Export limit exceeded: 14548 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10318 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10318 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33668 | 1 Digiexam | 1 Digiexam | 2024-11-21 | 9.8 Critical |
| DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access PII and takeover accounts on shared computers. | ||||
| CVE-2023-33534 | 2 Guanzhou Tozed Kangwei Intelligent Technology, Sztozed | 3 Zlts10g, Zlt S10g, Zlt S10g Firmware | 2024-11-21 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) in Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G software version S10G_3.11.6 allows attackers to takeover user accounts via sending a crafted POST request to /goform/goform_set_cmd_process. | ||||
| CVE-2023-33316 | 1 Woocommerce | 1 Automatewoo | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 versions. | ||||
| CVE-2023-33315 | 1 Wandlesoftware | 1 Smart App Banner | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Stephen Darlington, Wandle Software Limited Smart App Banner plugin <= 1.1.2 versions. | ||||
| CVE-2023-33313 | 1 Themeinprogress | 1 Wip Custom Login | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeinProgress WIP Custom Login plugin <= 1.2.9 versions. | ||||
| CVE-2023-33212 | 1 Crocoblock | 1 Jetformbuilder | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin <= 3.0.6 versions. | ||||
| CVE-2023-32964 | 1 Madewithfuel | 1 Better Notifications For Wp | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Made with Fuel Better Notifications for WP plugin <= 1.9.2 versions. | ||||
| CVE-2023-32960 | 1 Updraftplus | 1 Updraftplus | 2024-11-21 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin <= 1.23.3 versions leads to sitewide Cross-Site Scripting (XSS). | ||||
| CVE-2023-32792 | 1 Nxlog | 1 Nxlog Manager | 2024-11-21 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. The vulnerability is based on the absence of proper validation of the origin of incoming requests. | ||||
| CVE-2023-32791 | 1 Nxlog | 1 Nxlog Manager | 2024-11-21 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to manipulate and delete user accounts within the platform by sending a specifically crafted query to the server. The vulnerability is based on the lack of proper validation of the origin of incoming requests. | ||||
| CVE-2023-32761 | 1 Archerirm | 1 Archer | 2024-11-21 | 8.1 High |
| Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execute arbitrary code via a crafted request. | ||||
| CVE-2023-32588 | 1 Brandbrilliance | 1 Post State Tags | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in BRANDbrilliance Post State Tags plugin <= 2.0.6 versions. | ||||
| CVE-2023-32583 | 1 Walkeprashant | 1 Wp All Backup | 2024-11-21 | 6.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Prashant Walke WP All Backup plugin <= 2.4.3 versions. | ||||
| CVE-2023-32475 | 1 Dell | 80 Alienware Aurora R10, Alienware Aurora R10 Firmware, Alienware Aurora R15 Amd and 77 more | 2024-11-21 | 7.6 High |
| Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system. | ||||
| CVE-2023-32124 | 1 Arulprasadj | 1 Publish Confirm Message | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Publish Confirm Message plugin <= 1.3.1 versions. | ||||
| CVE-2023-32104 | 1 Target-info | 1 Mycurator Content Curation | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Mark Tilly MyCurator Content Curation plugin <= 3.74 versions. | ||||
| CVE-2023-32091 | 1 Poeditor | 1 Poeditor | 2024-11-21 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in POEditor plugin <= 0.9.4 versions. | ||||
| CVE-2023-31452 | 1 Paessler | 1 Prtg Network Monitor | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) token bypass was identified in PRTG 23.2.84.1566 and earlier versions that allows remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request. This could force PRTG to execute different actions, such as creating new users. The severity of this vulnerability is high and received a score of 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | ||||
| CVE-2023-31439 | 1 Systemd Project | 1 Systemd | 2024-11-21 | 5.3 Medium |
| An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." | ||||
| CVE-2023-31438 | 1 Systemd Project | 1 Systemd | 2024-11-21 | 5.3 Medium |
| An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." | ||||