Lista CVE - 2023 / Dicembre
Visualizzazione 1201 - 1300 di 2674 CVE per Dicembre 2023 (Pagina 13 di 27)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-40656 | 2023-12-14 | Extension - plasma-web.ru - Reflected XSS in Quickform component for Joomla 1.0.0-3.3.01 |
| CVE-2023-49708 | 2023-12-14 | Extension - joomstar.com - SQLi vulnerability in Starshop component for Joomla 1.0.0-1.0.9 |
| CVE-2023-40629 | 2023-12-14 | Extension - king-products.net - SQLi vulnerability in LMS Lite component for Joomla 1.0.0-3.3.0.1 |
| CVE-2023-40628 | 2023-12-14 | Extension - Extplorer.net - Reflected XSS in Extplorer component for Joomla 1.0.0-2.1.15 |
| CVE-2023-40658 | 2023-12-14 | Extension - deconf.net - Reflected XSS in Clicky Analytics Dashboard module for Joomla 1.0.0-1.3.1 |
| CVE-2023-40659 | 2023-12-14 | Extension - joomboost.com - Reflected XSS in Easy Quick Contact module for Joomla 1.0.0-1.3.0 |
| CVE-2023-40627 | 2023-12-14 | Extension - MLWebTechnologies - Reflected XSS in LivingWord component for Joomla 1.0.0-3.0.0 |
| CVE-2023-50371 | 2023-12-14 | WordPress Advanced Page Visit Counter Plugin <= 8.0.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-6569 | 2023-12-14 | External Control of File Name or Path in h2oai/h2o-3 |
| CVE-2023-6570 | 2023-12-14 | Server-Side Request Forgery (SSRF) in kubeflow/kubeflow |
| CVE-2023-6571 | 2023-12-14 | Cross-site Scripting (XSS) - Reflected in kubeflow/kubeflow |
| CVE-2023-48631 | 2023-12-14 | Denial of Service of regular expression in package @adobe/css-tools |
| CVE-2023-6572 | 2023-12-14 | Command Injection in gradio-app/gradio |
| CVE-2023-48676 | 2023-12-14 | Sensitive information disclosure and manipulation due to missing authorization. The... |
| CVE-2023-50370 | 2023-12-14 | WordPress Livemesh Addons for WPBakery Page Builder Plugin <= 3.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50369 | 2023-12-14 | WordPress Alma – Pay in installments or later for WooCommerce Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50368 | 2023-12-14 | WordPress Shortcodes and extra features for Phlox theme Plugin <= 2.15.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49847 | 2023-12-14 | WordPress Annual Archive Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-45182 | 2023-12-14 | IBM i Access Client Solutions information disclosure |
| CVE-2023-0757 | 2023-12-14 | Phoenix Contact ProConOS prone to Incorrect Permission Assignment for Critical Resource |
| CVE-2023-45185 | 2023-12-14 | IBM i Access Client Solutions code execution |
| CVE-2023-5592 | 2023-12-14 | Phoenix Contact: ProConOs prone to Download of Code Without Integrity Check |
| CVE-2023-46141 | 2023-12-14 | Phoenix Contact: Automation Worx and classic line controllers prone to Incorrect Permission Assignment for Critical Resource |
| CVE-2023-46142 | 2023-12-14 | PHOENIX CONTACT: Insufficient Read and Write Protection to Logic and Runtime Data in PLCnext Control |
| CVE-2023-46143 | 2023-12-14 | Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC |
| CVE-2023-49846 | 2023-12-14 | WordPress Author Avatars List/Block Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-46144 | 2023-12-14 | PHOENIX CONTACT: PLCnext Control prone to download of code without integrity check |
| CVE-2023-6545 | 2023-12-14 | Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf |
| CVE-2023-49836 | 2023-12-14 | WordPress Cookie Bar Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49833 | 2023-12-14 | WordPress Spectra Plugin <= 2.7.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49828 | 2023-12-14 | WordPress WooCommerce Payments Plugin <= 6.4.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49827 | 2023-12-14 | WordPress Soledad Theme <= 8.4.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49745 | 2023-12-14 | WordPress Spiffy Calendar Plugin <= 4.9.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49743 | 2023-12-14 | WordPress Dashboard Widgets Suite Plugin <= 3.4.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49740 | 2023-12-14 | WordPress Seraphinite Accelerator Plugin <= 2.20.28 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49739 | 2023-12-14 | WordPress PowerPack Pro for Elementor plugin <= 2.9.23 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2022-45365 | 2023-12-14 | WordPress Stock Ticker Plugin <= 3.23.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49168 | 2023-12-14 | WordPress BP Better Messages Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-44277 | 2023-12-14 | Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS... |
| CVE-2023-44278 | 2023-12-14 | Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25,... |
| CVE-2023-44279 | 2023-12-14 | Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25,... |
| CVE-2023-44284 | 2023-12-14 | Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25,... |
| CVE-2023-49171 | 2023-12-14 | WordPress Innovs HR Plugin <= 1.0.3.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49172 | 2023-12-14 | WordPress BrainCert – HTML5 Virtual Classroom Plugin <= 1.30 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-44285 | 2023-12-14 | Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS... |
| CVE-2023-49173 | 2023-12-14 | WordPress 10to8 Online Appointment Booking System Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-44286 | 2023-12-14 | Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25,... |
| CVE-2023-49195 | 2023-12-14 | WordPress Nested Pages Plugin <= 3.2.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48667 | 2023-12-14 | Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS... |
