CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2023-20699 In adsp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-20700 In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-20701 In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-21106 In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User i... | 7.8 | HIGH | — | 0 |
| CVE-2023-20703 In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not ne... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20704 In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not ne... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20705 In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not ne... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20706 In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not ne... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-51372 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HashBar – WordPress Notification Bar allows Stored XSS.This issue affects HashBar – Word... | 5.9 | MEDIUM | — | 0 |
| CVE-2023-51373 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ian Kennerley Google Photos Gallery with Shortcodes allows Reflected XSS.This issue affects Google... | 7.1 | HIGH | — | 0 |
| CVE-2023-51374 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZeroBounce ZeroBounce Email Verification & Validation allows Stored XSS.This issue affects ZeroBou... | 5.9 | MEDIUM | — | 0 |
| CVE-2023-51397 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force WP Remote Site Search allows Stored XSS.This issue affects WP Remote Site Search:... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-51399 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a thr... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-51541 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Urošević Stock Ticker allows Stored XSS.This issue affects Stock Ticker: from n/a throu... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-4674 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yaztek Software Technologies and Computer Systems E-Commerce Software allows SQL Injection.This is... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-52135 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WS Form WS Form LITE – Drag & Drop Contact Form Builder for WordPress.This issue affects WS Form L... | 7.6 | HIGH | — | 0 |
| CVE-2023-41813 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Allows you to edit the Web Console user noti... | 3.0 | LOW | — | 0 |
| CVE-2023-41814 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Through an HTML payload (iframe tag) it is p... | 3.7 | LOW | — | 0 |
| CVE-2023-41815 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Malicious code could be executed in the File... | 7.5 | HIGH | — | 0 |
| CVE-2023-44088 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. Arbitrary SQL queries were allowed to be executed using a... | 5.9 | MEDIUM | — | 0 |
| CVE-2023-44089 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). It was possible to execute malicious JS code... | 6.1 | MEDIUM | — | 0 |
| CVE-2023-50837 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Log... | 7.6 | HIGH | — | 0 |
| CVE-2023-50879 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WordPress.Com Editing Toolkit allows Stored XSS.This issue affects WordPress.Com Editin... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-50880 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The BuddyPress Community BuddyPress allows Stored XSS.This issue affects BuddyPress: from n/a thro... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-50881 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AAM Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More allows... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-50889 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder – WordPress Page Builder allows Stored XSS.This issue affec... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-50891 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoho Forms Form plugin for WordPress – Zoho Forms allows Stored XSS.This issue affects Form plugin... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-50892 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem - Creative Multi-Purpose & WooCommerce WordPress Theme allows Reflected XSS.Thi... | 7.1 | HIGH | — | 0 |
| CVE-2023-51417 Unrestricted Upload of File with Dangerous Type vulnerability in Joris van Montfort JVM Gutenberg Rich Text Icons.This issue affects JVM Gutenberg Rich Text Icons: from n/a through 1.2.3. | 9.9 | CRITICAL | — | 0 |
| CVE-2023-50893 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UpSolution Impreza – WordPress Website and WooCommerce Builder allows Reflected XSS.This issue aff... | 7.1 | HIGH | — | 0 |
| CVE-2023-51402 Cross-Site Request Forgery (CSRF) vulnerability in Brain Storm Force Ultimate Addons for WPBakery Page Builder.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through 3.19.17. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-7078 Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. If Miniflare was configured to listen on external networ... | 7.5 | HIGH | — | 0 |
| CVE-2023-7079 Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. An attacker that could ... | 6.4 | MEDIUM | — | 0 |
| CVE-2023-7080 The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. Th... | 8.5 | HIGH | — | 0 |
| CVE-2023-50878 Cross-Site Request Forgery (CSRF) vulnerability in InspireUI MStore API.This issue affects MStore API: from n/a through 4.10.1. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-51354 Cross-Site Request Forgery (CSRF) vulnerability in WebbaPlugins Appointment & Event Booking Calendar Plugin – Webba Booking.This issue affects Appointment & Event Booking Calendar Plugin – Webba Booki... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-51358 Cross-Site Request Forgery (CSRF) vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-51378 Cross-Site Request Forgery (CSRF) vulnerability in Rise Themes Rise Blocks – A Complete Gutenberg Page Builder.This issue affects Rise Blocks – A Complete Gutenberg Page Builder: from n/a through 3.1.... | 5.4 | MEDIUM | — | 0 |
| CVE-2023-51414 Deserialization of Untrusted Data vulnerability in EnvialoSimple EnvíaloSimple: Email Marketing y Newsletters.This issue affects EnvíaloSimple: Email Marketing y Newsletters: from n/a through 2.1. | 9.6 | CRITICAL | — | 0 |
| CVE-2023-51422 Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webina... | 9.9 | CRITICAL | — | 0 |
| CVE-2023-51470 Deserialization of Untrusted Data vulnerability in Jacques Malgrange Rencontre – Dating Site.This issue affects Rencontre – Dating Site: from n/a through 3.11.1. | 9.9 | CRITICAL | — | 0 |
| CVE-2023-51505 Deserialization of Untrusted Data vulnerability in realmag777 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store.This issue affects Active Products Tables for W... | 10.0 | CRITICAL | — | 0 |
| CVE-2023-51545 Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in ThemeHigh Job Manager & Career – Manage job board listings, and recruitments.This issue affects Job Manager & Care... | 9.6 | CRITICAL | — | 0 |
| CVE-2023-51676 Server-Side Request Forgery (SSRF) vulnerability in Leevio Happy Addons for Elementor.This issue affects Happy Addons for Elementor: from n/a through 3.9.1.1. | 4.9 | MEDIUM | — | 0 |
| CVE-2023-7113 Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client. | 3.7 | LOW | — | 0 |
| CVE-2023-7114 Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server. | 7.1 | HIGH | — | 0 |
| CVE-2023-51410 Unrestricted Upload of File with Dangerous Type vulnerability in WPVibes WP Mail Log.This issue affects WP Mail Log: from n/a through 1.1.2. | 9.9 | CRITICAL | — | 0 |
| CVE-2023-51411 Unrestricted Upload of File with Dangerous Type vulnerability in Shabti Kaplan Frontend Admin by DynamiApps.This issue affects Frontend Admin by DynamiApps: from n/a through 3.18.3. | 10.0 | CRITICAL | — | 0 |
| CVE-2023-51412 Unrestricted Upload of File with Dangerous Type vulnerability in Piotnet Piotnet Forms.This issue affects Piotnet Forms: from n/a through 1.0.25. | 9.0 | CRITICAL | — | 0 |
| CVE-2023-51419 Unrestricted Upload of File with Dangerous Type vulnerability in Bertha.Ai BERTHA AI. Your AI co-pilot for WordPress and Chrome.This issue affects BERTHA AI. Your AI co-pilot for WordPress and Chrome:... | 10.0 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.