| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2023-51006 | An issue in the openFile method of Chinese Perpetual Calendar v9.0.0 allows attackers to read any fi... | E | |
| CVE-2023-51010 | An issue in the export component AdSdkH5Activity of com.sdjictec.qdmetro v4.2.2 allows attackers to ... | E | |
| CVE-2023-51011 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51012 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51013 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51014 | TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51015 | TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable... | E | |
| CVE-2023-51016 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51017 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51018 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51019 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51020 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51021 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51022 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51023 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_t... | E | |
| CVE-2023-51024 | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51025 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command executio... | E | |
| CVE-2023-51026 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51027 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i... | E | |
| CVE-2023-51028 | TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in... | E | |
| CVE-2023-51033 | TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi... | E | |
| CVE-2023-51034 | TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi... | E | |
| CVE-2023-51035 | TOTOLINK EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution on the cstecgi.... | E | |
| CVE-2023-51042 | In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs... | S | |
| CVE-2023-51043 | In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race co... | S | |
| CVE-2023-51048 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /... | | |
| CVE-2023-51049 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /a... | | |
| CVE-2023-51050 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter a... | | |
| CVE-2023-51051 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /... | | |
| CVE-2023-51052 | S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /... | | |
| CVE-2023-51059 | An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attac... | E | |
| CVE-2023-51062 | An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE... | E | |
| CVE-2023-51063 | QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discovered to contain a DOM Based Re... | E | |
| CVE-2023-51064 | QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discovered to contain a DOM Based re... | E | |
| CVE-2023-51065 | Incorrect access control in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unaut... | E | |
| CVE-2023-51066 | An authenticated remote code execution vulnerability in QStar Archive Solutions Release RELEASE_3-0 ... | E | |
| CVE-2023-51067 | An unauthenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive Solutions Rel... | E | |
| CVE-2023-51068 | An authenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive Solutions Relea... | E | |
| CVE-2023-51070 | An access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauth... | E | |
| CVE-2023-51071 | An access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauth... | E | |
| CVE-2023-51072 | A stored cross-site scripting (XSS) vulnerability in the NOC component of Nagios XI version up to an... | | |
| CVE-2023-51073 | An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to execute arbitrary code via the Fi... | E | |
| CVE-2023-51074 | json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method.... | E | |
| CVE-2023-51075 | hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex funct... | E | |
| CVE-2023-51079 | A long execution time can occur in the ParseTools.subCompileExpression method in MVEL 2.5.0.Final be... | E | |
| CVE-2023-51080 | The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow... | E S | |
| CVE-2023-51084 | hyavijava v6.0.07.1 was discovered to contain a stack overflow via the ResultConverter.convert2Xml m... | E | |
| CVE-2023-51090 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinCo... | E | |
| CVE-2023-51091 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityH... | E | |
| CVE-2023-51092 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade.... | E | |
| CVE-2023-51093 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function fromSetLocalVla... | E | |
| CVE-2023-51094 | Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution vulnerability via the functio... | E | |
| CVE-2023-51095 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPoli... | E | |
| CVE-2023-51097 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetAutoPi... | E | |
| CVE-2023-51098 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the funct... | E | |
| CVE-2023-51099 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the funct... | E | |
| CVE-2023-51100 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the funct... | E | |
| CVE-2023-51101 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetUplink... | E | |
| CVE-2023-51102 | Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formWifiMacFi... | E | |
| CVE-2023-51103 | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in ... | E | |
| CVE-2023-51104 | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in ... | E | |
| CVE-2023-51105 | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in ... | E | |
| CVE-2023-51106 | A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function... | E | |
| CVE-2023-51107 | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in ... | E | |
| CVE-2023-51123 | An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary c... | E | |
| CVE-2023-51126 | Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to ru... | | |
| CVE-2023-51127 | FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal du... | | |
| CVE-2023-51133 | TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the func... | | |
| CVE-2023-51135 | TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the func... | | |
| CVE-2023-51136 | TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the func... | | |
| CVE-2023-51141 | An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive informati... | E | |
| CVE-2023-51142 | An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive informati... | E | |
| CVE-2023-51146 | Buffer Overflow vulnerability in TRENDnet AC1200 TEW-821DAP with firmware version 3.00b06 allows an ... | E | |
| CVE-2023-51147 | Buffer Overflow vulnerability in TRENDnet Trendnet AC1200 TEW-821DAP with firmware version 3.00b06 a... | E | |
| CVE-2023-51148 | An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06... | E | |
| CVE-2023-51154 | Jizhicms v2.5 was discovered to contain an arbitrary file download vulnerability via the component /... | E | |
| CVE-2023-51157 | Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute ar... | E | |
| CVE-2023-51195 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-51197 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-51198 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-51199 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-51200 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-51201 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-51202 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-51204 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-51208 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-51210 | SQL injection vulnerability in Webkul Bundle Product 6.0.1 allows a remote attacker to execute arbit... | E | |
