VULNMAP - Vulnerabilità di Sicurezza

Lista CVE - 2023 / Gennaio

Visualizzazione 1 - 100 di 2351 CVE per Gennaio 2023 (Pagina 1 di 24)

ID CVE Data Titolo
CVE-2021-41823 2023-01-01 The Web Application Firewall (WAF) in Kemp LoadMaster 7.2.54.1 allows...
CVE-2022-34322 2023-01-01 Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021...
CVE-2022-34323 2023-01-01 Multiple XSS issues were discovered in Sage XRT Business Exchange...
CVE-2022-34324 2023-01-01 Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow...
CVE-2022-37785 2023-01-01 An issue was discovered in WeCube Platform 3.2.2. Cleartext passwords...
CVE-2022-37786 2023-01-01 An issue was discovered in WeCube Platform 3.2.2. There are...
CVE-2022-37787 2023-01-01 An issue was discovered in WeCube platform 3.2.2. A DOM...
CVE-2022-40711 2023-01-01 PrimeKey EJBCA 7.9.0.2 Community allows stored XSS in the End...
CVE-2022-45027 2023-01-01 perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an...
CVE-2022-45213 2023-01-01 perfSONAR before 4.4.6 inadvertently supports the parse option for a...
CVE-2022-47634 2023-01-01 M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before...
CVE-2022-47952 2023-01-01 lxc-user-nic in lxc through 5.0.1 is installed setuid root, and...
CVE-2022-48198 2023-01-01 The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for...
CVE-2023-0028 2023-01-01 Cross-site Scripting (XSS) - Stored in linagora/twake
CVE-2023-22551 2023-01-01 The FTP (aka "Implementation of a simple FTP client and...
CVE-2018-25062 2023-01-01 flar2 ElementalX ipsec xfrm_user.c xfrm_dump_policy_done denial of service
CVE-2018-25063 2023-01-01 Zenoss Dashboard defaultportlets.js cross site scripting
CVE-2014-125030 2023-01-01 taoeffect Empress hard-coded password
CVE-2023-0029 2023-01-01 Multilaser RE708 Telnet Service denial of service
CVE-2010-10002 2023-01-01 SimpleSAMLphp simplesamlphp-module-openid OpenID consumer.php cross site scripting
CVE-2013-10006 2023-01-01 Ziftr primecoin bitcoinrpc.cpp HTTPAuthorized timing discrepancy
CVE-2015-10006 2023-01-01 admont28 Ingnovarq insertarSliderAjax.php cross site scripting
CVE-2021-4297 2023-01-01 trampgeek jobe Restapi.php runs_post Privilege Escalation
CVE-2019-13768 2023-01-02 Use after free in FileAPI in Google Chrome prior to...
CVE-2021-21200 2023-01-02 Out of bounds read in WebUI Settings in Google Chrome...
CVE-2021-30558 2023-01-02 Insufficient policy enforcement in content security policy in Google Chrome...
CVE-2022-0337 2023-01-02 Inappropriate implementation in File System API in Google Chrome on...
CVE-2022-0801 2023-01-02 Inappropriate implementation in HTML parser in Google Chrome prior to...
CVE-2022-2742 2023-01-02 Use after free in Exosphere in Google Chrome on Chrome...
CVE-2022-2743 2023-01-02 Integer overflow in Window Manager in Google Chrome on Chrome...
CVE-2022-3842 2023-01-02 Use after free in Passwords in Google Chrome prior to...
CVE-2022-3863 2023-01-02 Use after free in Browser History in Google Chrome prior...
CVE-2022-4025 2023-01-02 Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80...
CVE-2022-48197 2023-01-02 Reflected cross-site scripting (XSS) exists in Sandbox examples in the...
CVE-2022-3460 2023-01-02 In affected versions of Octopus Deploy it is possible for...
CVE-2014-125031 2023-01-02 kirill2485 TekNet loggedin.php cross site scripting
CVE-2014-125032 2023-01-02 porpeeranut go-with-me add.php sql injection
CVE-2014-125033 2023-01-02 rails-cv-app uploaded_files_controller.rb path traversal
CVE-2021-4298 2023-01-02 Hesburgh Libraries of Notre Dame Sipity search_criteria_for_works_parameter.rb SearchCriteriaForWorksParameter sql injection
CVE-2021-4299 2023-01-02 cronvel string-kit naturalSort.js naturalSort redos
CVE-2016-15006 2023-01-02 enigmaX Scrambling Table main.c getSeed prng seed
CVE-2022-42475 2023-01-02 A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0...
CVE-2019-25093 2023-01-02 dragonexpert Recent Threads on Index Setting hooks.php recentthread_list_threads cross site scripting
CVE-2014-125034 2023-01-02 stiiv contact_app View.php render cross site scripting
CVE-2015-10007 2023-01-02 82Flex WEIPDCRM cross site scripting
CVE-2015-10008 2023-01-02 82Flex WEIPDCRM sql injection
