CVE Vulnerability

Home » CVE’s

CVE’s

CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2023-25126
2023-02-03
N/A
N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2023. Notes: none.
CVE-2023-25125
2023-02-03
N/A
N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2023. Notes: none.
CVE-2023-25066
Foliovision, Fv Flowplayer Video Player
Foliopress_wysiwyg, Fv_flowplayer_video_player, Fv_wordpress_flowplayer_plugin
2023-02-22
N/A
8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.30.7212 versions.
CVE-2023-25065
Shapedplugin, Wp Tabs
Location_weather, Logo_carousel, Post_grid,_post_carousel,_&_list_category_posts, Product_slider_for_woocommerce, Real_testimonials, Wp_tabs
2023-02-22
N/A
8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin <= 2.1.14 versions.
CVE-2023-25016
Couchbase, Couchbase Server
Bleve, Cloud_native_operator, Couchbase_server, Couchbase_server_java_sdk, Server, Sync_gateway
2023-02-14
N/A
7.5 HIGH
Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive Information to an Unauthorized Actor.
CVE-2023-25015
Rails, Rubyonrails
Actionpack, Actionpack_page-caching, Actionview, Active_job, Active_record_session_store, Active_resource, Active_storage, Globalid, Html_sanitizer, Jquery-rails
2023-02-09
N/A
6.5 MEDIUM
Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF.
CVE-2023-25014
Femanager, In2code
Femanager, Living_user_experience, Powermail
2023-02-10
N/A
7.5 HIGH
An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to delete all frontend users.
CVE-2023-25013
Femanager, In2code
Femanager, Living_user_experience, Powermail
2023-02-10
N/A
7.5 HIGH
An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in the InvitationController allow an unauthenticated user to set the password of all frontend users.
CVE-2023-25012
Linux
Acrn, Audit, Dhcp6c, Direct_connect, Infiniband_hfi1_driver, Ipsec_tools_racoon_daemon, Kernel, Layer_2_tunneling_protocol, Linux_kernel, Linux_kernel_i40e/i40evf
2023-02-09
N/A
4.6 MEDIUM
The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.
CVE-2023-25011
2023-02-23
N/A
7.8 HIGH
PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges.
1 11,098 11,099 11,100 11,101 11,102 11,258