Search Results (366753 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-27470 2 Microsoft, N-able 2 Windows, Take Control 2024-11-21 7.0 High
BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion.
CVE-2023-27465 1 Siemens 26 Simotion C240, Simotion C240 Firmware, Simotion C240 Pn and 23 more 2024-11-21 4.6 Medium
A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D445-2 DP/PN (All versions >= V5.4), SIMOTION D445-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D455-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION P320-4 E (All versions >= V5.4), SIMOTION P320-4 S (All versions >= V5.4). When operated with Security Level Low the device does not protect access to certain services relevant for debugging. This could allow an unauthenticated attacker to extract confidential technology object (TO) configuration from the device.
CVE-2023-27461 1 Yoohooplugins 1 When Last Login 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Yoohoo Plugins When Last Login plugin <= 1.2.1 versions.
CVE-2023-27458 1 Wpstream 1 Wpstream 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpstream WpStream plugin <= 4.4.10 versions.
CVE-2023-27457 1 Passionatebrains 1 Add Expires Headers \& Optimized Minify 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Passionate Brains Add Expires Headers & Optimized Minify plugin <= 2.7 versions.
CVE-2023-27452 1 Wow-estore 1 Button Generator - Easily Button Builder 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wow-Company Button Generator – easily Button Builder plugin <= 2.3.3 versions.
CVE-2023-27451 1 Connekthq 1 Instant Images 2024-11-21 7.2 High
Server-Side Request Forgery (SSRF) vulnerability in Darren Cooney Instant Images plugin <= 5.1.0.2 versions.
CVE-2023-27450 1 Te-st 1 Leyka 2024-11-21 7.1 High
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.29.2 versions.
CVE-2023-27448 1 Makestories 1 Makestories \(for Google Web Stories\) 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in MakeStories Team MakeStories (for Google Web Stories) plugin <= 2.8.0 versions.
CVE-2023-27446 1 Fluenx 1 Deepl Pro Api Translation 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Fluenx DeepL API translation plugin <= 2.1.4 versions.
CVE-2023-27445 1 Meril 1 Blog Floating Button 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Meril Inc. Blog Floating Button plugin <= 1.4.12 versions.
CVE-2023-27444 1 Perfops 1 Decalog 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Pierre Lannoy / PerfOps One DecaLog plugin <= 3.7.0 versions.
CVE-2023-27443 1 Simple Vimeo Shortcode Project 1 Simple Vimeo Shortcode 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Grant Kimball Simple Vimeo Shortcode plugin <= 2.9.1 versions.
CVE-2023-27442 1 Techsoupeurope 1 Leyka 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.29.2 versions.
CVE-2023-27441 1 New Adman Project 1 New Adman 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in gl_SPICE New Adman plugin <= 1.6.8 versions.
CVE-2023-27439 1 New Adman Project 1 New Adman 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gl_SPICE New Adman plugin <= 1.6.8 versions.
CVE-2023-27438 1 Yur4enko 1 Wp Translitera 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Evgen Yurchenko WP Translitera plugin <= p1.2.5 versions.
CVE-2023-27436 1 Breakdance 1 Elegant Custom Fonts 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Louis Reingold Elegant Custom Fonts plugin <= 1.0 versions.
CVE-2023-27435 1 Yasglobal 1 Http Auth 2024-11-21 6.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed Siddiqui HTTP Auth plugin <= 0.3.2 versions.
CVE-2023-27433 1 Yasglobal 1 Make Paths Relative 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Make Paths Relative allows Cross Site Request Forgery.This issue affects Make Paths Relative: from n/a through 1.3.0.