VulDB is a vulnerability database documenting more than 174000 vulnerabilities since 1970. The following list shows the latest vulnerabilities threats and exploits
- CVE-2023-5232 | Font Awesome More Icons Plugin up to 3.5 on WordPress Shortcode cross site scripting
- CVE-2023-5233 | Font Awesome Integration Plugin up to 5.0 on WordPress Shortcode cross site scripting
- CVE-2023-5231 | Magic Action Box Plugin up to 2.17.2 on WordPress Shortcode cross site scripting
- CVE-2023-5230 | TM WooCommerce Compare & Wishlist Plugin up to 1.1.7 on WordPress Shortcode cross site scripting
- CVE-2023-41956 | Simple Membership Plugin up to 4.3.4 on WordPress password recovery
- CVE-2023-5236 | Red Hat Infinispan denial of service
- CVE-2023-5224 | rpminspect rpminspect-fedora default permission
- CVE-2023-4535 | OpenSC up to 0.23.x MyEID Driver out-of-bounds
- CVE-2023-40661 | OpenSC 0.23.x pkcs15-init memory corruption
- CVE-2023-40660 | OpenSC up to 0.23.0 PIN improper authentication
- CVE-2023-40475 | GStreamer MXF File Parser integer overflow (ZDI-23-1457)
- CVE-2023-40476 | GStreamer Parsing stack-based overflow (ZDI-23-1458)
- CVE-2023-40474 | GStreamer MXF File Parser integer overflow (ZDI-23-1456)
- CVE-2023-43040 | Ceph RGW Bucket rgw_rest_s3.cc get_params access control
- CVE-2023-5184 | zephyrproject-rtos Zephyr IPM Driver signed to unsigned conversion error (GHSA-8x3p-q3r5-xh9g)
- CVE-2023-43652 | JumpServer up to 2.28.19/3.7.0 KoKo authorization (GHSA-fr8h-xh5x-r8g9)
- CVE-2023-43650 | JumpServer prior 2.28.20/3.7.1 password recovery (GHSA-mwx4-8fwc-2xvw)
- CVE-2023-33972 | Scylladb privileges management (GHSA-ww5v-p45p-3vhq)
- CVE-2023-42822 | xrdp up to 0.9.23.0 xrdp_painter.c out-of-bounds (GHSA-2hjx-rm4f-r9hw)
- CVE-2023-20253 | Cisco Catalyst SD-WAN Manager Command Line Interface Parser access control (cisco-sa-sdwan-vman-sc-LRLfu2z)
- CVE-2023-20254 | Cisco Catalyst SD-WAN Manager Session Management System improper authorization (cisco-sa-sdwan-vman-sc-LRLfu2z)
- CVE-2023-20252 | Cisco Catalyst SD-WAN Manager SAML API improper authentication (cisco-sa-sdwan-vman-sc-LRLfu2z)
- CVE-2023-20034 | Cisco Catalyst SD-WAN Manager Elasticsearch Database information disclosure (cisco-sa-sdwan-vman-sc-LRLfu2z)
- CVE-2023-20262 | Cisco Catalyst SD-WAN Manager SSH Service denial of service (cisco-sa-sdwan-vman-sc-LRLfu2z)
- CVE-2023-20179 | Cisco SD-WAN vManage Web-based Management Interface cross site scripting (cisco-sa-vmanage-html-3ZKh8d6x)
- CVE-2023-20223 | Cisco DNA Center API access control (cisco-sa-dnac-ins-acc-con-nHAVDRBZ)
- CVE-2023-20227 | Cisco IOS XE Layer 2 Tunneling Protocol denial of service (cisco-sa-ios-xe-l2tp-dos-eB5tuFmV)
- CVE-2023-20187 | Cisco IOS XE on ASR 1000 IPv6 Multicast denial of service (cisco-sa-mlre-H93FswRz)
- CVE-2023-20186 | Cisco IOS/IOS XE AAA improper authentication (cisco-sa-aaascp-Tyj4fEJm)
- CVE-2023-20109 | Cisco IOS/IOS XE Group Encrypted Transport VPN Privilege Escalation (cisco-sa-getvpn-rce-g8qR68sx)
- CVE-2023-20268 | Cisco Access Point resource consumption (cisco-sa-ap-dos-capwap-DDMCZS4m)
- CVE-2023-20176 | Cisco Catalyst 9100 denial of service (cisco-sa-click-ap-dos-wdcXkvnQ)
- CVE-2023-20202 | Cisco IOS XE Network Request denial of service (cisco-sa-wlc-wncd-HFGMsfSD)
- CVE-2023-20033 | Cisco IOS XE on Catalyst Management Interface denial of service (cisco-sa-cat3k-dos-ZZA4Gb3r)
- CVE-2023-20251 | Cisco Wireless LAN Controller AireOS denial of service (cisco-sa-cbw-dos-YSmbUqX3)
- CVE-2023-20226 | Cisco IOS XE Application Quality of Experience denial of service (cisco-sa-appqoe-utd-dos-p8O57p5y)
- CVE-2023-41861 | Restrict Plugin up to 2.2.4 on WordPress cross site scripting
