Lista CVE - 2023 / Gennaio
Visualizzazione 1201 - 1300 di 2351 CVE per Gennaio 2023 (Pagina 13 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-4442 | 2023-01-16 | WCK < 2.3.3 - Admin+ Stored XSS |
| CVE-2022-4507 | 2023-01-16 | Real Cookie Banner < 3.4.10 - Contributor+ Stored XSS |
| CVE-2022-4655 | 2023-01-16 | Welcart e-Commerce < 2.8.9 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4481 | 2023-01-16 | Mesmerize Companion < 1.6.135 - Contributor+ Stored XSS |
| CVE-2022-4478 | 2023-01-16 | Font Awesome < 4.3.2 - Contributor+ Stored XSS |
| CVE-2022-4482 | 2023-01-16 | Carousel, Slider, Gallery by WP Carousel < 2.5.3 - Contributor+ Stored XSS |
| CVE-2022-4549 | 2023-01-16 | Tickera < 3.5.1.0 - Plugin Data Deletion via CSRF |
| CVE-2022-4508 | 2023-01-16 | ConvertKit < 2.0.5 - Contributor+ Stored XSS |
| CVE-2022-4477 | 2023-01-16 | Smash Balloon Social Post Feed < 4.1.6 - Contributor+ Stored XSS |
| CVE-2022-4476 | 2023-01-16 | Download Manager < 3.2.62 - Contributor+ Stored XSS |
| CVE-2022-4460 | 2023-01-16 | Sidebar Widgets by CodeLights <= 1.4 - Contributor+ Stored XSS |
| CVE-2022-4483 | 2023-01-16 | Insert Pages < 3.7.5 - Contributor+ Stored XSS |
| CVE-2022-4544 | 2023-01-16 | MashShare < 3.8.7 - Contributor+ Stored XSS |
| CVE-2022-4060 | 2023-01-16 | User Post Gallery <= 2.19 - Unauthenticated RCE |
| CVE-2022-4451 | 2023-01-16 | Sassy Social Share < 3.3.45 - Contributor+ Stored XSS |
| CVE-2022-4447 | 2023-01-16 | Fontsy <= 1.8.6 - Multiple Unauthenticated SQLi |
| CVE-2022-4484 | 2023-01-16 | Super Socializer < 7.13.44 - Contributor+ Stored XSS |
| CVE-2022-4578 | 2023-01-16 | Video Conferencing with Zoom < 4.0.10 - Contributor+ Stored XSS |
| CVE-2022-4295 | 2023-01-16 | Show All Comments < 7.0.1 - Reflected XSS |
| CVE-2022-4309 | 2023-01-16 | Subscribe2 < 10.38 - User Deletion via CSRF |
| CVE-2022-4431 | 2023-01-16 | WOOCS < 1.3.9.4 - Contributor+ Stored XSS |
| CVE-2022-4299 | 2023-01-16 | Metricool < 1.18 - Admin+ Stored XSS |
| CVE-2022-2658 | 2023-01-16 | WP Spell Check < 9.13 - Admin+ Stored Cross-Site Scripting |
| CVE-2014-125080 | 2023-01-16 | frontaccounting faplanet path traversal |
| CVE-2015-10054 | 2023-01-16 | githuis P2Manage Database.cs Execute sql injection |
| CVE-2015-10055 | 2023-01-16 | PictureThisWebServer user.js router.post sql injection |
| CVE-2023-0327 | 2023-01-16 | saemorris TheRadSystem users.php cross site scripting |
| CVE-2015-10056 | 2023-01-16 | 2071174A vinylmap views.py contact sql injection |
| CVE-2015-10057 | 2023-01-16 | Little Apps Little Software Stats Password Reset class.securelogin.php access control |
| CVE-2022-3087 | 2023-01-16 | Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are... |
| CVE-2022-46891 | 2023-01-17 | An issue was discovered in the Arm Mali GPU Kernel... |
| CVE-2018-14628 | 2023-01-17 | An information leak vulnerability was discovered in Samba's LDAP server.... |
| CVE-2021-32837 | 2023-01-17 | mechanize vulnerable to ReDoS |
| CVE-2021-36647 | 2023-01-17 | Use of a Broken or Risky Cryptographic Algorithm in the... |
| CVE-2022-2251 | 2023-01-17 | Improper sanitization of branch names in GitLab Runner affecting all... |
| CVE-2022-23739 | 2023-01-17 | Incorrect authorization check in GitHub Enterprise Server leading to escalation of privileges in GraphQL API requests from GitHub Apps using scoped user-to-server tokens |
