI IEC 60870-5-104 that affects the RTU500 series product versions li...
CVE-2023-5769 A vulnerability exists in the webserver that affects the RTU500 series product versions listed bel...
CVE-2023-5770 HTML injection in email body through email subject
CVE-2023-5771 HTML injection in AdminUI through email subject
CVE-2023-5772 The Debug Log Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versio...
CVE-2023-5773 Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-6136. Reason: This re...
R
CVE-2023-5774 The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plug...
E S
CVE-2023-5775 The BackWPup plugin for WordPress is vulnerable to Plaintext Storage of Backup Destination Password ...
S
CVE-2023-5776 The Post Meta Data Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all v...
S
CVE-2023-5777 Weintek EasyBuilder Pro Use of Hard-coded Credentials
S
CVE-2023-5779 can: out of bounds in remove_rx_filter function
E S
CVE-2023-5780 Tongda OA 2017 delete.php sql injection
E
CVE-2023-5781 Tongda OA 2017 delete_webmail.php DELETE_STR sql injection
E
CVE-2023-5782 Tongda OA 2017 General News delete_query.php sql injection
E
CVE-2023-5783 Tongda OA 2017 delete.php sql injection
E
CVE-2023-5784 Netentsec NS-ASG Application Security Gateway uploadfirewall.php sql injection
E
CVE-2023-5785 Netentsec NS-ASG Application Security Gateway addaddress_interpret.php sql injection
E
CVE-2023-5786 GeoServer GeoWebCache rest.html direct request
E
CVE-2023-5787 Shaanxi Chanming Education Technology Score Query System sql injection
E
CVE-2023-5789 Dragon Path 707GR1 Ping Diagnostics cross site scripting
E
CVE-2023-5790 SourceCodester File Manager App add-file.php unrestricted upload
E
CVE-2023-5791 SourceCodester Sticky Notes App add-note.php cross site scripting
E
CVE-2023-5792 SourceCodester Sticky Notes App delete-note.php sql injection
E
CVE-2023-5793 flusity CMS Dashboard customblock.php loadCustomBlocCreateForm cross site scripting
E S
CVE-2023-5794 PHPGurukul Online Railway Catering System Login index.php sql injection
E
CVE-2023-5795 CodeAstro POS System Profile Picture profil unrestricted upload
E
CVE-2023-5796 CodeAstro POS System Logo setting unrestricted upload
E
CVE-2023-5797 An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firm...
CVE-2023-5798 Assistant < 1.4.4 - Editor+ SSRF
E
CVE-2023-5799 WP Hotel Booking < 2.0.9 - Contributor+ Arbitrary Post Deletion
E
CVE-2023-5800 Insufficient input validation in VAPIX API create_overlay.cgi
CVE-2023-5801 Vulnerability of identity verification being bypassed in the face unlock module. Successful exploita...
CVE-2023-5802 WordPress WP Knowledgebase Plugin <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-5803 WordPress Business Directory Plugin Plugin <= 6.3.10 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-5804 PHPGurukul Nipah Virus Testing Management System login.php sql injection
E
CVE-2023-5805 SourceCodester Simple Real Estate Portal System view_estate.php sql injection
E
CVE-2023-5806 SQLi in Mergen Soft Quality Management System
CVE-2023-5807 SQLi in TRtek Software's Education Portal
CVE-2023-5808 System Management Unit (SMU) versions prior to 14.8.7825.01, used to manage Hitachi Vantara NAS products are susceptible to unintended information disclosure via unprivileged access to HNAS configuration backup and diagnostic data.
CVE-2023-5809 Popup box < 3.8.6 - Admin+ Stored XSS in Categories
E
CVE-2023-5810 flusity CMS posts.php loadPostAddForm cross site scripting
E S
CVE-2023-5811 flusity CMS posts.php loadPostAddForm cross site scripting
E S
CVE-2023-5812 flusity CMS upload.php handleFileUpload unrestricted upload
E
CVE-2023-5813 SourceCodester Task Reminder System sql injection
CVE-2023-5814 SourceCodester Task Reminder System sql injection
CVE-2023-5815 The News & Blog Designer Pack – WordPress Blog Plugin — (Blog Post Grid, Blog Post Slider, Blog Post...
