Total
4417 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-2946 | 1 Open-emr | 1 Openemr | 2026-06-17 | N/A | 8.1 HIGH |
| Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. | |||||
| CVE-2023-2944 | 1 Open-emr | 1 Openemr | 2026-06-17 | N/A | 5.4 MEDIUM |
| Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. | |||||
| CVE-2023-2940 | 1 Google | 1 Chrome | 2026-06-17 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-2903 | 1 Nfine | 1 Nfine Rapid Development Platform | 2026-06-17 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability classified as problematic has been found in NFine Rapid Development Platform 20230511. This affects an unknown part of the file /SystemManage/Role/GetGridJson?keyword=&page=1&rows=20. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229977 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-2674 | 1 Open-emr | 1 Openemr | 2026-06-17 | N/A | 4.3 MEDIUM |
| Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. | |||||
| CVE-2023-2429 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-06-17 | N/A | 9.8 CRITICAL |
| Improper Access Control in GitHub repository thorsten/phpmyfaq prior to 3.1.13. | |||||
| CVE-2023-2202 | 1 Rosariosis | 1 Rosariosis | 2026-06-17 | N/A | 6.5 MEDIUM |
| Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3. | |||||
| CVE-2023-2159 | 1 Niteothemes | 1 Cmp | 2026-06-17 | N/A | 5.3 MEDIUM |
| The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. A correct cmp_bypass GET parameter in the URL (equal to the md5-hashed home_url in the default setting) allows users to visit a site placed in maintenance mode thus bypassing the plugin's provided feature. | |||||
| CVE-2023-2104 | 1 Easyappointments | 1 Easyappointments | 2026-06-17 | N/A | 5.4 MEDIUM |
| Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | |||||
| CVE-2023-29924 | 1 Powerjob | 1 Powerjob | 2026-06-17 | N/A | 9.8 CRITICAL |
| PowerJob V4.3.1 is vulnerable to Incorrect Access Control that allows for remote code execution. | |||||
| CVE-2023-29922 | 1 Powerjob | 1 Powerjob | 2026-06-17 | N/A | 5.3 MEDIUM |
| PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface. | |||||
| CVE-2023-29921 | 1 Powerjob | 1 Powerjob | 2026-06-17 | N/A | 5.3 MEDIUM |
| PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create app interface. | |||||
| CVE-2023-29586 | 1 Codesector | 1 Teracopy | 2026-06-17 | N/A | 5.5 MEDIUM |
| Code Sector TeraCopy 3.9.7 does not perform proper access validation on the source folder during a copy operation. This leads to Arbitrary File Read by allowing any user to copy any directory in the system to a directory they control. NOTE: the Supplier disputes this because only admin users can copy arbitrary folders, and because the 143984 reference is about a different concern (unrelated to directory copying) that was fixed in 3.5b. | |||||
| CVE-2023-29513 | 1 Xwiki | 1 Xwiki | 2026-06-17 | N/A | 5.0 MEDIUM |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. If guest has view right on any document. It's possible to create a new user using the `distribution/firstadminuser.wiki` in the wrong context. This vulnerability has been patched in XWiki 15.0-rc-1 and 14.10.1. There is no known workaround other than upgrading. | |||||
| CVE-2023-29164 | 2026-06-17 | N/A | 7.3 HIGH | ||
| Improper access control in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board M50CYP and Intel(R) Server Board D50TNP before version R01.01.0009 may allow an authenticated user to enable escalation of privilege via local access. | |||||
| CVE-2023-29140 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 5.3 MEDIUM |
| An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. Attackers might be able to see edits for which the username has been hidden, because there is no check for rev_deleted. | |||||
| CVE-2023-29121 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2026-06-17 | N/A | 9.6 CRITICAL |
| Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system. | |||||
| CVE-2023-29115 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| In certain conditions a request directed to the Waybox Enel X Web management application could cause a denial-of-service (e.g. reboot). | |||||
| CVE-2023-29113 | 2026-06-17 | N/A | 6.3 MEDIUM | ||
| The MIB3 infotainment unit used in Skoda and Volkswagen vehicles does not incorporate any privilege separation for the proprietary inter-process communication mechanism, leaving attackers with presence in the system an ability to undermine access control restrictions implemented at the operating system level. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. | |||||
| CVE-2023-28907 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| There is no memory isolation between CPU cores of the MIB3 infotainment. This fact allows an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. | |||||