| CVE-2023-49766 | 2023-12-14 | WordPress Ultimate Addons for Contact Form 7 Plugin <= 3.2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49770 | 2023-12-14 | WordPress Smart External Link Click Monitor [Link Log] Plugin <= 5.0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48668 | 2023-12-14 | Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS... |
| CVE-2023-49771 | 2023-12-14 | WordPress Smart External Link Click Monitor [Link Log] Plugin <= 5.0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49813 | 2023-12-14 | WordPress WP Photo Album Plus Plugin <= 8.5.02.005 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48660 | 2023-12-14 | Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary... |
| CVE-2023-49820 | 2023-12-14 | WordPress Structured Content Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48661 | 2023-12-14 | Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary... |
| CVE-2023-49841 | 2023-12-14 | WordPress Optin Forms Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48662 | 2023-12-14 | Dell vApp Manager, versions prior to 9.2.4.x contain a command... |
| CVE-2023-48663 | 2023-12-14 | Dell vApp Manager, versions prior to 9.2.4.x contain a command... |
| CVE-2023-6364 | 2023-12-14 | WhatsUp Gold Stored Cross-Site Scripting (XSS) via Dashboard |
| CVE-2023-6365 | 2023-12-14 | WhatsUp Gold Stored Cross-Site Scripting (XSS) via Device Groups |
| CVE-2023-6366 | 2023-12-14 | WhatsUp Gold Stored Cross-Site Scripting (XSS) via Alert Center |
| CVE-2023-6367 | 2023-12-14 | WhatsUp Gold Stored Cross-Site Scripting (XSS) via Roles |
| CVE-2023-6595 | 2023-12-14 | WhatsUp Gold Unauthenticated Access to an API Endpoint |
| CVE-2023-6368 | 2023-12-14 | WhatsUp Gold Unauthenticated Access to an API Endpoint |
| CVE-2023-48664 | 2023-12-14 | Dell vApp Manager, versions prior to 9.2.4.x contain a command... |
| CVE-2023-48665 | 2023-12-14 | Dell vApp Manager, versions prior to 9.2.4.x contain a command... |
| CVE-2023-48671 | 2023-12-14 | Dell vApp Manager, versions prior to 9.2.4.x contain an information... |
| CVE-2023-49842 | 2023-12-14 | WordPress Rocket Maintenance Mode & Coming Soon Page Plugin <= 4.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49860 | 2023-12-14 | WordPress WP Project Manager Plugin <= 2.6.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-5769 | 2023-12-14 | A vulnerability exists in the webserver that affects the RTU500... |
| CVE-2023-48756 | 2023-12-14 | WordPress JetBlocks For Elementor Plugin <= 1.3.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48767 | 2023-12-14 | WordPress MyTube PlayList Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-42799 | 2023-12-14 | Buffer overflow due to use of `strcpy` in `parseUrlAddrFromRtspUrlString` |
| CVE-2023-48770 | 2023-12-14 | WordPress Aparat Plugin <= 1.7.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48771 | 2023-12-14 | WordPress File Gallery Plugin <= 1.8.5.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48780 | 2023-12-14 | WordPress WP Catalogue Plugin <= 1.7.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-42800 | 2023-12-14 | Buffer overflow due to use of `strcpy` in `performRtspHandshake` |
| CVE-2023-49149 | 2023-12-14 | WordPress Currency Converter Calculator Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-42801 | 2023-12-14 | Stack buffer overflow due to `strcpy` into fixed size buffer in `extractVersionQuadFromString` |
| CVE-2023-49150 | 2023-12-14 | WordPress Crypto Converter Widget Plugin <= 1.8.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50269 | 2023-12-14 | SQUID-2023:10 Denial of Service in HTTP Request parsing |
| CVE-2023-49151 | 2023-12-14 | WordPress Google Calendar Events Plugin <= 3.2.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49152 | 2023-12-14 | WordPress Credit Tracker Plugin <= 1.1.17 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-49157 | 2023-12-14 | WordPress Multiple Post Passwords Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-50710 | 2023-12-14 | Hono's named path parameters can be overridden in TrieRouter |
| CVE-2023-6563 | 2023-12-14 | Keycloak: offline session token dos |
| CVE-2023-50713 | 2023-12-14 | Speckle Server API Token Privilege Escalation |
| CVE-2023-4694 | 2023-12-14 | Certain HP OfficeJet Pro printers are potentially vulnerable to a... |
| CVE-2023-49294 | 2023-12-14 | Asterisk Path Traversal vulnerability |
| CVE-2023-37457 | 2023-12-14 | Asterisk's PJSIP_HEADER dialplan function can overwrite memory/cause crash when using 'update' |
| CVE-2023-49786 | 2023-12-14 | Asterisk susceptible to Denial of Service via DTLS Hello packets during call initiation |
| CVE-2023-0248 | 2023-12-14 | Kantech Gen1 ioSmart card reader |
| CVE-2023-49342 | 2023-12-14 | Temporary data passed between application components by Budgie Extras Clockworks... |
| CVE-2023-49343 | 2023-12-14 | Temporary data passed between application components by Budgie Extras Dropby... |
| CVE-2023-49344 | 2023-12-14 | Temporary data passed between application components by Budgie Extras Window... |
| CVE-2023-49345 | 2023-12-14 | Temporary data passed between application components by Budgie Extras Takeabreak... |
| CVE-2023-49346 | 2023-12-14 | Temporary data passed between application components by Budgie Extras WeatherShow... |
| CVE-2023-49347 | 2023-12-14 | Temporary data passed between application components by Budgie Extras Windows... |