| CVE-2023-51217 | An issue discovered in TenghuTOS TWS-200 firmware version:V4.0-201809201424 allows a remote attacker... | E | |
| CVE-2023-51219 | A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run a... | | |
| CVE-2023-51246 | A Cross Site Scripting (XSS) vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mod... | | |
| CVE-2023-51252 | PublicCMS 4.0 is vulnerable to Cross Site Scripting (XSS). Because files can be uploaded and online ... | E | |
| CVE-2023-51254 | Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrar... | E | |
| CVE-2023-51257 | An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker t... | | |
| CVE-2023-51258 | A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service ... | E | |
| CVE-2023-51277 | nbviewer-app (aka Jupyter Notebook Viewer) before 0.1.6 has the get-task-allow entitlement for relea... | E S | |
| CVE-2023-51281 | Cross Site Scripting vulnerability in Customer Support System v.1.0 allows a remote attacker to esca... | E | |
| CVE-2023-51282 | An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a c... | E | |
| CVE-2023-51293 | A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Event Booki... | E | |
| CVE-2023-51295 | PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin... | | |
| CVE-2023-51296 | PHPJabbers Event Booking Calendar v4.0 is vulnerable to Cross-Site Scripting (XSS) in the "name, plu... | E | |
| CVE-2023-51297 | A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0 allo... | E | |
| CVE-2023-51298 | PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows an ... | E | |
| CVE-2023-51299 | PHPJabbers Hotel Booking System v4.0 is vulnerable to HTML Injection in the "name, plugin_sms_api_ke... | E | |
| CVE-2023-51300 | PHPJabbers Hotel Booking System v4.0 is vulnerable to Cross-Site Scripting (XSS) vulnerabilities in ... | E | |
| CVE-2023-51301 | A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking Sys... | E | |
| CVE-2023-51302 | PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an at... | E | |
| CVE-2023-51303 | PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple HTML Injection in the "lid, name, p... | E | |
| CVE-2023-51305 | PHPJabbers Car Park Booking System v3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) ... | | |
| CVE-2023-51306 | PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) i... | E | |
| CVE-2023-51308 | PHPJabbers Car Park Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name, plugi... | | |
| CVE-2023-51309 | A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Car Park Booking System v3.0 a... | E | |
| CVE-2023-51310 | A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Car Park Bo... | E | |
| CVE-2023-51311 | PHPJabbers Car Park Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows an... | E | |
| CVE-2023-51312 | PHPJabbers Restaurant Booking System v3.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in R... | E | |
| CVE-2023-51313 | PHPJabbers Restaurant Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows ... | E | |
| CVE-2023-51314 | A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Restaurant ... | E | |
| CVE-2023-51315 | PHPJabbers Restaurant Booking System v3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS... | E | |
| CVE-2023-51316 | A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Bus Reservation System v1.1 a... | E | |
| CVE-2023-51317 | PHPJabbers Restaurant Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name, plu... | E | |
| CVE-2023-51318 | PHPJabbers Bus Reservation System v1.1 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) i... | E | |
| CVE-2023-51319 | PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV Injection vulnerability which allows an ... | E | |
| CVE-2023-51320 | PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allow... | E | |
| CVE-2023-51321 | A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Night Club Booking Software v... | E | |
| CVE-2023-51323 | A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Shared Asset Booking System v... | E | |
| CVE-2023-51324 | PHPJabbers Shared Asset Booking System v1.0 is vulnerable to CSV Injection vulnerability which allow... | E | |
| CVE-2023-51325 | PHPJabbers Shared Asset Booking System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (X... | E | |
| CVE-2023-51326 | A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software v1... | E | |
| CVE-2023-51327 | A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software v1... | E | |
| CVE-2023-51328 | PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XS... | E | |
| CVE-2023-51330 | PHPJabbers Cinema Booking System v1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in Now S... | E | |
| CVE-2023-51331 | PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which allows... | E | |
| CVE-2023-51332 | A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Meeting Room Booking System v... | E | |
| CVE-2023-51333 | PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an a... | E | |
| CVE-2023-51334 | A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cinema Booking System v1.0 al... | E | |
| CVE-2023-51335 | PHPJabbers Cinema Booking System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in... | | |
| CVE-2023-51336 | PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which allow... | E | |
| CVE-2023-51337 | PHPJabbers Event Ticketing System v1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in "lid... | E | |
| CVE-2023-51338 | PHPJabbers Meeting Room Booking System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (X... | E | |
| CVE-2023-51339 | A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1.0 a... | E | |
| CVE-2023-51350 | A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and exec... | E | |
| CVE-2023-51353 | WordPress Popup by Supsystic plugin <= 1.10.19 - Broken Access Control vulnerability | S | |
| CVE-2023-51354 | WordPress Webba Booking Plugin <= 4.5.33 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51355 | WordPress MultiVendorX plugin <= 4.0.23 - Broken Access Control vulnerability | S | |
| CVE-2023-51356 | WordPress ARMember plugin <= 4.0.10 - Privilege Escalation vulnerability | S | |
| CVE-2023-51357 | WordPress Track Google Analytics 4, Facebook Pixel & Conversions API via Google Tag Manager for WooCommerce plugin <= 6.5.0 - Broken Access Control vulnerability | S | |
| CVE-2023-51358 | WordPress Block IPs for Gravity Forms Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51359 | WordPress Essential Blocks plugin <= 4.2.0 - Multiple Contributor+ Broken Access Control vulnerability | S | |
| CVE-2023-51360 | WordPress Essential Blocks plugin <= 4.2.0 - Multiple Subscriber+ Broken Access Control vulnerability | S | |
| CVE-2023-51361 | WordPress Sticky Chat Widget Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51362 | WordPress myStickyElements plugin <= 2.1.3 - Broken Access Control vulnerability | S | |
| CVE-2023-51363 | VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can a... | S | |
| CVE-2023-51364 | QTS, QuTS hero, QuTScloud | S | |
| CVE-2023-51365 | QTS, QuTS hero, QuTScloud | S | |
| CVE-2023-51366 | QTS, QuTS hero | S | |
| CVE-2023-51367 | QTS, QuTS hero | S | |
| CVE-2023-51368 | QTS, QuTS hero | S | |
