Search Results (363609 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-32543 1 Intel 1 Intelligent Test System 2024-11-21 6.7 Medium
Incorrect default permissions in the Intel(R) ITS sofware before version 3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-32516 1 Oracle 1 Restaurant Menu - Food Ordering System - Table Reservation 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation plugin <= 2.3.6 versions.
CVE-2023-32511 1 Bookingultrapro 1 Booking Ultra Pro Appointments Booking Calendar 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.8 versions.
CVE-2023-32510 1 Cagewebdev 1 Order Your Posts Manually 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin <= 2.2.5 versions.
CVE-2023-32509 1 Cagewebdev 1 Order Your Posts Manually 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin <= 2.2.5 versions.
CVE-2023-32505 1 Ciphercoin 1 Easy Hide Login 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Arshid Easy Hide Login plugin <= 1.0.7 versions.
CVE-2023-32503 1 Gtmetrix 1 Gtmetrix 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.6 versions.
CVE-2023-32499 1 Netmix 1 Radio Station 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tony Zeoli, Tony Hayes Radio Station by netmix® – Manage and play your Show Schedule in WordPress! plugin <= 2.4.0.9 versions.
CVE-2023-32498 1 Ays-pro 1 Easy Form 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Easy Form team Easy Form by AYS plugin <= 1.2.0 versions.
CVE-2023-32497 1 Supersoju 1 Block Referer Spam 2024-11-21 5.1 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Supersoju Block Referer Spam plugin <= 1.1.9.4 versions.
CVE-2023-32496 1 Stopbadbots 1 Block Bad Bots And Stop Bad Bots Crawlers And Spiders And Anti Spam Protection 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bill Minozzi Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin <= 7.31 versions.
CVE-2023-32485 1 Dell 1 Smartfabric Storage Software 2024-11-21 9.8 Critical
Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity.
CVE-2023-32483 1 Dell 1 Wyse Management Suite 2024-11-21 4.4 Medium
Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files.
CVE-2023-32482 1 Dell 1 Wyse Management Suite 2024-11-21 4.9 Medium
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group.
CVE-2023-32481 1 Dell 1 Wyse Management Suite 2024-11-21 4.9 Medium
Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An authenticated malicious user can flood the configured SMTP server with numerous requests in order to deny access to the system.
CVE-2023-32479 2 Dell, Microsoft 4 Encryption, Endpoint Security Suite Enterprise, Security Management Server and 1 more 2024-11-21 6.7 Medium
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by replacing binaries in installed directory and taking reverse shell of the system leading to Privilege Escalation.
CVE-2023-32478 1 Dell 1 Powerstoreos 2024-11-21 9 Critical
Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log file vulnerability. A high privileged malicious user could potentially exploit this vulnerability, leading to sensitive information disclosure.
CVE-2023-32477 1 Dell 1 Common Event Enabler 2024-11-21 7.8 High
Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A local low-privileged malicious user may potentially exploit this vulnerability to gain elevated privileges.
CVE-2023-32476 1 Dell 1 Hybrid Client 2024-11-21 6.4 Medium
Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files.
CVE-2023-32475 1 Dell 80 Alienware Aurora R10, Alienware Aurora R10 Firmware, Alienware Aurora R15 Amd and 77 more 2024-11-21 7.6 High
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.