S
CVE-2023-5816 Code Explorer <= 1.4.5 - Authenticated (Admin+) External File Reading
CVE-2023-5817 The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neo...
E S
CVE-2023-5818 The Amazonify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to...
S
CVE-2023-5819 The Amazonify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings i...
S
CVE-2023-5820 The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery ...
S
CVE-2023-5821 The Thumbnail carousel slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in ve...
CVE-2023-5822 The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitr...
S
CVE-2023-5823 WordPress TK Google Fonts GDPR Compliant Plugin <= 2.2.11 is vulnerable to Cross Site Request Forgery (CSRF)
S
CVE-2023-5824 Squid: dos against http and https
M
CVE-2023-5825 Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab
E S
CVE-2023-5826 Netentsec NS-ASG Application Security Gateway list_onlineuser.php sql injection
E
CVE-2023-5827 Shanghai CTI Navigation CTI Monitoring and Early Warning System UserEdit.aspx sql injection
E
CVE-2023-5828 Nanning Ontall Longxing Industrial Development Zone Project Construction and Installation Management System login.aspx sql injection
E
CVE-2023-5829 code-projects Admission Management System student_avatar.php unrestricted upload
E
CVE-2023-5830 ColumbiaSoft Document Locator WebTools login improper authentication
CVE-2023-5831 Insertion of Sensitive Information Into Sent Data in GitLab
S
CVE-2023-5832 Improper Input Validation in mintplex-labs/anything-llm
E S
CVE-2023-5833 Improper Access Control in mintplex-labs/anything-llm
E S
CVE-2023-5834 Vagrant’s Windows Installer Allowed Directory Junction Write
CVE-2023-5835 hu60t hu60wap6 ubbparser.php markdown cross site scripting
S
CVE-2023-5836 SourceCodester Task Reminder System sql injection
CVE-2023-5837 AlexanderLivanov FotosCMS2 Cookie profile.php cross site scripting
E
CVE-2023-5838 Insufficient Session Expiration in linkstackorg/linkstack
E S
CVE-2023-5839 Privilege Chaining in hestiacp/hestiacp
E S
CVE-2023-5840 Weak Password Recovery Mechanism for Forgotten Password in linkstackorg/linkstack
E S
CVE-2023-5841 OpenEXR Heap Overflow in Scanline Deep Data Parsing
E
CVE-2023-5842 Cross-site Scripting (XSS) - Stored in dolibarr/dolibarr
E S
CVE-2023-5843 The Ads by datafeedr.com plugin for WordPress is vulnerable to Remote Code Execution in versions up ...
E
CVE-2023-5844 Unverified Password Change in pimcore/admin-ui-classic-bundle
E S
CVE-2023-5845 Simple Social Buttons < 5.1.1 - Unauthenticated Password Protected Post Access
E
CVE-2023-5846 Use of Password Hash With Insufficient Computational Effort in Franklin Fueling System TS-550
S
CVE-2023-5847 Under certain conditions, a low privileged attacker could load a specially crafted file during inst...
CVE-2023-5849 Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potent...
CVE-2023-5850 Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacke...
CVE-2023-5851 Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote ...
CVE-2023-5852 Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who co...
CVE-2023-5853 Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacke...
CVE-2023-5854 Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who co...
CVE-2023-5855 Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker wh...
CVE-2023-5856 Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who ...
CVE-2023-5857 Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote ...
CVE-2023-5858 Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a r...
CVE-2023-5859 Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remot...
CVE-2023-5860 The Icons Font Loader plugin for WordPress is vulnerable to arbitrary file uploads due to missing fi...