| CVE-2023-51369 | WordPress Customize My Account for WooCommerce plugin <= 1.8.3 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51370 | WordPress WP Chat App Plugin <= 3.4.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51371 | WordPress Bit Assist Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51372 | WordPress HashBar – WordPress Notification Bar Plugin <= 1.4.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51373 | WordPress Google Photos Gallery with Shortcodes Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51374 | WordPress ZeroBounce Email Verification & Validation Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51375 | WordPress EmbedPress plugin <= 3.8.3 - Broken Access Control vulnerability | S | |
| CVE-2023-51376 | WordPress ProjectHuddle Client Site plugin <= 1.0.34 - Broken Access Control vulnerability | S | |
| CVE-2023-51377 | WordPress Everest Forms plugin <= 2.0.3 - Broken Access Control vulnerability | S | |
| CVE-2023-51378 | WordPress Rise Blocks Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51379 | Incorrect Authorization for Issue Comments in GitHub Enterprise Server | | |
| CVE-2023-51380 | Incorrect Authorization allows Read Access to Issue Comments in GitHub Enterprise Server | | |
| CVE-2023-51381 | Rejected reason: This CVE ID has been rejected or withdrawn by GitHub.... | R | |
| CVE-2023-51384 | In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. Whe... | S | |
| CVE-2023-51385 | In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell... | S | |
| CVE-2023-51386 | Sandbox Accounts for Events vulnerable to privilege escalation to read running events data | S | |
| CVE-2023-51387 | Expression Injection Vulnerability in Hertzbeat | E S | |
| CVE-2023-51388 | HertzBeat AviatorScript Inject RCE | E S | |
| CVE-2023-51389 | HertzBeat SnakeYAML Deser RCE | E S | |
| CVE-2023-51390 | Information Disclosure Vulnerability in Journalpump | S | |
| CVE-2023-51391 | Micrium OS Network uC-HTTP server header parsing invalid pointer dereference vulnerability | | |
| CVE-2023-51392 | Silicon Labs EFR32xxx parts with classic key storage do not use hardware accelerated AES-CCM | | |
| CVE-2023-51393 | Potential DoS due to BusFault and Assert in Ember ZNet legacy packet buffer | | |
| CVE-2023-51394 | Potential DoS for EFR32xxx parts in high traffic environments due to null buffer dereference / crash | | |
| CVE-2023-51395 | Z-Wave S0 Decryption Vulnerability in End Devices | | |
| CVE-2023-51396 | WordPress Brizy – Page Builder Plugin <= 2.4.29 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51397 | WordPress WP Remote Site Search Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51398 | WordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.14 - Privilege Escalation vulnerability | S | |
| CVE-2023-51399 | WordPress Back Button Widget Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51401 | WordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.13 - Limited Arbitrary File Download vulnerability | S | |
| CVE-2023-51402 | WordPress Ultimate Addons for WPBakery Page Builder Plugin <= 3.19.17 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51403 | WordPress Restaurant Reservations Plugin <= 1.8 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51404 | WordPress My Agile Privacy Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51405 | WordPress BookingPress plugin <= 1.0.74 - Booking Price Manipulation vulnerability | S | |
| CVE-2023-51406 | WordPress FastDup Plugin <= 2.1.7 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-51407 | WordPress Split Test For Elementor plugin <= 1.6.9 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51408 | WordPress WP Optin Wheel Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-51409 | WordPress AI Engine plugin <= 1.9.98 - Unauthenticated Arbitrary File Upload vulnerability | S | |
| CVE-2023-51410 | WordPress WP Mail Log Plugin <= 1.1.2 is vulnerable to Arbitrary File Upload | S | |
| CVE-2023-51411 | WordPress Frontend Admin by DynamiApps Plugin <= 3.18.3 is vulnerable to Arbitrary File Upload | | |
| CVE-2023-51412 | WordPress Piotnet Forms Plugin <= 1.0.25 is vulnerable to Arbitrary File Upload | | |
| CVE-2023-51413 | WordPress Piotnet Forms plugin <= 1.0.29 - Broken Access Control vulnerability | S | |
| CVE-2023-51414 | WordPress EnvíaloSimple Plugin <= 2.1 is vulnerable to PHP Object Injection | | |
| CVE-2023-51415 | WordPress GiveWP Plugin <= 3.2.2 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51416 | WordPress EnvíaloSimple plugin <= 2.2 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51417 | WordPress JVM rich text icons Plugin <= 1.2.3 is vulnerable to Arbitrary File Upload | S | |
| CVE-2023-51418 | WordPress JVM rich text icons plugin <= 1.2.6 - Arbitrary File Deletion vulnerability | S | |
| CVE-2023-51419 | WordPress BERTHA AI Plugin <= 1.11.10.7 is vulnerable to Arbitrary File Upload | S | |
| CVE-2023-51420 | WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Remote Code Execution (RCE) | | |
| CVE-2023-51421 | WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Arbitrary File Upload | | |
| CVE-2023-51422 | WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to PHP Object Injection | | |
| CVE-2023-51423 | WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to SQL Injection | | |
| CVE-2023-51424 | WordPress WebinarIgnition plugin <= 3.05.0 - Unauthenticated Privilege Escalation vulnerability | S | |
| CVE-2023-51425 | WordPress Rencontre plugin <= 3.10.1 - Unauthenticated Account Takeover vulnerability | S | |
| CVE-2023-51426 | Some Honor products are affected by type confusion vulnerability, successful exploitation could cau... | | |
| CVE-2023-51427 | Some Honor products are affected by type confusion vulnerability, successful exploitation could cau... | | |
| CVE-2023-51428 | Some Honor products are affected by type confusion vulnerability, successful exploitation could cau... | | |
| CVE-2023-51429 | Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploi... | | |
| CVE-2023-51430 | Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploi... | | |
| CVE-2023-51431 | Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploi... | | |
| CVE-2023-51432 | Some Honor products are affected by out of bounds read vulnerability, successful exploitation could... | | |
| CVE-2023-51433 | Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploi... | | |
| CVE-2023-51434 | Some Honor products are affected by buffer overflow vulnerability, successful exploitation could ca... | | |
| CVE-2023-51435 | Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploi... | | |
| CVE-2023-51436 | Cross-site scripting vulnerability exists in UNIVERSAL PASSPORT RX versions 1.0.0 to 1.0.8, which ma... | | |
| CVE-2023-51437 | Apache Pulsar: Timing attack in SASL token signature verification | | |
| CVE-2023-51438 | A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager <... | | |
| CVE-2023-51439 | A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V1... | | |
| CVE-2023-51440 | A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC... | | |
| CVE-2023-51441 | Apache Axis 1.x (EOL) may allow SSRF when untrusted input is passed to the service admin HTTP API | S | |
| CVE-2023-51442 | Authentication bypass vulnerability in navidrome's subsonic endpoint | E S | |
| CVE-2023-51443 | FreeSWITCH susceptible to Denial of Service via DTLS Hello packets during call initiation | E S | |
| CVE-2023-51444 | GeoServer arbitrary file upload vulnerability in REST Coverage Store API | E S | |