| CVE-2022-2907 | 2023-01-17 | An issue has been discovered in GitLab CE/EE affecting all... |
| CVE-2022-3650 | 2023-01-17 | A privilege escalation flaw was found in Ceph. Ceph-crash.service allows... |
| CVE-2022-39195 | 2023-01-17 | A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web... |
| CVE-2022-40319 | 2023-01-17 | The LISTSERV 17 web interface allows remote attackers to conduct... |
| CVE-2022-40704 | 2023-01-17 | A XSS vulnerability was found in phoromatic_r_add_test_details.php in phoronix-test-suite. |
| CVE-2022-4121 | 2023-01-17 | In libetpan a null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c... |
| CVE-2022-41858 | 2023-01-17 | A flaw was found in the Linux kernel. A NULL... |
| CVE-2022-41859 | 2023-01-17 | In freeradius, the EAP-PWD function compute_password_element() leaks information about the... |
| CVE-2022-41860 | 2023-01-17 | In freeradius, when an EAP-SIM supplicant sends an unknown SIM... |
| CVE-2022-41861 | 2023-01-17 | A flaw was found in freeradius. A malicious RADIUS client... |
| CVE-2022-43975 | 2023-01-17 | An issue was discovered in FC46-WebBridge on GE Grid Solutions... |
| CVE-2022-43976 | 2023-01-17 | An issue was discovered in FC46-WebBridge on GE Grid Solutions... |
| CVE-2022-43977 | 2023-01-17 | An issue was discovered on GE Grid Solutions MS3000 devices... |
| CVE-2022-45439 | 2023-01-17 | A pair of spare WiFi credentials is stored in the... |
| CVE-2022-45440 | 2023-01-17 | A vulnerability exists in the FTP server of the Zyxel... |
| CVE-2022-46475 | 2023-01-17 | D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack... |
| CVE-2022-46648 | 2023-01-17 | ruby-git versions prior to v1.13.0 allows a remote authenticated attacker... |
| CVE-2022-47318 | 2023-01-17 | ruby-git versions prior to v1.13.0 allows a remote authenticated attacker... |
| CVE-2022-47853 | 2023-01-17 | TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in... |
| CVE-2022-47929 | 2023-01-17 | In the Linux kernel before 6.1.6, a NULL pointer dereference... |
| CVE-2023-0122 | 2023-01-17 | A NULL pointer dereference vulnerability in the Linux kernel NVMe... |
| CVE-2023-0158 | 2023-01-17 | Triggered crash on direct RRDP access |
| CVE-2023-0296 | 2023-01-17 | The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was... |
| CVE-2023-0337 | 2023-01-17 | Cross-site Scripting (XSS) - Reflected in lirantal/daloradius |
| CVE-2023-0338 | 2023-01-17 | Cross-site Scripting (XSS) - Reflected in lirantal/daloradius |
| CVE-2023-22278 | 2023-01-17 | m-FILTER prior to Ver.5.70R01 (Ver.5 Series) and m-FILTER prior to... |
| CVE-2023-22279 | 2023-01-17 | MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni... |
| CVE-2023-22280 | 2023-01-17 | MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni... |
| CVE-2023-22286 | 2023-01-17 | Cross-site request forgery (CSRF) vulnerability in MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior... |
| CVE-2023-22296 | 2023-01-17 | Reflected cross-site scripting vulnerability in MAHO-PBX NetDevancer series MAHO-PBX NetDevancer... |
| CVE-2023-22298 | 2023-01-17 | Open redirect vulnerability in pgAdmin 4 versions prior to v6.14... |
