Lista CVE - 2023 / Dicembre
Visualizzazione 1701 - 1800 di 2674 CVE per Dicembre 2023 (Pagina 18 di 27)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-5886 | 2023-12-18 | WP All Export (Free < 1.4.1, Pro < 1.8.6) - Author+ PHAR Deserialization via CSRF |
| CVE-2023-4311 | 2023-12-18 | Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE |
| CVE-2023-5348 | 2023-12-18 | Product Catalog Enquiry for WooCommerce < 5.0.3 - Unauthenticated Stored XSS via Arbitrary Setting Update |
| CVE-2023-6289 | 2023-12-18 | Swift Performance Lite <= 2.3.6.14 - Unauthenticated Configuration Export |
| CVE-2023-6295 | 2023-12-18 | so-widgets-bundle < 1.51.0 - Admin+ Local File Inclusion |
| CVE-2023-6077 | 2023-12-18 | Slider - Ultimate Responsive Image Slider < 3.5.12 - Subscriber+ Arbitrary Post Access |
| CVE-2023-5949 | 2023-12-18 | SmartCrawl WordPress SEO checker < 3.8.3 - Unauthenticated Password Protected Post Disclosure |
| CVE-2023-4724 | 2023-12-18 | WP All Export (Free < 1.4.0, Pro < 1.8.6) - Admin+ RCE |
| CVE-2023-5882 | 2023-12-18 | WP All Export (Free < 1.4.1, Pro < 1.8.6) - Remote Code Execution via CSRF |
| CVE-2023-40691 | 2023-12-18 | IBM Cloud Pak for Business Automation information disclosure |
| CVE-2023-48768 | 2023-12-18 | WordPress Quantity Plus Minus Button for WooCommerce by CodeAstrology Plugin <= 1.1.9 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-6355 | 2023-12-18 | Incorrect selection of fuse values in the Controller 7000 platform... |
| CVE-2023-48769 | 2023-12-18 | WordPress Chat Bubble Plugin <= 2.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-22439 | 2023-12-18 | Improper input validation of a large HTTP request in the... |
| CVE-2023-48772 | 2023-12-18 | WordPress Prevent Landscape Rotation Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-23570 | 2023-12-18 | Client-Side enforcement of Server-Side security for the Command Centre server... |
| CVE-2023-23576 | 2023-12-18 | Incorrect behavior order in the Command Centre Server could allow... |
| CVE-2023-23584 | 2023-12-18 | An observable response discrepancy in the Gallagher Command Centre RESTAPI... |
| CVE-2023-24590 | 2023-12-18 | A format string issue in the Controller 6000's optional diagnostic... |
| CVE-2023-41967 | 2023-12-18 | Sensitive information uncleared after debug/power state transition in the Controller... |
| CVE-2023-46686 | 2023-12-18 | A reliance on untrusted inputs in a security decision could... |
| CVE-2023-48773 | 2023-12-18 | WordPress WooCommerce Login Redirect Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-48778 | 2023-12-18 | WordPress Product Size Chart For WooCommerce Plugin <= 1.1.5 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-48781 | 2023-12-18 | WordPress MkRapel Regiones y Ciudades de Chile para WC Plugin <= 4.3.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49148 | 2023-12-18 | WordPress Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates Plugin <= 3.0.5 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49153 | 2023-12-18 | WordPress Add to Cart Text Changer and Customize Button, Add Custom Icon Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49155 | 2023-12-18 | WordPress Button Generator – easily Button Builder Plugin <= 2.3.8 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49163 | 2023-12-18 | WordPress teachPress Plugin <= 9.0.5 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49759 | 2023-12-18 | WordPress WooDiscuz – WooCommerce Comments Plugin <= 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49760 | 2023-12-18 | WordPress WPsoonOnlinePage Plugin <= 1.9 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49761 | 2023-12-18 | WordPress Product Enquiry for WooCommerce Plugin <= 3.