| CVE-2023-51445 | GeoServer Stored Cross-Site Scripting (XSS) vulnerability in REST Resources API | E S | |
| CVE-2023-51446 | GLPI LDAP Injection during authentication | S | |
| CVE-2023-51447 | Decidim vulnerable to cross-site scripting (XSS) in the dynamic file uploads | S | |
| CVE-2023-51448 | SQL Injection vulnerability when managing SNMP Notification Receivers | E | |
| CVE-2023-51449 | Make the `/file` secure against file traversal attacks | S | |
| CVE-2023-51450 | baserCMS OS command injection vulnerability in Installer | S | |
| CVE-2023-51451 | SSRF in symbolicator via invalid protocol | S | |
| CVE-2023-51452 | A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone devices... | | |
| CVE-2023-51453 | A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone devices... | | |
| CVE-2023-51454 | A Out-of-bounds Write issue affecting the v2_sdk_service running on a set of DJI drone devices on th... | | |
| CVE-2023-51455 | A Improper Validation of Array Index issue affecting the v2_sdk_service running on a set of DJI dron... | | |
| CVE-2023-51456 | A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone devices... | | |
| CVE-2023-51457 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) | | |
| CVE-2023-51458 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) | | |
| CVE-2023-51459 | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) | | |
| CVE-2023-51460 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) | | |
| CVE-2023-51461 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) | | |
| CVE-2023-51462 | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) | S | |
| CVE-2023-51463 | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) | | |
| CVE-2023-51464 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) | | |
| CVE-2023-51467 | Apache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability | S | |
| CVE-2023-51468 | WordPress Rencontre – Dating Site Plugin <= 3.10.1 is vulnerable to Arbitrary File Upload | S | |
| CVE-2023-51469 | WordPress Checkout Mestres WP Plugin <= 7.1.9.6 is vulnerable to SQL Injection | | |
| CVE-2023-51470 | WordPress Rencontre – Dating Site Plugin <= 3.11.1 is vulnerable to PHP Object Injection | | |
| CVE-2023-51471 | WordPress Checkout Mestres WP plugin <= 7.1.9.7 - Unauthenticated Arbitrary Options Update vulnerability | S | |
| CVE-2023-51472 | WordPress Checkout Mestres WP plugin <= 7.1.9.7 - Unauthenticated Account Takeover vulnerability | S | |
| CVE-2023-51473 | WordPress TerraClassifieds Plugin <= 2.0.3 is vulnerable to Arbitrary File Upload | | |
| CVE-2023-51474 | WordPress TerraClassifieds plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability | | |
| CVE-2023-51475 | WordPress WP MLM Unilevel Plugin <= 4.0 is vulnerable to Arbitrary File Upload | | |
| CVE-2023-51476 | WordPress WP MLM Unilevel plugin <= 4.0 - Unauthenticated Account Takeover vulnerability | | |
| CVE-2023-51477 | WordPress BuddyBoss Theme theme <= 2.4.60 - Unauth. Arbitrary WordPress Settings Change vulnerability | S | |
| CVE-2023-51478 | WordPress Build App Online plugin <= 1.0.19 - Unauthenticated Account Takeover vulnerability | | |
| CVE-2023-51479 | WordPress Build App Online plugin <= 1.0.19 - Authenticated Privilege Escalation vulnerability | | |
| CVE-2023-51480 | WordPress Active Products Tables for WooCommerce Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51481 | WordPress Local Delivery Drivers for WooCommerce plugin <= 1.9.0 - Unauthenticated Account Takeover vulnerability | S | |
| CVE-2023-51482 | WordPress Eazy Plugin Manager plugin <= 4.1.2 - Auth. Arbitrary Options Update lead to RCE vulnerability | S | |
| CVE-2023-51483 | WordPress WP Frontend Profile plugin <= 1.3.1 - Unauthenticated Privilege Escalation vulnerability | S | |
| CVE-2023-51484 | WordPress Login as User or Customer plugin <= 3.8 - Unauthenticated Account Takeover vulnerability | | |
| CVE-2023-51485 | WordPress Pay with Vipps for WooCommerce Plugin <= 1.14.13 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51486 | WordPress WooCommerce PDF Invoice Builder, Create invoices, packing slips and more plugin <= 1.2.101 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51487 | WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51488 | WordPress Crowdsignal Dashboard – Polls, Surveys & more Plugin <= 3.0.11 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51489 | WordPress Crowdsignal Polls & Ratings plugin <= 3.0.11 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51490 | WordPress Defender Security Plugin <= 4.1.0 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-51491 | WordPress Depicter Slider plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51492 | WordPress If-So Dynamic Content Personalization Plugin <= 1.6.3.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51493 | WordPress Custom Post Carousels with Owl Plugin <= 1.4.6 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51494 | WordPress WooCommerce Product Vendors plugin <= 2.2.1 - Broken Access Control vulnerability | S | |
| CVE-2023-51495 | WordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerability | S | |
| CVE-2023-51496 | WordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerability | S | |
| CVE-2023-51497 | WordPress WooCommerce Ship to Multiple Addresses plugin <= 3.8.9 - Broken Access Control vulnerability | S | |
| CVE-2023-51498 | WordPress WooCommerce Canada Post Shipping plugin <= 2.8.3 - Broken Access Control vulnerability | S | |
| CVE-2023-51499 | WordPress WooCommerce Shipping Per Product plugin <= 2.5.4 - Broken Access Control vulnerability | S | |
| CVE-2023-51500 | WordPress Uncode Core plugin <= 2.8.8 - Arbitrary File Deletion vulnerability | S | |
| CVE-2023-51501 | WordPress Uncode Core Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51502 | WordPress WooCommerce Stripe Payment Gateway Plugin <= 7.6.1 is vulnerable to Insecure Direct Object References (IDOR) | S | |
| CVE-2023-51503 | WordPress WooCommerce Payments Plugin <= 6.6.2 is vulnerable to Insecure Direct Object References (IDOR) | S | |
| CVE-2023-51504 | WordPress Dan's Embedder for Google Calendar Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51505 | WordPress Active Products Tables for WooCommerce Plugin <= 1.0.6 is vulnerable to PHP Object Injection | S | |
| CVE-2023-51506 | WordPress WPCS Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51507 | WordPress Quiz And Survey Master plugin <= 8.1.16 - Broken Access Control vulnerability | S | |
| CVE-2023-51508 | WordPress Database Cleaner Plugin <= 0.9.8 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-51509 | WordPress RegistrationMagic Plugin <= 5.2.4.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51510 | WordPress Export Media URLs plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51511 | WordPress Booster Elite for WooCommerce plugin < 7.1.3 - Authenticated Production Creation/Modification Vulnerability | S | |
| CVE-2023-51512 | WordPress Product Table by WBW plugin <= 1.8.6 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51514 | WordPress CBX Bookmark & Favorite Plugin <= 1.7.13 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51515 | WordPress Uncode Core plugin <= 2.8.8 - Privilege Escalation vulnerability | S | |
| CVE-2023-51516 | WordPress Business Directory Plugin – Easy Listing Directories for WordPress plugin <= 6.3.9 - Broken Access Control vulnerability | S | |
| CVE-2023-51517 | WordPress Calculated Fields Form Plugin <= 1.2.28 is vulnerable to Open Redirection | S | |