| CVE-2023-22303 | 2023-01-17 | TP-Link SG105PE firmware prior to 'TL-SG105PE(UN) 1.0_1.0.0 Build 20221208' contains... |
| CVE-2023-22304 | 2023-01-17 | OS command injection vulnerability in PIX-RT100 versions RT100_TEQ_2.1.1_EQ101 and RT100_TEQ_2.1.2_EQ101... |
| CVE-2023-22316 | 2023-01-17 | Hidden functionality vulnerability in PIX-RT100 versions RT100_TEQ_2.1.1_EQ101 and RT100_TEQ_2.1.2_EQ101 allows... |
| CVE-2023-22357 | 2023-01-17 | Active debug code exists in OMRON CP1L-EL20DR-D all versions, which... |
| CVE-2023-22366 | 2023-01-17 | CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer... |
| CVE-2023-22624 | 2023-01-17 | Zoho ManageEngine Exchange Reporter Plus before 5708 allows attackers to... |
| CVE-2023-23637 | 2023-01-17 | IMPatienT before 1.5.2 allows stored XSS via onmouseover in certain... |
| CVE-2020-36611 | 2023-01-17 | File and Directory Permission Vulnerability in Hitachi Tuning Manager |
| CVE-2022-30544 | 2023-01-17 | WordPress OSM – OpenStreetMap Plugin <= 6.0.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-42462 | 2023-01-17 | WordPress IP Blacklist Cloud Plugin <= 5.00 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-43462 | 2023-01-17 | WordPress IP Blacklist Cloud Plugin <= 5.00 is vulnerable to SQL Injection (SQLi) vulnerability |
| CVE-2023-0332 | 2023-01-17 | SourceCodester Online Food Ordering System manage_user.php sql injection |
| CVE-2010-10008 | 2023-01-17 | simplesamlphp simplesamlphp-module-openidprovider trust.tpl.php cross site scripting |
| CVE-2015-10058 | 2023-01-17 | Wikisource Category Browser index.php cross site scripting |
| CVE-2015-10059 | 2023-01-17 | s134328 Webapplication-Veganguide apiService.js cross site scripting |
| CVE-2015-10060 | 2023-01-17 | MNBikeways database views.py sql injection |
| CVE-2017-20170 | 2023-01-17 | ollpu parontalli index.php sql injection |
| CVE-2013-10013 | 2023-01-17 | Bricco Authenticator Plugin DBAuthenticator.java compare sql injection |
| CVE-2015-10061 | 2023-01-17 | evandro-machado Trabalho-Web2 ClienteDAO.java sql injection |
| CVE-2016-15021 | 2023-01-17 | nickzren alsdb sql injection |
| CVE-2022-2893 | 2023-01-17 | RONDS EPM version 1.19.5 does not properly validate the filename... |
| CVE-2022-3091 | 2023-01-17 | RONDS EPM version 1.19.5 has a vulnerability in which a... |
| CVE-2022-4621 | 2023-01-17 | Panasonic Sanyo CCTV Network Camera |
| CVE-2023-22875 | 2023-01-17 | IBM Security QRadar SIEM information disclosure |
| CVE-2015-10062 | 2023-01-17 | galaxy-data-resource Command Line Template injection |
| CVE-2015-10063 | 2023-01-17 | saemorris TheRadSystem _login.php redirect sql injection |
| CVE-2015-10064 | 2023-01-17 | VictorFerraresi pokemon-database-php sql injection |
| CVE-2006-20001 | 2023-01-17 | Apache HTTP Server: mod_dav out of bounds read, or write of zero byte |
| CVE-2022-36760 | 2023-01-17 | Apache HTTP Server: mod_proxy_ajp Possible request smuggling |
| CVE-2022-37436 | 2023-01-17 | Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting |
| CVE-2023-23749 | 2023-01-17 | Extension - miniorange - LDAP Integration - LDAP Injection (username) |
| CVE-2022-4891 | 2023-01-17 | Sisimai string.rb to_plain redos |
| CVE-2022-23538 | 2023-01-17 | User credentials leaked to third-party service via HTTP redirect in scs-library-client |