Search Results (363618 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-32637 1 Gmod 1 Gbrowse 2024-11-21 9.8 Critical
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server.
CVE-2023-32635 1 Edinet-fsa 1 Xbrl Data Create 2024-11-21 5.5 Medium
XBRL data create application version 7.0 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XBRL file, arbitrary files on the system may be read by an attacker.
CVE-2023-32626 2 Elecom, Logitec 6 Lan-w300n\/pr5, Lan-w300n\/pr5 Firmware, Lan-w300n\/rs and 3 more 2024-11-21 9.8 Critical
Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all versions allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands.
CVE-2023-32619 1 Tp-link 4 Archer C50 V3, Archer C50 V3 Firmware, Archer C55 and 1 more 2024-11-21 8.8 High
Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command.
CVE-2023-32618 1 Intel 1 Oneapi 2024-11-21 6.7 Medium
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-32617 1 Intel 46 Compute Stick Stk2mv64cc, Compute Stick Stk2mv64cc Firmware, Nuc 7 Enthusiast Nuc7i7bnhxg and 43 more 2024-11-21 8.2 High
Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-32609 1 Intel 1 Unite 2024-11-21 5 Medium
Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2023-32603 1 Rednao 1 Smart Donations 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao Donations Made Easy – Smart Donations plugin <= 4.0.12 versions.
CVE-2023-32600 1 Rankmath 1 Seo 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rank Math SEO plugin <= 1.0.119 versions.
CVE-2023-32598 1 Shooflysolutions 1 Featured Image Pro Post Grid 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in A. R. Jones Featured Image Pro Post Grid plugin <= 5.14 versions.
CVE-2023-32597 1 I13websolution 1 Video Gallery 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Video Gallery plugin <= 1.0.10 versions.
CVE-2023-32596 1 Wolfgangertl 1 Weebotlite 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wolfgang Ertl weebotLite plugin <= 1.0.0 versions.
CVE-2023-32595 1 Palasthotel 1 Sunny Search 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Palasthotel by Edward Bock, Katharina Rompf Sunny Search plugin <= 1.0.2 versions.
CVE-2023-32591 1 Cloudprimero 1 Dbargain 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cloud Primero B.V DBargain plugin <= 3.0.0 versions.
CVE-2023-32588 1 Brandbrilliance 1 Post State Tags 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in BRANDbrilliance Post State Tags plugin <= 2.0.6 versions.
CVE-2023-32584 1 Ebecas 1 Ebecas 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in John Newcombe eBecas plugin <= 3.1.3 versions.
CVE-2023-32583 1 Walkeprashant 1 Wp All Backup 2024-11-21 6.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Prashant Walke WP All Backup plugin <= 2.4.3 versions.
CVE-2023-32582 1 Don8 Project 1 Don8 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kyle Maurer Don8 plugin <= 0.4 versions.
CVE-2023-32580 1 Wpexperts 1 Password Protected 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPExperts Password Protected plugin <= 2.6.2 versions.
CVE-2023-32578 1 Column-matic Project 1 Column-matic 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Twinpictures Column-Matic plugin <= 1.3.3 versions.