The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2023-4642 | The kk Star Ratings WordPress plugin before 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition. | -- | Nov 27, 2023 | n/a |
| CVE-2023-4641 | A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. | -- | Sep 1, 2023 | n/a |
| CVE-2023-4640 | The controller responsible for setting the logging level does not include any authorization checks to ensure the user is authenticated. This can be seen by noting that it extends Controller rather than AuthenticatedController and includes no further checks. This issue affects YugabyteDB Anywhere: from 2.0.0 through 2.17.3 | -- | Aug 31, 2023 | n/a |
| CVE-2023-4637 | The WPvivid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the restore() and get_restore_progress() function in versions up to, and including, 0.9.94. This makes it possible for unauthenticated attackers to invoke these functions and obtain full file paths if they have access to a back-up ID. | -- | Feb 6, 2024 | n/a |
| CVE-2023-4636 | The WordPress File Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | -- | Sep 5, 2023 | n/a |
| CVE-2023-4635 | The EventON plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \'tab\' parameter in versions up to, and including, 2.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | -- | Oct 21, 2023 | n/a |
| CVE-2023-4634 | The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the \'mla_stream_file\' parameter from the ~/includes/mla-stream-image.php file, where images are processed via Imagick(). This makes it possible for unauthenticated attackers to supply files via FTP that will make directory lists, local file inclusion, and remote code execution possible. | -- | Sep 7, 2023 | n/a |
| CVE-2023-4632 | An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges. | -- | Nov 9, 2023 | n/a |
| CVE-2023-4631 | The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing. | -- | Sep 26, 2023 | n/a |
| CVE-2023-4630 | An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which any user can read limited information about any project\'s imports. | -- | Sep 11, 2023 | n/a |
| CVE-2023-4629 | The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the save_config() function in versions up to, and including, 4.3. This makes it possible for unauthenticated attackers to update the \'ladipage_config\' option via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | -- | Mar 12, 2024 | n/a |
| CVE-2023-4628 | The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the ladiflow_save_hook() function in versions up to, and including, 4.4. This makes it possible for unauthenticated attackers to update the \'ladiflow_hook_configs\' option via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | -- | Mar 12, 2024 | n/a |
| CVE-2023-4627 | The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_config() function in versions up to, and including, 4.4. This makes it possible for authenticated attackers with subscriber-level access and above to update the \'ladipage_config\' option. | -- | Mar 12, 2024 | n/a |
| CVE-2023-4626 | The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ladiflow_save_hook() function in versions up to, and including, 4.3. This makes it possible for authenticated attackers with subscriber-level access and above to update the \'ladiflow_hook_configs\' option. | -- | Mar 12, 2024 | n/a |
| CVE-2023-4625 | Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F/iQ-R Series CPU modules Web server function allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a certain period after the attacker has attempted to log in illegally by continuously attempting unauthorized login to the Web server function. The impact of this vulnerability will persist while the attacker continues to attempt unauthorized login. | -- | Nov 6, 2023 | n/a |
| CVE-2023-4624 | Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08. | -- | Aug 30, 2023 | n/a |
| CVE-2023-4623 | A use-after-free vulnerability in the Linux kernel\'s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free. We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f. | -- | Sep 7, 2023 | n/a |
| CVE-2023-4622 | A use-after-free vulnerability in the Linux kernel\'s af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer\'s recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c. | -- | Sep 7, 2023 | n/a |
| CVE-2023-4621 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4569. | -- | Nov 7, 2023 | n/a |
| CVE-2023-4620 | The Booking Calendar WordPress plugin before 9.7.3.1 does not sanitize and escape some of its booking from data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against administrators | -- | Oct 16, 2023 | n/a |
| CVE-2023-4616 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user. | -- | Sep 5, 2023 | n/a |
| CVE-2023-4615 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/download/updateFile endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user. | -- | Sep 5, 2023 | n/a |
| CVE-2023-4614 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. | -- | Sep 5, 2023 | n/a |