S
CVE-2023-5861 Cross-site Scripting (XSS) - Stored in microweber/microweber
E S
CVE-2023-5862 Missing Authorization in hamza417/inure
E S
CVE-2023-5863 Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq
E S
CVE-2023-5864 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
E S
CVE-2023-5865 Insufficient Session Expiration in thorsten/phpmyfaq
E S
CVE-2023-5866 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq
E S
CVE-2023-5867 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
E S
CVE-2023-5868 Postgresql: memory disclosure in aggregate function calls
M
CVE-2023-5869 Postgresql: buffer overrun from integer overflow in array modification
M
CVE-2023-5870 Postgresql: role pg_signal_backend can signal certain superuser processes.
M
CVE-2023-5871 Libnbd: malicious nbd server may crash libnbd
S
CVE-2023-5873 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2023-5874 Popup box < 3.8.6 - Admin+ Stored XSS in Popup Settings
E
CVE-2023-5875 Lack of Hardening against media exploitation from a remote origin
S
CVE-2023-5876 Regex DoS from a malicious server enrolled in Desktop
S
CVE-2023-5877 affiliate-toolkit < 3.4.3 - Unauthenticated SSRF
E
CVE-2023-5878 OneWireless command injection possible when updating firmware
CVE-2023-5879 Aladdin Connect Android Application Insecure Storage
CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name
M
CVE-2023-5881 Unauthenticated access permitted to web interface page "Garage Door Control Module Setup"
CVE-2023-5882 WP All Export (Free < 1.4.1, Pro < 1.8.6) - Remote Code Execution via CSRF
E
CVE-2023-5884 Word Balloon < 4.20.3 - Avatar Removal via CSRF
E
CVE-2023-5885 Franklin Electric Fueling Systems Colibri Path Traversal
S
CVE-2023-5886 WP All Export (Free < 1.4.1, Pro < 1.8.6) - Author+ PHAR Deserialization via CSRF
E
CVE-2023-5888 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-7246. Reason: T...
R
CVE-2023-5889 Insufficient Session Expiration in pkp/pkp-lib
E S
CVE-2023-5890 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
E S
CVE-2023-5891 Cross-site Scripting (XSS) - Reflected in pkp/pkp-lib
E S
CVE-2023-5892 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
E S
CVE-2023-5893 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
E S
CVE-2023-5894 Cross-site Scripting (XSS) - Stored in pkp/ojs
E S
CVE-2023-5895 Cross-site Scripting (XSS) - DOM in pkp/pkp-lib
E S
CVE-2023-5896 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
E S
CVE-2023-5897 Cross-Site Request Forgery (CSRF) in pkp/customLocale
E S
CVE-2023-5898 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
E S
CVE-2023-5899 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
E S
CVE-2023-5900 Cross-Site Request Forgery in pkp/pkp-lib
E S
CVE-2023-5901 Cross-site Scripting in pkp/pkp-lib
E S
CVE-2023-5902 Cross-Site Request Forgery (CSRF) in pkp/pkp-lib
E S
CVE-2023-5903 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
E S
CVE-2023-5904 Cross-site Scripting (XSS) - Stored in pkp/pkp-lib
E S
CVE-2023-5905 DeMomentSomTres WordPress Export Posts With Images <= 20220825 - Subscriber+ unauthorized data export
E
CVE-2023-5906 Job Manager & Career < 1.4.4 - Directory listing to Sensitive Data Exposure
E
CVE-2023-5907 File Manager < 6.3 - Admin+ Arbitrary OS File/Folder Access + Path Traversal
E
CVE-2023-5908 Heap Based Buffer Overflow in PTC KEPServerEx
S
CVE-2023-5909 Improper Validation of Certificate with Host Mismatch in PTC KEPServerEx
S
CVE-2023-5910 PopojiCMS Web Config install.php cross site scripting
E
CVE-2023-5911 WP Custom Cursors <= 3.2 - Admin+ Stored XSS
E
CVE-2023-5912 A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may all...