| CVE-2023-51518 | Apache James server: Privilege escalation via JMX pre-authentication deserialisation | | |
| CVE-2023-51519 | WordPress Slider by Soliloquy – Responsive Image Slider for WordPress plugin <= 2.7.2 - Broken Access Control vulnerability | S | |
| CVE-2023-51520 | WordPress Booking Calendar Plugin < 9.7.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51521 | WordPress Quiz And Survey Master plugin <= 8.1.18 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51522 | WordPress Paid Membership Subscriptions plugin <= 2.10.4 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51523 | WordPress WooCommerce Easy Duplicate Product plugin <= 0.3.0.7 - Broken Access Control vulnerability | S | |
| CVE-2023-51524 | WordPress weForms plugin <= 1.6.18 - Broken Access Control vulnerability | S | |
| CVE-2023-51525 | WordPress WP Simple Booking Calendar plugin <= 2.0.8.4 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2023-51526 | WordPress Simple Staff List plugin <= 2.2.4 - Broken Access Control vulnerability | S | |
| CVE-2023-51527 | WordPress GPT3 AI Content Writer Plugin <= 1.8.2 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-51528 | WordPress GPT3 AI Content Writer Plugin <= 1.8.12 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51529 | WordPress HT Mega Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51530 | WordPress GS Logo Slider Plugin <= 3.5.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51531 | WordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51532 | WordPress Icegram Plugin <= 3.1.19 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51533 | WordPress Ecwid Shopping Cart Plugin <= 6.12.4 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51534 | WordPress Brave Popup Builder Plugin <= 0.6.2 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51535 | WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51536 | WordPress CRM Perks Forms Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51537 | WordPress Awesome Support plugin <= 6.1.5 - Broken Access Control vulnerability | S | |
| CVE-2023-51538 | WordPress Awesome Support Plugin <= 6.1.5 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51539 | WordPress Apollo13 Framework Extensions Plugin <= 1.9.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51540 | WordPress Custom 404 Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51541 | WordPress Stock Ticker Plugin <= 3.23.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51542 | WordPress Branda plugin <= 3.4.14 - IP Restriction Bypass vulnerability | S | |
| CVE-2023-51543 | WordPress RegistrationMagic plugin <= 5.2.5.0 - IP Limit Bypass vulnerability | S | |
| CVE-2023-51544 | WordPress RegistrationMagic plugin <= 5.2.5.0 - Form Submission Limit Bypass vulnerability | S | |
| CVE-2023-51545 | WordPress Job Manager & Career Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection | S | |
| CVE-2023-51546 | WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.2.1 - Privilege Escalation vulnerability | S | |
| CVE-2023-51547 | WordPress Fluent Support Plugin <= 1.7.6 is vulnerable to SQL Injection | S | |
| CVE-2023-51548 | WordPress SlickNav Mobile Menu Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51549 | Foxit PDF Reader AcroForm Doc Object Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-51550 | Foxit PDF Reader combobox Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51551 | Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-51552 | Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-51553 | Foxit PDF Reader Bookmark Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51554 | Foxit PDF Reader Signature Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2023-51555 | Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51556 | Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-51557 | Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-51558 | Foxit PDF Reader AcroForm Doc Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51559 | Foxit PDF Reader Doc Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-51560 | Foxit PDF Reader Annotation Type Confusion Remote Code Execution Vulnerability | | |
| CVE-2023-51561 | Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51562 | Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51563 | Kofax Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-51564 | Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51565 | Kofax Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-51566 | Kofax Power PDF OXPS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51567 | Kofax Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51568 | Kofax Power PDF OXPS File Parsing Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2023-51569 | Kofax Power PDF BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-51570 | Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution Vulnerability | | |
| CVE-2023-51571 | Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability | | |
| CVE-2023-51572 | Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-51573 | Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability | | |
| CVE-2023-51574 | Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability | | |
| CVE-2023-51575 | Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability | | |
| CVE-2023-51576 | Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability | | |
| CVE-2023-51577 | Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability | | |
| CVE-2023-51578 | Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability | | |
| CVE-2023-51579 | Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation Vulnerability | | |
| CVE-2023-51580 | BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51581 | Voltronic Power ViewPower MacMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability | | |
| CVE-2023-51582 | Voltronic Power ViewPower LinuxMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability | | |
| CVE-2023-51583 | Voltronic Power ViewPower UpsScheduler Exposed Dangerous Method Remote Code Execution Vulnerability | | |
| CVE-2023-51584 | Voltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution Vulnerability | | |
| CVE-2023-51585 | Voltronic Power ViewPower USBCommEx shutdown Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-51586 | Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability | | |
| CVE-2023-51587 | Voltronic Power ViewPower getModbusPassword Missing Authentication Information Disclosure Vulnerability | | |
| CVE-2023-51588 | Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability | | |
| CVE-2023-51589 | BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51590 | Voltronic Power ViewPower Pro UpLoadAction Unrestricted File Upload Remote Code Execution Vulnerability | | |
| CVE-2023-51591 | Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure Vulnerability | | |
| CVE-2023-51592 | BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51593 | Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability | | |
| CVE-2023-51594 | BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51595 | Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability | | |
| CVE-2023-51596 | BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51597 | Kofax Power PDF U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-51598 | Hancom Office Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-51599 | Honeywell Saia PG5 Controls Suite Directory Traversal Remote Code Execution Vulnerability | | |
| CVE-2023-51600 | Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability | | |
| CVE-2023-51601 | Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability | | |
| CVE-2023-51602 | Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability | | |
| CVE-2023-51603 | Honeywell Saia PG5 Controls Suite CAB File Parsing Directory Traversal Remote Code Execution Vulnerability | | |
| CVE-2023-51604 | Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability | | |
| CVE-2023-51605 | Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability | | |
| CVE-2023-51606 | Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-51607 | Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51608 | Kofax Power PDF J2K File Parsing Memory Corruption Remote Code Execution Vulnerability | | |
| CVE-2023-51609 | Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51610 | Kofax Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2023-51611 | Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-51612 | Kofax Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2023-51613 | D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51614 | D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51615 | D-Link DIR-X3260 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51616 | D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51617 | D-Link DIR-X3260 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51618 | D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51619 | D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51620 | D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51621 | D-Link DIR-X3260 prog.cgi SetDeviceSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51622 | D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51623 | D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51624 | D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Nonce Stack-Based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51625 | D-Link DCS-8300LHV2 ONVIF SetSystemDateAndTime Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-51626 | D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Username Stack-Based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51627 | D-Link DCS-8300LHV2 ONVIF Duration Stack-Based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51628 | D-Link DCS-8300LHV2 ONVIF SetHostName Stack-Based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51629 | D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability | | |
| CVE-2023-51630 | Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability | | |
| CVE-2023-51631 | D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51633 | Centreon sysName Cross-Site Scripting Remote Code Execution Vulnerability | S | |
| CVE-2023-51634 | NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability | | |
| CVE-2023-51635 | NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-51636 | Avira Prime Link Following Local Privilege Escalation Vulnerability | | |
| CVE-2023-51637 | Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability | | |
| CVE-2023-51638 | Allegra Hard-coded Credentials Authentication Bypass Vulnerability | | |
| CVE-2023-51639 | Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability | | |
| CVE-2023-51640 | Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability | | |
| CVE-2023-51641 | Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability | | |
| CVE-2023-51642 | Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability | | |
| CVE-2023-51643 | Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability | | |
| CVE-2023-51644 | Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability | | |
| CVE-2023-51645 | Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability | | |
| CVE-2023-51646 | Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability | | |
| CVE-2023-51647 | Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability | | |
| CVE-2023-51648 | Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability | | |
| CVE-2023-51649 | Nautobot missing object-level permissions enforcement when running Job Buttons | S | |
| CVE-2023-51650 | Unauthorized access vulnerability on three interfaces | E | |
| CVE-2023-51651 | Potential URI resolution path traversal in the AWS SDK for PHP | S | |
| CVE-2023-51652 | OWASP.AntiSamy mXSS when preserving comments | S | |
| CVE-2023-51653 | Hertzbeat JMX JNDI RCE | E S | |
| CVE-2023-51654 | Improper link resolution before file access ('Link Following') issue exists in iPrint&Scan Desktop f... | | |
| CVE-2023-51655 | In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via... | | |
| CVE-2023-51656 | Apache IoTDB: Unsafe deserialize map in Sync Tool | | |
| CVE-2023-51661 | Filesystem sandbox not enforced in wasmer-cli | E S | |
| CVE-2023-51662 | Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL) | | |
| CVE-2023-51663 | Hail authentication can be bypassed by changing email address | M | |
| CVE-2023-51664 | tj-actions/changed-files command injection in output filenames | E S | |
| CVE-2023-51665 | Audiobookshelf vulnerable to Blind SSRF in `Auth.js` | S | |
| CVE-2023-51666 | WordPress Related Post Plugin <= 2.0.53 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51667 | WordPress Rate my Post – WP Rating System plugin <= 3.4.2 - Broken Access Control vulnerability | S | |
| CVE-2023-51668 | WordPress Inline Image Upload for BBPress Plugin <= 1.1.18 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51669 | WordPress Product Code for WooCommerce Plugin <= 1.4.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51670 | WordPress FunnelKit Checkout plugin <= 3.10.3 - Authenticated Arbitrary Plugin Activation vulnerability | S | |
| CVE-2023-51671 | WordPress FunnelKit Checkout plugin <= 3.10.3 - Authenticated Plugin Settings Change vulnerability | S | |
| CVE-2023-51672 | WordPress FunnelKit Checkout plugin <= 3.10.3 - Unauthenticated Arbitrary Post/Page Deletion vulnerability | S | |
| CVE-2023-51673 | WordPress Stylish Price List Plugin <= 7.0.17 is vulnerable to Broken Access Control | S | |
| CVE-2023-51674 | WordPress Advanced Access Manager Plugin <= 6.9.18 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51675 | WordPress Advanced Access Manager Plugin <= 6.9.18 is vulnerable to Open Redirection | S | |
| CVE-2023-51676 | WordPress Happy Addons for Elementor Plugin <= 3.9.1.1 is vulnerable to Server Side Request Forgery (SSRF) | S | |
| CVE-2023-51677 | WordPress Schema & Structured Data for WP & AMP Plugin <= 1.23 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51678 | WordPress Doofinder for WooCommerce Plugin <= 2.0.33 is vulnerable to Broken Access Control | S | |
| CVE-2023-51679 | WordPress BulkGate SMS Plugin for WooCommerce plugin <= 3.0.2 - Broken Access Control vulnerability | S | |
| CVE-2023-51680 | WordPress Quotes for WooCommerce plugin <= 2.0.1 - Broken Access Control vulnerability | S | |
| CVE-2023-51681 | WordPress Duplicator Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51682 | WordPress MC4WP plugin <= 4.9.9 - Broken Access Control vulnerability | S | |
| CVE-2023-51683 | WordPress Easy PayPal Buy Now Button Plugin <= 1.8.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51684 | WordPress Easy Digital Downloads Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51685 | WordPress WP Review Slider Plugin <= 12.7 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51687 | WordPress Product Catalog Simple Plugin <= 1.7.6 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-51688 | WordPress eCommerce Product Catalog Plugin <= 3.3.26 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-51689 | WordPress Easy Video Player Plugin <= 1.2.2.10 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51690 | WordPress Advanced iFrame Plugin <= 2023.8 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51691 | WordPress wpDiscuz Plugin <= 7.6.12 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51692 | WordPress Customer Reviews for WooCommerce Plugin <= 5.38.1 is vulnerable to Broken Access Control | S | |