| CVE-2023-4613 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/settings/upload endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. | -- | Sep 5, 2023 | n/a |
| CVE-2023-4612 | Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. It is unknown whether in new versions the issue will be fixed. For the date of publication there is no patch, and the vendor does not treat it as a vulnerability. | -- | Nov 9, 2023 | n/a |
| CVE-2023-4611 | A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak. | -- | Aug 29, 2023 | n/a |
| CVE-2023-4610 | Rejected reason: The SRCU code was added in upstream kernel v6.4-rc1 and removed before v6.4. This bug only existed in development kernels. Please see https://lore.kernel.org/all/ZTKVfoQZplpB8rki@casper.infradead.org and https://bugzilla.suse.com/show_bug.cgi?id=1215932 for more information. | -- | Oct 6, 2023 | n/a |
| CVE-2023-4609 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | -- | Nov 7, 2023 | n/a |
| CVE-2023-4608 | An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command. This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected. | -- | Oct 25, 2023 | n/a |
| CVE-2023-4607 | An authenticated XCC user can change permissions for any user through a crafted API command. | -- | Oct 25, 2023 | n/a |
| CVE-2023-4606 | An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command. This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected. | -- | Oct 25, 2023 | n/a |
| CVE-2023-4605 | A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an unauthenticated API endpoint to retrieve system event information. | -- | Apr 8, 2024 | n/a |
| CVE-2023-4603 | The Star CloudPRNT for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \'printersettings\' parameter in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | -- | Nov 14, 2023 | n/a |
| CVE-2023-4602 | The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \'course_id\' parameter in versions up to, and including, 2.6.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | -- | Nov 15, 2023 | n/a |
| CVE-2023-4601 | A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. This affects NI System Configuration 2023 Q3 and all previous versions. | -- | Oct 19, 2023 | n/a |
| CVE-2023-4600 | The AffiliateWP for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \'affwp_activate_addons_page_plugin\' function called via an AJAX action in versions up to, and including, 2.14.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to activate arbitrary plugins. | -- | Aug 31, 2023 | n/a |
| CVE-2023-4599 | The Slimstat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \'eeb_mailto\' shortcode in versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | -- | Aug 30, 2023 | n/a |
| CVE-2023-4598 | The Slimstat Analytics plugin for WordPress is vulnerable to SQL Injection via the plugin\'s shortcode in versions up to, and including, 5.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | -- | Oct 20, 2023 | n/a |
| CVE-2023-4597 | The Slimstat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \'slimstat\' shortcode in versions up to, and including, 5.0.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | -- | Aug 30, 2023 | n/a |
| CVE-2023-4596 | The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\'s server which may make remote code execution possible. | -- | Aug 30, 2023 | n/a |
| CVE-2023-4595 | An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca. | -- | Nov 24, 2023 | n/a |
| CVE-2023-4594 | Stored XSS vulnerability. This vulnerability could allow an attacker to store a malicious JavaScript payload via GET and POST methods on multiple parameters in the MailAdmin_dll.htm file. | -- | Nov 24, 2023 | n/a |
| CVE-2023-4593 | Path traversal vulnerability whose exploitation could allow an authenticated remote user to bypass SecurityManager\'s intended restrictions and list a parent directory via any filename, such as a multiple ..%2F value affecting the \'dodoc\' parameter in the /MailAdmin_dll.htm file. | -- | Nov 24, 2023 | n/a |
| CVE-2023-4592 | A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an authenticated user, resulting in a session hijacking. | -- | Nov 3, 2023 | n/a |
| CVE-2023-4591 | A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion (LFI) via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the loading of a PHP file on the server, leading to a critical webshell exploit. | -- | Nov 3, 2023 | n/a |
| CVE-2023-4590 | Buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers. | -- | Nov 27, 2023 | n/a |
| CVE-2023-4589 | Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update. | -- | Sep 7, 2023 | n/a |
| CVE-2023-4588 | File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application\'s webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text. | -- | Sep 7, 2023 | n/a |
| CVE-2023-4587 | An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network or through a VPN server. | -- | Sep 5, 2023 | n/a |
| CVE-2023-4586 | A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack. | -- | Oct 4, 2023 | n/a |