S
CVE-2023-5913 A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.
S
CVE-2023-5914   Cross-site scripting (XSS)...
CVE-2023-5915 A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yoko...
M
CVE-2023-5916 Lissy93 Dashy Configuration save access control
E
CVE-2023-5917 phpBB Smiley Pack acp_icons.php main cross site scripting
S
CVE-2023-5918 SourceCodester Visitor Management System manage_user.php sql injection
E
CVE-2023-5919 SourceCodester Company Website CMS Create Blog Page createblog unrestricted upload
E
CVE-2023-5920 Lack Of Secure Keyboard Entry Protection in MacOS Desktop
S
CVE-2023-5921 Function Bypass in Geodi
CVE-2023-5922 Royal Elementor Addons and Templates < 1.3.81 - Unauthenticated Arbitrary Post Read
E
CVE-2023-5923 Campcodes Simple Student Information System index.php sql injection
E
CVE-2023-5924 Campcodes Simple Student Information System view_course.php sql injection
E
CVE-2023-5925 Campcodes Simple Student Information System Master.php sql injection
E
CVE-2023-5926 Campcodes Simple Student Information System update_status.php sql injection
E
CVE-2023-5927 Campcodes Simple Student Information System manage_course.php sql injection
E
CVE-2023-5928 Campcodes Simple Student Information System manage_department.php sql injection
E
CVE-2023-5929 Campcodes Simple Student Information System manage_academic.php sql injection
E
CVE-2023-5930 Campcodes Simple Student Information System manage_academic.php cross site scripting
E
CVE-2023-5931 rtMedia for WordPress, BuddyPress and bbPress < 4.6.16 - Subscriber+ RCE
E
CVE-2023-5932 Travelpayouts < 1.1.14 - Reflected XSS
E
CVE-2023-5933 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in GitLab
E S
CVE-2023-5934 Travelpayouts < 1.1.13 - Settings Update via CSRF
E
CVE-2023-5935 Missing authentication for local web interface in Arc before v1.6.0
S
CVE-2023-5936 Unsafe temporary data privileges on Unix systems in Arc before v1.6.0
S
CVE-2023-5937 Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0
S
CVE-2023-5938 Path traversal via 'zip slip' in Arc before v1.6.0
S
CVE-2023-5939 rtMedia for WordPress, BuddyPress and bbPress < 4.6.16 - Admin+ RCE
E
CVE-2023-5940 WP Not Login Hide <= 1.0 - Admin+ Stored XSS
E
CVE-2023-5941 libc stdio buffer overflow
CVE-2023-5942 Medialist < 1.4.1 - Contributor+ Stored XSS
E
CVE-2023-5943 Wp-Adv-Quiz < 1.0.3 - Admin+ Stored XSS
E
CVE-2023-5944 Delta Electronics DOPSoft Stack-based Buffer Overflow
S
CVE-2023-5945 The video carousel slider with lightbox plugin for WordPress is vulnerable to Cross-Site Request For...
E S
CVE-2023-5946 The Digirisk plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'current_g...
S
CVE-2023-5947 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-7247. Reason: T...
R
CVE-2023-5948 Improper Authorization in teamamaze/amazefileutilities
E S
CVE-2023-5949 SmartCrawl WordPress SEO checker < 3.8.3 - Unauthenticated Password Protected Post Disclosure
E
CVE-2023-5950 Rapid7 Velociraptor Reflected XSS
CVE-2023-5951 Welcart e-Commerce < 2.9.5 - Reflected XSS
E
CVE-2023-5952 Welcart e-Commerce < 2.9.5 - Unauthenticated PHP Object Injection
E
CVE-2023-5953 Welcart e-Commerce < 2.9.5 - Subscriber+ Arbitrary File Upload
E
CVE-2023-5954 Vault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption
CVE-2023-5955 Contact Form Email < 1.3.44 - Editor+ Stored Cross-Site Scripting
E
CVE-2023-5956 Wp-Adv-Quiz <= 1.0.2 - Admin+ Stored XSS in Quiz Overview
E
CVE-2023-5957 Ni Purchase Order(PO) For WooCommerce <= 1.2.1 - Admin+ File Upload to Remote Code Execution
E
CVE-2023-5958 POST SMTP Mailer < 2.7.1 - Unauthenticated Cross-site Scripting
E
CVE-2023-5959 Byzoro Smart S85F Management Platform login.php password recovery
E
CVE-2023-5960 An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series f...
