Search Results (367104 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-32575 1 Woocommerce 1 Woocommerce 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin <= 1.3.25 versions.
CVE-2023-32572 1 Purestorage 1 Purity\/\/fa 2024-11-21 6.5 Medium
A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection.
CVE-2023-32567 1 Ivanti 1 Avalanche 2024-11-21 9.8 Critical
Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236
CVE-2023-32566 1 Ivanti 1 Avalanche 2024-11-21 9.1 Critical
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1.
CVE-2023-32565 1 Ivanti 1 Avalanche 2024-11-21 9.1 Critical
An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1.
CVE-2023-32564 1 Ivanti 1 Avalanche 2024-11-21 9.8 Critical
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution.
CVE-2023-32547 3 Intel, Mavinci Desktop Software For Intel Falcon 8 Plus, Topconpositioning 3 Falcon 8\+, Mavinci Desktop Software For Intel Falcon 8 Plus, Mavinci Desktop 2024-11-21 6.7 Medium
Incorrect default permissions in the MAVinci Desktop Software for Intel(R) Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-32543 1 Intel 1 Intelligent Test System 2024-11-21 6.7 Medium
Incorrect default permissions in the Intel(R) ITS sofware before version 3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-32516 1 Oracle 1 Restaurant Menu - Food Ordering System - Table Reservation 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation plugin <= 2.3.6 versions.
CVE-2023-32511 1 Bookingultrapro 1 Booking Ultra Pro Appointments Booking Calendar 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.8 versions.
CVE-2023-32510 1 Cagewebdev 1 Order Your Posts Manually 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin <= 2.2.5 versions.
CVE-2023-32509 1 Cagewebdev 1 Order Your Posts Manually 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin <= 2.2.5 versions.
CVE-2023-32505 1 Ciphercoin 1 Easy Hide Login 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Arshid Easy Hide Login plugin <= 1.0.7 versions.
CVE-2023-32503 1 Gtmetrix 1 Gtmetrix 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.6 versions.
CVE-2023-32499 1 Netmix 1 Radio Station 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tony Zeoli, Tony Hayes Radio Station by netmix® – Manage and play your Show Schedule in WordPress! plugin <= 2.4.0.9 versions.
CVE-2023-32498 1 Ays-pro 1 Easy Form 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Easy Form team Easy Form by AYS plugin <= 1.2.0 versions.
CVE-2023-32497 1 Supersoju 1 Block Referer Spam 2024-11-21 5.1 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Supersoju Block Referer Spam plugin <= 1.1.9.4 versions.
CVE-2023-32496 1 Stopbadbots 1 Block Bad Bots And Stop Bad Bots Crawlers And Spiders And Anti Spam Protection 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bill Minozzi Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin <= 7.31 versions.
CVE-2023-32485 1 Dell 1 Smartfabric Storage Software 2024-11-21 9.8 Critical
Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity.
CVE-2023-32483 1 Dell 1 Wyse Management Suite 2024-11-21 4.4 Medium
Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files.