Search

Search Results (366299 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-51309 1 Phpjabbers 1 Car Park Booking System 2025-11-04 4.3 Medium
A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Car Park Booking System v3.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.
CVE-2023-51308 1 Phpjabbers 1 Car Park Booking System 2025-11-04 6.1 Medium
PHPJabbers Car Park Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.
CVE-2023-51306 1 Phpjabbers 1 Event Ticketing System 2025-11-04 5.4 Medium
PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "name, title" parameters.
CVE-2023-51303 1 Phpjabbers 1 Event Ticketing System 2025-11-04 6.1 Medium
PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple HTML Injection in the "lid, name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.
CVE-2023-51301 1 Phpjabbers 1 Hotel Booking System 2025-11-04 7.5 High
A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.
CVE-2023-51300 1 Phpjabbers 1 Hotel Booking System 2025-11-04 6.1 Medium
PHPJabbers Hotel Booking System v4.0 is vulnerable to Cross-Site Scripting (XSS) vulnerabilities in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key" parameters.
CVE-2023-51299 1 Phpjabbers 1 Hotel Booking System 2025-11-04 6.1 Medium
PHPJabbers Hotel Booking System v4.0 is vulnerable to HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.
CVE-2023-51296 1 Phpjabbers 1 Event Booking Calendar 2025-11-04 6.1 Medium
PHPJabbers Event Booking Calendar v4.0 is vulnerable to Cross-Site Scripting (XSS) in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key" parameters which allows attackers to execute arbitrary code
CVE-2023-51295 1 Phpjabbers 1 Event Booking Calendar 2025-11-04 6.5 Medium
PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.
CVE-2023-51059 1 Mokosmart 2 Mkgw1 Gateway, Mkgw1 Gateway Firmware 2025-11-04 8.8 High
An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface.
CVE-2023-50784 1 Unrealircd 1 Unrealircd 2025-11-04 7.5 High
A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execution might be possible on some uncommon, older platforms.
CVE-2023-50495 1 Invisible-island 1 Ncurse 2025-11-04 6.5 Medium
NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().
CVE-2023-50387 8 Fedoraproject, Isc, Microsoft and 5 more 18 Fedora, Bind, Windows Server 2008 and 15 more 2025-11-04 7.5 High
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.
CVE-2023-50172 1 Wwbn 1 Avideo 2025-11-04 5.3 Medium
A recovery notification bypass vulnerability exists in the userRecoverPass.php captcha validation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to the silent creation of a recovery pass code for any user.
CVE-2023-4235 3 Fedoraproject, Ofono, Ofono Project 3 Fedora, Ofono, Ofono 2025-11-04 8.1 High
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver_report().
CVE-2023-4234 3 Fedoraproject, Linux, Ofono Project 3 Fedora, Ofono, Ofono 2025-11-04 8.1 High
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_submit_report().
CVE-2023-4233 2 Fedoraproject, Ofono Project 2 Fedora, Ofono 2025-11-04 8.1 High
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS.
CVE-2023-4232 2 Fedoraproject, Ofono Project 2 Fedora, Ofono 2025-11-04 8.1 High
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_status_report().
CVE-2023-49994 1 Espeak-ng 1 Espeak-ng 2025-11-04 5.5 Medium
Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function PeaksToHarmspect at wavegen.c.
CVE-2023-49993 1 Espeak-ng 1 Espeak-ng 2025-11-04 5.3 Medium
Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow via the function ReadClause at readclause.c.