CVE Vulnerability Database

Search and browse 41 known security vulnerabilities. Filter by severity, vendor, product, and year.

41 vulnerabilities found
Recent Highest Score Oldest
Severity: Medium × Year: 2023 × Clear all
CVE-2023-1726
5.4 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user.This issue affects OBS: before 23.04.01.

Prolizyazilim Student Affairs Information System Apr 7, 2023
CVE-2023-1766
6.1 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akbim Computer Panon allows Reflected XSS.This issue affects Panon: before 1.0.2.

Akbim Panon Apr 3, 2023
CVE-2023-1060
6.1 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YKM YKM CRM allows Reflected XSS. This issue affects YKM CRM: before 23.03.30.

Ykmbilisim Ykm Crm Mar 31, 2023
CVE-2023-1013
6.1 medium

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Virames Vira-Investing allows Cross-Site Scripting (XSS). This issue affects Vira-Investing: before 1.0.84.86.

Dizayn Vira-Investing Mar 30, 2023
CVE-2023-1051
6.1 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in As Koc Energy Web Report System allows Reflected XSS. This issue affects Web Report System: before 23.03.10.

Askoc Web Report System Mar 23, 2023
CVE-2023-1154
6.1 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pacsrapor allows Reflected XSS. This issue affects Pacsrapor: before 1.22.

Pacsrapor Pacsrapor Mar 21, 2023
CVE-2023-0320
5.4 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Izmir Katip Celebi University UBYS allows Stored XSS. This issue affects UBYS: before 23.03.16.

University Information Management System Project University Information Management System Mar 20, 2023
CVE-2023-0322
6.1 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software UNIS allows Reflected XSS. This issue affects UNIS: before 28376.

Talentyazilim Unis Mar 15, 2023
CVE-2023-23391
5.5 medium

Office for Android Spoofing Vulnerability

Microsoft Office Mar 14, 2023
CVE-2022-23791
6.1 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows Cross-Site Scripting (XSS). This issue affects Customer Relation Manager: before 2022.03.13.

Firmanet Customer Relation Manager Mar 14, 2023
CVE-2022-23790
6.1 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows Cross-Site Scripting (XSS). This issue affects Customer Relation Manager: before 2022.03.13.

Firmanet Technology Customer Relation Manager Mar 14, 2023
CVE-2022-2178
6.1 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saysis Computer Starcities allows Cross-Site Scripting (XSS). This issue affects Starcities: before 1.1.

Saysis Starcities Mar 6, 2023
CVE-2023-0578
6.1 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ASOS Information Technologies Book Cites allows Cross-Site Scripting (XSS). This issue affects Book Cites: before 23.01.05.

Asosegitim Bookcites Mar 3, 2023
CVE-2023-0577
6.1 medium

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ASOS Information Technologies SOBIAD allows Cross-Site Scripting (XSS). This issue affects SOBIAD: before 23.02.01.

Asosegitim Sobiad Mar 3, 2023
CVE-2023-25136
6.5 medium

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-pa

Openbsd Openssh Feb 3, 2023
CVE-2022-4554
5.4 medium

B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347.

Idyazilim B2B Dealer Order System Jan 24, 2023
CVE-2021-36647
4.7 medium

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking

Arm Mbed Tls Jan 17, 2023