- CVE-2023-41860 | TravelMap Plugin up to 1.0.1 on WordPress cross site scripting
- CVE-2023-41653 | Beplus Sermon Sermons Online Plugin up to 1.0.0 on WordPress cross site scripting
- CVE-2023-40605 | 93digital Typing Effect Plugin up to 1.3.6 on WordPress cross site scripting
- CVE-2023-30493 | Themefic Ultimate Addons for Contact Form 7 Plugin up to 3.2.0 on WordPress cross site scripting
- CVE-2023-28490 | Estatik Mortgage Calculator Plugin up to 2.0.7 on WordPress cross site scripting
- CVE-2023-27617 | David F. Carr RSVPMaker Plugin up to 10.6.6 on WordPress cross site scripting
- CVE-2023-43263 | Froala Editor 4.1.1 Markdown cross site scripting
- CVE-2023-44207 | Acronis Cyber Protect 15 Protection Plan Name cross site scripting
- CVE-2023-35793 | Cassia Access Controller 2.1.1.2303271039 Web SSH Session cross-site request forgery
- CVE-2023-43857 | Dreamer CMS 4.1.3 /admin/u/toIndex cross site scripting
- CVE-2023-44157 | Acronis Cyber Protect 15 default permission
- CVE-2023-42486 | Fortect unquoted search path
- CVE-2023-41986 | Apple macOS File System access control
- CVE-2023-41986 | Apple iOS/iPadOS File System access control
- CVE-2023-41980 | Apple macOS permission
- CVE-2023-41980 | Apple iOS/iPadOS permission
- CVE-2023-41979 | Apple macOS 13 File System race condition
- CVE-2023-41311 | Huawei EMUI/Magic UI Audio Module permission
- CVE-2023-41079 | Apple macOS 13 permission
- CVE-2023-41078 | Apple macOS 13 improper authorization
- CVE-2023-41067 | Apple macOS 13 Gatekeeper Local Privilege Escalation
- CVE-2023-40450 | Apple macOS 13 Gatekeeper access control
- CVE-2023-40435 | Apple Xcode 14 App Store Credentials access control
- CVE-2023-40434 | Apple macOS Photo Library access control
- CVE-2023-40434 | Apple iOS/iPadOS Photo Library access control
- CVE-2023-40428 | Apple iOS/iPadOS Cache access control
- CVE-2023-40426 | Apple macOS 13 Restrictions permission
- CVE-2023-40424 | Apple watchOS access control
- CVE-2023-40424 | Apple iOS/iPadOS access control
- CVE-2023-40422 | Apple macOS 13 denial of service
- CVE-2023-40419 | Apple watchOS Local Privilege Escalation
- CVE-2023-40419 | Apple iOS/iPadOS Local Privilege Escalation
- CVE-2023-40406 | Apple macOS information disclosure
- CVE-2023-40402 | Apple macOS 13 permission
- CVE-2023-40386 | Apple macOS 13 Notes Attachment temp file
- CVE-2023-39378 | SiberianCMS sql injection
- CVE-2023-39376 | SiberianCMS access control
- CVE-2023-39375 | SiberianCMS insufficient privileges
- CVE-2023-32421 | Apple macOS 13 temp file
- CVE-2023-30959 | Palantir Apollo Comment cross site scripting
- CVE-2023-23495 | Apple macOS 13 information disclosure
- CVE-2023-44161 | Acronis Cyber Protect 15 cross-site request forgery
- CVE-2023-44160 | Acronis Cyber Protect 15 cross-site request forgery
- CVE-2023-43856 | Dreamer CMS 4.1.3 TemplateController.java path traversal
- CVE-2023-40443 | Apple iOS/iPadOS up to 16.x Local Privilege Escalation
- CVE-2023-40431 | Apple iOS/iPadOS up to 16.x memory corruption
- CVE-2023-38615 | Apple macOS 13 memory corruption
- CVE-2023-32377 | Apple macOS 13 buffer overflow
- CVE-2023-43614 | Welcart e-Commerce up to 2.8.21 Order Data Edit Page cross site scripting
- CVE-2023-43484 | Welcart e-Commerce up to 2.8.21 Item List Page cross site scripting
- CVE-2023-40399 | Apple tvOS Kernel Memory memory corruption
- CVE-2023-40399 | Apple iOS/iPadOS Kernel Memory memory corruption
- CVE-2023-40391 | Apple macOS memory corruption
- CVE-2023-40391 | Apple iOS/iPadOS memory corruption
- CVE-2021-38243 | xunruicms up to 4.5.1 Privilege Escalation
- CVE-2023-43125 | F5 BIG-IP APM VPN Tunnel cleartext transmission (K000136909)