| CVE-2023-51693 | WordPress Themify Icons Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51694 | WordPress Embed Privacy Plugin <= 1.8.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51695 | WordPress Everest Forms Plugin <= 2.0.4.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-51696 | WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-51697 | Audiobookshelf vulnerable to Blind SSRF in `podcastUtils.js` | S | |
| CVE-2023-51698 | Atril's CBT comic book parsing vulnerable to Remote Code Execution | E S | |
| CVE-2023-51699 | OS Command Injection for Fluid Users with JuicefsRuntime | S | |
| CVE-2023-51700 | WP-Mobile-BankID-Integration WordPress Database Deserialization: Potential for Object Injection | S | |
| CVE-2023-51701 | @fastify-reply-from JSON Content-Type parsing confusion | | |
| CVE-2023-51702 | Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service | S | |
| CVE-2023-51704 | An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x... | E S | |
| CVE-2023-51707 | MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via cr... | | |
| CVE-2023-51708 | Bentley eB System Management Console applications within Assetwise Integrity Information Server allo... | | |
| CVE-2023-51710 | EMS SQL Manager 3.6.2 (build 55333) for Oracle allows DLL hijacking: a user can trigger the executio... | | |
| CVE-2023-51711 | An issue was discovered in Regify Regipay Client for Windows version 4.5.1.0 allows DLL hijacking: a... | | |
| CVE-2023-51712 | An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in th... | M | |
| CVE-2023-51713 | make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash,... | E S | |
| CVE-2023-51714 | An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x t... | S | |
| CVE-2023-51717 | Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authenti... | M | |
| CVE-2023-51719 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51720 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51721 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51722 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51723 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51724 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51725 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51726 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51727 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51728 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51729 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51730 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51731 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51732 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51733 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51734 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51735 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51736 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51737 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51738 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51739 | Stored Cross Site Scripting Vulnerability in Skyworth Router | S | |
| CVE-2023-51740 | Cleartext Submission of Password vulnerability in Skyworth Router | S | |
| CVE-2023-51741 | Cleartext Submission of Password vulnerability in Skyworth Router | S | |
| CVE-2023-51742 | Buffer Overflow vulnerability in Skyworth Router | S | |
| CVE-2023-51743 | Buffer Overflow vulnerability in Skyworth Router | S | |
| CVE-2023-51744 | A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V1... | | |
| CVE-2023-51745 | A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V1... | | |
| CVE-2023-51746 | A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V1... | | |
| CVE-2023-51747 | SMTP smuggling in Apache James | | |
| CVE-2023-51748 | ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S c... | E | |
| CVE-2023-51749 | ScaleFusion 10.5.2 does not properly limit users to the Edge application because a search can be mad... | E | |
| CVE-2023-51750 | ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can ... | | |
| CVE-2023-51751 | ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used.... | | |
| CVE-2023-51753 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2023-51754 | Rejected reason: This is unused.... | R | |
| CVE-2023-51755 | Rejected reason: This is unused.... | R | |
| CVE-2023-51756 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2023-51761 | Emerson Rosemount GC370XA, GC700XA, GC1500XA Improper Authentication | S | |
| CVE-2023-51763 | csv_builder.rb in ActiveAdmin (aka Active Admin) before 3.2.0 allows CSV injection.... | S | |
| CVE-2023-51764 | Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_un... | E M | |
| CVE-2023-51765 | sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a ... | E S | |
| CVE-2023-51766 | Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attac... | E S | |
| CVE-2023-51767 | OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authent... | | |
| CVE-2023-51770 | Apache DolphinScheduler: Arbitrary File Read Vulnerability | S | |
| CVE-2023-51771 | In MicroHttpServer (aka Micro HTTP Server) through a8ab029, _ParseHeader in lib/server.c allows a on... | E | |
| CVE-2023-51772 | One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset... | | |
| CVE-2023-51773 | BACnet Stack before 1.3.2 has a decode function APDU buffer over-read in bacapp_decode_application_d... | S | |
| CVE-2023-51774 | The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a si... | E | |
| CVE-2023-51775 | The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consum... | E | |
| CVE-2023-51776 | Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate pr... | | |
| CVE-2023-51777 | Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cau... | | |
| CVE-2023-51778 | Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a... | | |
| CVE-2023-51779 | bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-fr... | | |
| CVE-2023-51780 | An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-... | S | |
| CVE-2023-51781 | An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a u... | S | |
| CVE-2023-51782 | An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use... | S | |
| CVE-2023-51784 | Apache InLong: Remote Code Execution vulnerability in Apache InLong Manager | | |
| CVE-2023-51785 | Apache InLong: Arbitrary File Read Vulnerability in Apache InLong Manager | | |
| CVE-2023-51786 | An issue was discovered in Lustre versions 2.13.x, 2.14.x, and 2.15.x before 2.15.4, allows attacker... | | |
| CVE-2023-51787 | An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread t... | | |
| CVE-2023-51790 | Cross Site Scripting vulnerability in piwigo v.14.0.0 allows a remote attacker to obtain sensitive i... | E | |
| CVE-2023-51791 | Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arb... | | |
| CVE-2023-51792 | Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of servi... | | |
| CVE-2023-51793 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arb... | | |
| CVE-2023-51794 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arb... | | |
| CVE-2023-51795 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arb... | | |