CVE-2015-10009 2023-01-02 nterchange code_caller_controller.php getContent code injection
CVE-2017-20161 2023-01-02 rofl0r MacGeiger ESSID macgeiger.c dump_wlan_at injection
CVE-2023-22451 2023-01-02 Weak password requirements in Kiwi TCMS
CVE-2014-125035 2023-01-02 Jobs-Plugin cross site scripting
CVE-2014-125036 2023-01-02 drybjed ansible-ntp main.yml amplification
CVE-2014-125037 2023-01-02 License to Kill injury.rb sql injection
CVE-2014-125038 2023-01-02 IS_Projecto2 NewsBean.java sql injection
CVE-2016-15007 2023-01-02 Centralized-Salesforce-Dev-Framework SOQL SObjectService.cls SObjectService injection
CVE-2023-22452 2023-01-02 Improper Input Validation in kenny2automate
CVE-2015-10010 2023-01-02 OpenDNS OpenResolve API endpoints.py get cross site scripting
CVE-2015-10011 2023-01-02 OpenDNS OpenResolve endpoints.py neutralization for logs
CVE-2022-4371 2023-01-02 Web Invoice <= 2.1.3 - Authenticated SQLi
CVE-2022-4351 2023-01-02 Qe SEO Handyman <= 1.0 - Admin+ SQLi
CVE-2022-4297 2023-01-02 WP AutoComplete Search <= 1.0.4 - Unauthenticated SQLi
CVE-2022-4370 2023-01-02 Multimedial Images <= 1.0b - Admin+ SQLi
CVE-2022-4059 2023-01-02 Cryptocurrency Widgets Pack < 2.0 - Unauthenticated SQLi
CVE-2022-4357 2023-01-02 LetsRecover < 1.2.0 - Unauthenticated SQLi
CVE-2022-3241 2023-01-02 Build App Online < 1.0.19 - Unauthenticated SQL Injection
CVE-2022-4140 2023-01-02 Welcart e-Commerce < 2.8.5 - Unauthenticated Arbitrary File Access
CVE-2022-4360 2023-01-02 WP RSS By Publishers <= 0.1 - Admin+ SQLi
CVE-2022-4049 2023-01-02 WP User <= 7.0 - Unauthenticated SQLi
CVE-2022-4198 2023-01-02 WP Social Sharing <= 2.2 - Admin+ Stored XSS
CVE-2022-4340 2023-01-02 BookingPress < 1.0.31 - Unauthenticated IDOR in appointment_id
CVE-2022-4356 2023-01-02 LetsRecover < 1.2.0 - Admin+ SQLi
CVE-2022-4142 2023-01-02 WordPress Filter Gallery Plugin < 0.1.6 - Admin+ Stored XSS
CVE-2022-4302 2023-01-02 White Label CMS < 2.5 - Admin+ PHP Object Injection
CVE-2022-3994 2023-01-02 Authenticator < 1.3.1 - Subscriber+ Denial of Service via Feed Token Disclosure
CVE-2022-4355 2023-01-02 LetsRecover < 1.2.0 - Admin+ SQLi
CVE-2022-4119 2023-01-02 Image Optimizer, Resizer and CDN < 6.8.1 - Admin+ Stored XSS
CVE-2022-3936 2023-01-02 Team Members < 5.2.1 - Editor+ Stored XSS
CVE-2022-4359 2023-01-02 WP RSS By Publishers <= 0.1 - Admin+ SQLi
CVE-2022-4358 2023-01-02 WP RSS By Publishers <= 0.1 - Admin+ SQLi
CVE-2022-4362 2023-01-02 Popup Maker < 1.16.9 - Contributor+ Stored XSS via Shortcode
CVE-2022-4381 2023-01-02 Popup Maker < 1.16.9 - Contributor+ Stored XSS via Subscription Form
CVE-2022-4417 2023-01-02 WP Cerber < 9.3.3 - User Enumeration Bypass via Rest API
CVE-2022-4114 2023-01-02 Superio - Job Board < 1.2.33 - Subscriber+ Stored Cross-Site Scripting
CVE-2022-4324 2023-01-02 Custom Field Template < 2.5.8 - Admin+ PHP Object Injection
CVE-2022-4373 2023-01-02 Quote-O-Matic <= 1.0.5 - Admin+ SQLi
CVE-2022-4236 2023-01-02 Welcart e-Commerce < 2.8.5 - Subscriber+ Arbitrary File Access
CVE-2022-4109 2023-01-02 Wholesale Market for WooCommerce < 2.0.0 - Admin+ Arbitrary Log Download
CVE-2022-4298 2023-01-02 Wholesale Market < 2.2.1 - Unauthenticated Arbitrary File Download
CVE-2022-4099 2023-01-02 Joy Of Text Lite < 2.3.1 - Unauthenticated SQLi
CVE-2022-4369 2023-01-02 WP-Lister Lite for Amazon < 2.4.4 - Reflected XSS
CVE-2022-4200 2023-01-02 Login with Cognito <= 1.4.8 - Admin+ Stored XSS
CVE-2022-4352 2023-01-02 Qe SEO Handyman <= 1.0 - Admin+ SQLi
CVE-2022-4256 2023-01-02 All-in-One Addons for Elementor - WidgetKit < 2.4.4 - Admin+ Stored XSS
CVE-2022-3911 2023-01-02 iubenda < 3.3.3 - Subscriber+ Privileges Escalation to Admin
CVE-2022-4057 2023-01-02 Autoptimize < 3.1.0 - Sensitive Data Disclosure
CVE-2022-4329 2023-01-02 Product list Widget for Woocommerce <= 1.0 - Reflected XSS
CVE-2022-4372 2023-01-02 Web Invoice <= 2.1.3 - Authenticated SQLi
CVE-2022-4237 2023-01-02 Welcart e-Commerce < 2.8.6 - Subscriber+ PHAR Deserialisation
CVE-2022-4260 2023-01-02 WP-Ban < 1.69.1 - Admin+ Stored XSS
CVE-2022-3860 2023-01-02 Visual Email Designer for WooCommerce < 1.7.2 - Multiple Author+ SQLi
CVE-2022-44036 2023-01-03 In b2evolution 7.2.5, if configured with admins_can_manipulate_sensitive_files, arbitrary file upload...