ποΈ CVE-2023-0045
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscal
ποΈ CVE-2023-0126
Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an
ποΈ CVE-2023-0099
The Simple URLs WordPress plugin before 115 does not sanitise and escape some parameters before outp
ποΈ CVE-2023-0156
The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not limit what log files to displa
ποΈ CVE-2023-0157
The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not escape the content of log file
ποΈ CVE-2023-0236
The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the reset_key and user_id
ποΈ CVE-2023-0159
The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a
ποΈ CVE-2023-0261
The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape
ποΈ CVE-2023-0179
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue
ποΈ CVE-2023-0264
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate
ποΈ CVE-2023-0266
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel.Β SNDRV_CTL_IOCTL_E
ποΈ CVE-2023-0315
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.
ποΈ CVE-2023-0334
The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a paramete
ποΈ CVE-2023-0297
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31.
ποΈ CVE-2023-0461
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local
ποΈ CVE-2023-0464
A security vulnerability has been identified in all supported versionsof OpenSSL related to the ve
ποΈ CVE-2023-0514
The Membership Database WordPress plugin through 1.0 does not sanitise and escape a parameter before
ποΈ CVE-2023-0527
A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as p
ποΈ CVE-2023-0552
The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection UR
ποΈ CVE-2023-0562
A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as crit
ποΈ CVE-2023-0563
A vulnerability classified as problematic has been found in PHPGurukul Bank Locker Management System
ποΈ CVE-2023-0600
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input
ποΈ CVE-2023-0386
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file
ποΈ CVE-2023-0602
The Twittee Text Tweet WordPress plugin through 1.0.8 does not properly escape POST values which are
ποΈ CVE-2023-0630
The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering s
ποΈ CVE-2023-0656
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker
ποΈ CVE-2023-0448
The WP Helper Lite WordPress plugin, in versions < 4.3, returns all GET parameters unsanitized in th
ποΈ CVE-2023-0777
Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4.
ποΈ CVE-2023-0669
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vu
ποΈ CVE-2023-0678
Missing Authorization in GitHub repository phpipam/phpipam prior to v1.5.1.
ποΈ CVE-2023-0748
Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.
ποΈ CVE-2023-0830
A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function sys
ποΈ CVE-2023-0860
Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-insta
ποΈ CVE-2023-0861
NetModule NSRW web administration interface executes an OS command constructed with unsanitized user
ποΈ CVE-2023-0900
The Pricing Table Builder WordPress plugin through 1.1.6 does not properly sanitise and escape a par
ποΈ CVE-2023-0942
The Japanized For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting v
ποΈ CVE-2023-0947
Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3.
ποΈ CVE-2023-0948
The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before ou
ποΈ CVE-2023-0968
The Watu Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the βdnβ, 'em
ποΈ CVE-2023-1020
The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a para
ποΈ CVE-2023-1080
The GN Publisher plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the βtabβ
ποΈ CVE-2023-1112
A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 on WordPress.
ποΈ CVE-2023-1177
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
ποΈ CVE-2023-1263
The CMP β Coming Soon & Maintenance plugin for WordPress is vulnerable to Information Exposure in ve
ποΈ CVE-2023-1326
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-202
ποΈ CVE-2023-1337
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss
ποΈ CVE-2023-1362
Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior to
ποΈ CVE-2023-1389
TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injec
ποΈ CVE-2023-1408
The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a paramete
ποΈ CVE-2023-1415
A vulnerability was found in Simple Art Gallery 1.0. It has been declared as critical. This vulnerab
ποΈ CVE-2023-1430
The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthoriz
ποΈ CVE-2023-1454
A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown p
ποΈ CVE-2023-1496
Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0.
