Search Results (363315 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-26119 1 Htmlunit 1 Htmlunit 2024-11-21 9.8 Critical
Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage.
CVE-2023-26095 1 Stormshield 1 Stormshield Network Security 2024-11-21 7.5 High
ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet.
CVE-2023-26077 2 Atera, Microsoft 2 Atera, Windows 2024-11-21 7.8 High
Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions.
CVE-2023-26026 1 Ibm 1 Cloud Pak For Data 2024-11-21 5.3 Medium
Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896.
CVE-2023-26024 1 Ibm 1 Planning Analytics On Cloud Pak For Data 2024-11-21 6.5 Medium
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898.
CVE-2023-26023 1 Ibm 1 Cloud Pak For Data 2024-11-21 6.5 Medium
Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896.
CVE-2023-25989 1 Mekshq 10 Meks Audio Player, Meks Easy Ads Widget, Meks Easy Maps and 7 more 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup.
CVE-2023-25986 1 Paygreen 1 Paygreen - Ancienne 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WattIsIt PayGreen – Ancienne version plugin <= 4.10.2 versions.
CVE-2023-25984 1 Rigorous-digital 1 Dovetail 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rigorous & Factory Pattern Dovetail plugin <= 1.2.13 versions.
CVE-2023-25981 1 Themekraft 1 Post Form 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form plugin <= 2.8.1 versions.
CVE-2023-25980 1 Cagewebdev 1 Optimize Database After Deleting Revisions 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in CAGE Web Design | Rolf van Gelder Optimize Database after Deleting Revisions plugin <= 5.1 versions.
CVE-2023-25978 1 Mindutopia 1 Protected Posts Logout Button 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nate Reist Protected Posts Logout Button plugin <= 1.4.5 versions.
CVE-2023-25976 1 Crmperks 1 Integration For Contact Form 7 And Zoho Crm\, Bigin 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.2.2 versions.
CVE-2023-25974 1 Wp2syslog Project 1 Wp2syslog 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in psicosi448 wp2syslog plugin <= 1.0.5 versions.
CVE-2023-25972 1 Iksweb 1 Wordpress Ctapt 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in IKSWEB WordPress Старт plugin <= 3.7 versions.
CVE-2023-25968 1 Cozmoslabs 1 Client Portal 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, Madalin Ungureanu, Antohe Cristian Client Portal – Private user pages and login plugin <= 1.1.8 versions.
CVE-2023-25964 1 Designextreme 1 We\'re Open\! 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Noah Hearle, Design Extreme We’re Open! plugin <= 1.46 versions.
CVE-2023-25963 1 Joomsky 1 Js Job Manager 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.
CVE-2023-25956 1 Apache 1 Apache-airflow-providers-amazon 2024-11-21 7.5 High
Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1.
CVE-2023-25952 2 Intel, Microsoft 3 Arc A Graphics, Iris Xe Graphics, Windows 2024-11-21 6.1 Medium
Out-of-bounds write in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable denial of service via local access.