| CVE-2023-51796 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arb... | | |
| CVE-2023-51797 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arb... | | |
| CVE-2023-51798 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arb... | | |
| CVE-2023-51800 | Cross Site Scripting (XSS) vulnerability in School Fees Management System v.1.0 allows a remote atta... | E | |
| CVE-2023-51801 | SQL Injection vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker t... | E | |
| CVE-2023-51802 | Cross Site Scripting (XSS) vulnerability in the Simple Student Attendance System v.1.0 allows a remo... | E | |
| CVE-2023-51803 | LinuxServer.io Heimdall before 2.5.7 does not prevent use of icons that have non-image data such as ... | | |
| CVE-2023-51804 | An issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via manipul... | E S | |
| CVE-2023-51805 | SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain se... | E S | |
| CVE-2023-51806 | File Upload vulnerability in Ujcms v.8.0.2 allows a local attacker to execute arbitrary code via a c... | E | |
| CVE-2023-51807 | Cross Site Scripting vulnerability in OFCMS v.1.14 allows a remote attacker to obtain sensitive info... | E | |
| CVE-2023-51810 | SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in v.5.0.10 allows a remote ... | E | |
| CVE-2023-51812 | Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the... | E | |
| CVE-2023-51813 | Cross Site Request Forgery (CSRF) vulnerability in Free Open-Source Inventory Management System v.1.... | E | |
| CVE-2023-51820 | An issue in Blurams Lumi Security Camera (A31C) v.2.3.38.12558 allows a physically proximate attacke... | E | |
| CVE-2023-51828 | A SQL Injection vulnerability in /admin/convert/export.class.php in PMB 7.4.7 and earlier versions a... | E | |
| CVE-2023-51833 | A command injection issue in TRENDnet TEW-411BRPplus v.2.07_eu that allows a local attacker to execu... | E | |
| CVE-2023-51835 | An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to execute arbitrary code via the ... | E | |
| CVE-2023-51837 | Ylianst MeshCentral 1.1.16 is vulnerable to Missing SSL Certificate Validation.... | | |
| CVE-2023-51838 | Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.... | E | |
| CVE-2023-51839 | DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm.... | | |
| CVE-2023-51840 | DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key.... | | |
| CVE-2023-51842 | An algorithm-downgrade issue was discovered in Ylianst MeshCentral 1.1.16.... | E | |
| CVE-2023-51843 | react-dashboard 1.4.0 is vulnerable to Cross Site Scripting (XSS) as httpOnly is not set.... | | |
| CVE-2023-51847 | An issue in obgm and Libcoap v.a3ed466 allows a remote attacker to cause a denial of service via the... | | |
| CVE-2023-51885 | Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbit... | E | |
| CVE-2023-51886 | Buffer Overflow vulnerability in the main() function in Mathtex 1.05 and before allows a remote atta... | E | |
| CVE-2023-51887 | Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arb... | E | |
| CVE-2023-51888 | Buffer Overflow vulnerability in the nomath() function in Mathtex v.1.05 and before allows a remote ... | E | |
| CVE-2023-51889 | Stack Overflow vulnerability in the validate() function in Mathtex v.1.05 and before allows a remote... | E | |
| CVE-2023-51890 | An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume CP... | E | |
| CVE-2023-51892 | An issue in weaver e-cology v.10.0.2310.01 allows a remote attacker to execute arbitrary code via a ... | | |
| CVE-2023-51906 | An issue in yonyou YonBIP v3_23.05 allows a remote attacker to execute arbitrary code via a crafted ... | | |
| CVE-2023-51924 | An arbitrary file upload vulnerability in the uap.framework.rc.itf.IResourceManager interface of Yon... | | |
| CVE-2023-51925 | An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.d... | | |
| CVE-2023-51926 | YonBIP v3_23.05 was discovered to contain an arbitrary file read vulnerability via the nc.bs.framewo... | | |
| CVE-2023-51927 | YonBIP v3_23.05 was discovered to contain a SQL injection vulnerability via the com.yonyou.hrcloud.a... | | |
| CVE-2023-51928 | An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.d... | | |
| CVE-2023-51931 | An issue in alanclarke URLite v.3.1.0 allows an attacker to cause a denial of service (DoS) via a cr... | E | |
| CVE-2023-51939 | An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allo... | E S | |
| CVE-2023-51946 | Multiple reflected cross-site scripting (XSS) vulnerabilities in nasSvr.php in actidata actiNAS-SL-2... | E | |
| CVE-2023-51947 | Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attac... | E | |
| CVE-2023-51948 | A Site-wide directory listing vulnerability in /fm in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows... | E | |
| CVE-2023-51949 | Verydows v2.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /prote... | E | |
| CVE-2023-51951 | SQL Injection vulnerability in Stock Management System 1.0 allows a remote attacker to execute arbit... | E | |
| CVE-2023-51952 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function f... | E | |
| CVE-2023-51953 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function form... | E | |
| CVE-2023-51954 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function form... | E | |
| CVE-2023-51955 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the functi... | E | |
| CVE-2023-51956 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function for... | E | |
| CVE-2023-51957 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function form... | E | |
| CVE-2023-51958 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function form... | E | |
| CVE-2023-51959 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function f... | E | |
| CVE-2023-51960 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function for... | E | |
| CVE-2023-51961 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the functi... | E | |
| CVE-2023-51962 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setI... | E | |
| CVE-2023-51963 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function set... | E | |
| CVE-2023-51964 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setI... | E | |
| CVE-2023-51965 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function s... | E | |
| CVE-2023-51966 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the functi... | E | |
| CVE-2023-51967 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function getI... | E | |
| CVE-2023-51968 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the functi... | E | |
| CVE-2023-51969 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function get... | E | |
| CVE-2023-51970 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function form... | E | |
| CVE-2023-51971 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function g... | E | |
| CVE-2023-51972 | Tenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the function f... | E | |
| CVE-2023-51978 | In PHPGurukul Art Gallery Management System v1.1, "Update Artist Image" functionality of "imageid" p... | E | |
| CVE-2023-51982 | CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After co... | E | |
| CVE-2023-51984 | D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. ... | E | |
| CVE-2023-51987 | D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log... | E | |
| CVE-2023-51989 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-51987. Reason: This candidat... | R |