ποΈ CVE-2023-1498
A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Af
ποΈ CVE-2023-1546
The MyCryptoCheckout WordPress plugin before 2.124 does not escape some URLs before outputting them
ποΈ CVE-2023-1665
Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior
ποΈ CVE-2023-1671
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older
ποΈ CVE-2023-1698
In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create ne
ποΈ CVE-2023-1718
Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 al
ποΈ CVE-2023-1719
Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthentica
ποΈ CVE-2023-1730
The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using
ποΈ CVE-2023-1767
The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored XSS prior to 28th Mar
ποΈ CVE-2023-1780
The Companion Sitemap Generator WordPress plugin before 4.5.3 does not sanitise and escape some para
ποΈ CVE-2023-1835
The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input befo
ποΈ CVE-2023-1880
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
ποΈ CVE-2023-1890
The Tablesome WordPress plugin before 1.0.9 does not escape various generated URLs, before outputtin
ποΈ CVE-2023-1892
Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/sidekiq prior to 7.0.8.
ποΈ CVE-2023-2002
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net
ποΈ CVE-2023-2008
A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a faul
ποΈ CVE-2023-2009
Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 s
ποΈ CVE-2023-2023
The Custom 404 Pro WordPress plugin before 3.7.3 does not escape some URLs before outputting them in
ποΈ CVE-2023-2024
Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 all
ποΈ CVE-2023-2033
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potential
ποΈ CVE-2023-2114
The NEX-Forms WordPress plugin before 8.4 does not properly escape the `table` parameter, which is p
ποΈ CVE-2023-2122
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowd_ta
ποΈ CVE-2023-2123
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter b
ποΈ CVE-2023-2130
A vulnerability classified as critical has been found in SourceCodester Purchase Order Management Sy
ποΈ CVE-2023-2178
The Aajoda Testimonials WordPress plugin before 2.2.2 does not sanitise and escape some of its setti
ποΈ CVE-2023-2215
A vulnerability classified as critical has been found in Campcodes Coffee Shop POS System 1.0. Affec
ποΈ CVE-2023-2224
The SEO by 10Web WordPress plugin before 1.2.7 does not sanitise and escape some of its settings, wh
ποΈ CVE-2023-2227
Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0.
ποΈ CVE-2023-2249
The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forge
ποΈ CVE-2023-2252
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not v
ποΈ CVE-2023-2255
Improper access control in editor components of The Document Foundation LibreOffice allowed an attac
ποΈ CVE-2023-2272
The Tiempo.com WordPress plugin through 0.1.2 does not sanitise and escape the page parameter before
ποΈ CVE-2023-2356
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.
ποΈ CVE-2023-2437
The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and inclu
ποΈ CVE-2023-2479
OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4.
ποΈ CVE-2023-2516
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
ποΈ CVE-2023-2523
A vulnerability was found in Weaver E-Office 9.5. It has been rated as critical. Affected by this is
ποΈ CVE-2023-2579
The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, w
ποΈ CVE-2023-2591
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repos
ποΈ CVE-2023-2594
A vulnerability, which was classified as critical, was found in SourceCodester Food Ordering Managem
ποΈ CVE-2023-2598
A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_ur
ποΈ CVE-2023-2636
The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter be
ποΈ CVE-2023-2640
On Ubuntu kernels carrying both c914c0e27eb0 and 'UBUNTU: SAUCE: overlayfs: Skip permission checking
ποΈ CVE-2023-2648
A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects a
ποΈ CVE-2023-2650
Issue summary: Processing some specially crafted ASN.1 object identifiers ordata containing them ma
ποΈ CVE-2023-2732
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and in
ποΈ CVE-2023-2744
The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in
ποΈ CVE-2023-2766
A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some un
ποΈ CVE-2023-2779
The Social Share, Social Login and Social Comments WordPress plugin before 7.13.52 does not sanitise
ποΈ CVE-2023-2780
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1.
ποΈ CVE-2023-2796
The EventON WordPress plugin before 2.1.2 lacks authentication and authorization in its eventon_ics_
ποΈ CVE-2023-2813
All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordP
ποΈ CVE-2023-2822
A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problem
ποΈ CVE-2023-2825
An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malic
ποΈ CVE-2023-2833
The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and includ