Lista CVE - 2023 / Gennaio
Visualizzazione 601 - 700 di 2351 CVE per Gennaio 2023 (Pagina 7 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-21678 | 2023-01-10 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2023-21679 | 2023-01-10 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
| CVE-2023-21680 | 2023-01-10 | Windows Win32k Elevation of Privilege Vulnerability |
| CVE-2023-21681 | 2023-01-10 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-21682 | 2023-01-10 | Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability |
| CVE-2023-21683 | 2023-01-10 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability |
| CVE-2023-21724 | 2023-01-10 | Microsoft DWM Core Library Elevation of Privilege Vulnerability |
| CVE-2023-21725 | 2023-01-10 | Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability |
| CVE-2023-21726 | 2023-01-10 | Windows Credential Manager User Interface Elevation of Privilege Vulnerability |
| CVE-2023-21728 | 2023-01-10 | Windows Netlogon Denial of Service Vulnerability |
| CVE-2023-21730 | 2023-01-10 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability |
| CVE-2023-21733 | 2023-01-10 | Windows Bind Filter Driver Elevation of Privilege Vulnerability |
| CVE-2023-21736 | 2023-01-10 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2023-21739 | 2023-01-10 | Windows Bluetooth Driver Elevation of Privilege Vulnerability |
| CVE-2023-21741 | 2023-01-10 | Microsoft Office Visio Information Disclosure Vulnerability |
| CVE-2023-21746 | 2023-01-10 | Windows NTLM Elevation of Privilege Vulnerability |
| CVE-2023-21747 | 2023-01-10 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-21749 | 2023-01-10 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-21750 | 2023-01-10 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-21752 | 2023-01-10 | Windows Backup Service Elevation of Privilege Vulnerability |
| CVE-2023-21753 | 2023-01-10 | Event Tracing for Windows Information Disclosure Vulnerability |
| CVE-2023-21755 | 2023-01-10 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-21757 | 2023-01-10 | Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability |
| CVE-2023-21758 | 2023-01-10 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability |
| CVE-2023-21759 | 2023-01-10 | Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability |
| CVE-2023-21760 | 2023-01-10 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2023-21761 | 2023-01-10 | Microsoft Exchange Server Information Disclosure Vulnerability |
| CVE-2023-21763 | 2023-01-10 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
| CVE-2023-21764 | 2023-01-10 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
| CVE-2023-21765 | 2023-01-10 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2023-21766 | 2023-01-10 | Windows Overlay Filter Information Disclosure Vulnerability |
| CVE-2023-21767 | 2023-01-10 | Windows Overlay Filter Elevation of Privilege Vulnerability |
| CVE-2023-21768 | 2023-01-10 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2023-21772 | 2023-01-10 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-21773 | 2023-01-10 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-21774 | 2023-01-10 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-21776 | 2023-01-10 | Windows Kernel Information Disclosure Vulnerability |
| CVE-2023-21779 | 2023-01-10 | Visual Studio Code Remote Code Execution Vulnerability |
| CVE-2023-21780 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21781 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21782 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21783 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21784 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21785 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21786 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21787 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21788 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21789 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21790 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21791 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21792 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-21793 | 2023-01-10 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2017-20166 | 2023-01-10 | Ecto 2.2.0 lacks a certain protection mechanism associated with the interaction between is_nil and raise. |
| CVE-2021-46871 | 2023-01-10 | tag.ex in Phoenix Phoenix.HTML (aka phoenix_html) before 3.0.4 allows XSS in HEEx class attributes. |
| CVE-2022-30332 | 2023-01-10 | In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account.... |
| CVE-2022-36441 | 2023-01-10 | An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The Gboard used by different applications can be used to launch and use several other applications that are restricted by... |
| CVE-2022-36442 | 2023-01-10 | An issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install an unauthorized application via a downloaded APK. |
| CVE-2022-36443 | 2023-01-10 | An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels (wireless and SD card) but it is still possible to... |
| CVE-2022-3792 | 2023-01-10 | SQL Injection in GullsEye Terminal Operating System |
| CVE-2022-38481 | 2023-01-10 | An issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP2. The application is prone to reflected Cross-site Scripting (XSS) in several features. |
| CVE-2022-38482 | 2023-01-10 | A link-manipulation issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP4. |
| CVE-2022-38489 | 2023-01-10 | An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03 It is prone to stored Cross-site Scripting (XSS). Version 2022.1.110.1.02 fixes the vulnerably. |
| CVE-2022-38490 | 2023-01-10 | An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Some parameters allow SQL injection. Version 2022.1.110.1.02 corrects this issue. |
| CVE-2022-38491 | 2023-01-10 | An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Part of the application does not implement protection against brute-force attacks. Version 2022.1.133.0 corrects this issue. |
| CVE-2022-38492 | 2023-01-10 | An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. One parameter allows SQL injection. Version 2022.1.110.1.02 fixes the vulnerability. |
| CVE-2022-4379 | 2023-01-10 | A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial |
| CVE-2022-4382 | 2023-01-10 | A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running... |
| CVE-2022-4422 | 2023-01-10 | SQLi in Bulutdesk Callcenter |
| CVE-2022-45164 | 2023-01-10 | An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to cancel (delete) a booking, created by someone else - even... |
| CVE-2022-45165 | 2023-01-10 | An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a user-controlled parameter that is used to create an SQL query. It causes this... |
| CVE-2022-45166 | 2023-01-10 | An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a set of user-controlled parameters that are used to act on the data returned... |
| CVE-2022-45167 | 2023-01-10 | An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to access the profile information of all connected users. |
| CVE-2022-46449 | 2023-01-10 | An issue in MPD (Music Player Daemon) v0.23.10 allows attackers to cause a Denial of Service (DoS) via a crafted input. |
| CVE-2022-46610 | 2023-01-10 | 72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. |
| CVE-2023-0128 | 2023-01-10 | Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to... |
| CVE-2023-0129 | 2023-01-10 | Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via... |
| CVE-2023-0130 | 2023-01-10 | Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted... |
| CVE-2023-0131 | 2023-01-10 | Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2023-0132 | 2023-01-10 | Inappropriate implementation in in Permission prompts in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to force acceptance of a permission prompt via a crafted HTML page.... |
| CVE-2023-0133 | 2023-01-10 | Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. (Chromium... |
| CVE-2023-0134 | 2023-01-10 | Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database... |
| CVE-2023-0135 | 2023-01-10 | Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database... |
| CVE-2023-0136 | 2023-01-10 | Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to execute incorrect security UI via a crafted HTML page. (Chromium security... |
| CVE-2023-0137 | 2023-01-10 | Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit... |
| CVE-2023-0138 | 2023-01-10 | Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) |
| CVE-2023-0141 | 2023-01-10 | Insufficient policy enforcement in CORS in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) |
| CVE-2023-21524 | 2023-01-10 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability |
| CVE-2023-21674 | 2023-01-10 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability |
| CVE-2023-21676 | 2023-01-10 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
| CVE-2023-21732 | 2023-01-10 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2023-21734 | 2023-01-10 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2023-21735 | 2023-01-10 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2023-21737 | 2023-01-10 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2023-21738 | 2023-01-10 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2023-21742 | 2023-01-10 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2023-21743 | 2023-01-10 | Microsoft SharePoint Server Security Feature Bypass Vulnerability |
| CVE-2023-21744 | 2023-01-10 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2023-21745 | 2023-01-10 | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2023-21748 | 2023-01-10 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-21754 | 2023-01-10 | Windows Kernel Elevation of Privilege Vulnerability |