CVE-2023-5961 ioLogik E1200 Series: Cross-Site Request Forgery (CSRF) Vulnerability
S
CVE-2023-5962 ioLogik E1200 Series: Weak Cryptographic Algorithm Vulnerability
S
CVE-2023-5963 Allocation of Resources Without Limits or Throttling in GitLab
S
CVE-2023-5964 1E-Exchange-DisplayMessage instruction allows for arbitrary code execution
CVE-2023-5965 Unrestricted Upload of File with Dangerous Type in EspoCRM
S
CVE-2023-5966 Unrestricted Upload of File with Dangerous Type in EspoCRM
S
CVE-2023-5967 Denial of Service via crashing the Calls Plugin
S
CVE-2023-5968 Password hash in response body after username update
S
CVE-2023-5969 Denial of Service via Link Preview in /api/v4/redirect_location
S
CVE-2023-5970 Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated at...
CVE-2023-5971 Save as PDF < 3.2.0 - Admin+ Stored XSS
E
CVE-2023-5972 Kernel: the nfta_inner_num and nfta_expr_name netlink attributes accessed without checking its presence in nft_inner.c
S
CVE-2023-5973 Truncated port name
CVE-2023-5974 WPB Show Core <= 2.2 - Unauthenticated Server Side Request Forgery
E
CVE-2023-5975 The ImageMapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, ...
S
CVE-2023-5976 Improper Access Control in microweber/microweber
E S
CVE-2023-5977 Rejected reason: Accidental Request....
R
CVE-2023-5978 Incorrect libcap_net limitation list manipulation
CVE-2023-5979 eCommerce Product Catalog Plugin for WordPress < 3.3.26 - Products Deletion via CSRF
E
CVE-2023-5980 BSK Forms Blacklist < 3.7 - Admin+ Stored Cross-Site Scripting
E
CVE-2023-5981 Gnutls: timing side-channel in the rsa-psk authentication
M
CVE-2023-5982 The UpdraftPlus: WordPress Backup & Migration Plugin plugin for WordPress is vulnerable to Cross-Sit...
S
CVE-2023-5983 Information Disclosure in Botanik Software Pharmacy Automation
CVE-2023-5984 A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow modified f...
CVE-2023-5985 A CWE-79 Improper Neutralization of Input During Web Page Generation vulnerability exists that co...
CVE-2023-5986 A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an openredirect v...
CVE-2023-5987 A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnera...
S
CVE-2023-5988 Reflected XSS in Uyumsoft ERP
CVE-2023-5989 Stored XSS in Uyumsoft ERP
CVE-2023-5990 Funnelforms Free < 3.4.2 - Form Deletion/Duplication via CSRF
E
CVE-2023-5991 Hotel Booking Lite < 4.8.5 - Unauthenticated Arbitrary File Download & Deletion
E
CVE-2023-5992 Opensc: side-channel leaks while stripping encryption pkcs#1 padding
E
CVE-2023-5993 Privilege Escalation in SafeNet Authentication Client Installer
S
CVE-2023-5995 Incorrect Authorization in GitLab
E S
CVE-2023-5996 Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to pot...
CVE-2023-5997 Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attac...
CVE-2023-5998 Out-of-bounds Read in gpac/gpac
E S
CVE-2023-5999 Rejected reason: This is a duplicate....
R
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.