CVE-2023-5689
Cross-site Scripting (XSS) – DOM in GitHub repository modoboa/modoboa prior to 2.2.2.
Source: CVE-2023-5689
CVE-2023-5689
Cross-site Scripting (XSS) – DOM in GitHub repository modoboa/modoboa prior to 2.2.2.
Source: CVE-2023-5689
CVE-2023-5686
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
Source: CVE-2023-5686
CVE-2023-5687
Cross-Site Request Forgery (CSRF) in GitHub repository mosparo/mosparo prior to 1.0.3.
Source: CVE-2023-5687
CVE-2023-5688
Cross-site Scripting (XSS) – DOM in GitHub repository modoboa/modoboa prior to 2.2.2.
Source: CVE-2023-5688
CVE-2023-23373
An OS command injection vulnerability has been reported to affect QUSBCam2. If exploited, the vulnerability could allow users to execute commands via a network.
We have already fixed the vulnerability in the following version:
QUSBCam2 2.0.3 ( 2023/06/15 ) and later
Source: CVE-2023-23373
CVE-2023-3965
The nsc theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Source: CVE-2023-3965
CVE-2023-3933
The Your Journey theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Source: CVE-2023-3933
CVE-2023-3962
The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Source: CVE-2023-3962
CVE-2023-3487
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots.
Source: CVE-2023-3487
CVE-2023-46287
XSS exists in NagVis before 1.9.38 via the select function in share/server/core/functions/html.php.
Source: CVE-2023-46287