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49763 | 2023-12-18 | WordPress CSprite Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-49821 | 2023-12-18 | WordPress LiveChat Plugin <= 4.5.15 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-34168 | 2023-12-18 | WordPress WP Report Post Plugin <= 2.1.2 is vulnerable to SQL Injection |
| CVE-2023-33331 | 2023-12-18 | WordPress WooCommerce Product Vendors Plugin <= 2.1.76 is vulnerable to SQL Injection |
| CVE-2023-47558 | 2023-12-18 | WordPress Who Hit The Page – Hit Counter Plugin <= 1.4.14.3 is vulnerable to SQL Injection |
| CVE-2023-47530 | 2023-12-18 | WordPress Redirect 404 Error Page to Homepage or Custom Page with Logs Plugin <= 1.8.7 is vulnerable to SQL Injection |
| CVE-2023-6927 | 2023-12-18 | Keycloak: open redirect via "form_post.jwt" jarm response mode |
| CVE-2023-47506 | 2023-12-18 | WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to SQL Injection |
| CVE-2023-6918 | 2023-12-18 | Libssh: missing checks for return values for digests |
| CVE-2022-45809 | 2023-12-18 | WordPress Thumbs Rating Plugin <= 5.0.0 is vulnerable to Race Condition |
| CVE-2023-49819 | 2023-12-18 | WordPress Structured Content Plugin <= 1.5.3 is vulnerable to PHP Object Injection |
| CVE-2023-48751 | 2023-12-18 | WordPress Participants Database Plugin <= 2.5.5 is vulnerable to Broken Access Control |
| CVE-2023-47754 | 2023-12-18 | WordPress Delete Duplicate Posts Plugin <= 4.8.9 is vulnerable to Broken Access Control |
| CVE-2023-46154 | 2023-12-18 | WordPress e2pdf Plugin <= 1.20.18 is vulnerable to PHP Object Injection |
| CVE-2023-46212 | 2023-12-18 | WordPress WP EXtra Plugin <= 6.2 is vulnerable to Broken Access Control |
| CVE-2023-45887 | 2023-12-19 | DS Wireless Communication (DWC) with DWC_VERSION_3 and DWC_VERSION_11 allows remote... |
| CVE-2023-47267 | 2023-12-19 | An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client... |
| CVE-2023-49004 | 2023-12-19 | An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote attacker... |
| CVE-2023-49006 | 2023-12-19 | Cross Site Request Forgery (CSRF) vulnerability in Phpsysinfo version 3.4.3... |
| CVE-2023-49147 | 2023-12-19 | An issue was discovered in PDF24 Creator 11.14.0. The configuration... |
| CVE-2023-49706 | 2023-12-19 | Defective request context handling in Self Service in LinOTP 3.x... |
| CVE-2023-50466 | 2023-12-19 | An authenticated command injection vulnerability in Weintek cMT2078X easyweb Web... |
| CVE-2023-49489 | 2023-12-19 | Reflective Cross Site Scripting (XSS) vulnerability in KodExplorer version 4.51,... |
| CVE-2023-44982 | 2023-12-19 | WordPress WP Retina 2x Plugin <= 6.4.5 is vulnerable to Sensitive Data Exposure |
| CVE-2023-6314 | 2023-12-19 | Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all... |
| CVE-2023-6315 | 2023-12-19 | Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all... |
| CVE-2023-6940 | 2023-12-19 | Command Injection |
| CVE-2023-6488 | 2023-12-19 | The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress... |
| CVE-2014-125107 | 2023-12-19 | Corveda PHPSandbox String protection mechanism |
| CVE-2019-25157 | 2023-12-19 | Ethex Contracts Monthly Jackpot EthexJackpot.sol access control |
| CVE-2023-42015 | 2023-12-19 | IBM UrbanCode Deploy HTML injection |
| CVE-2023-5413 | 2023-12-19 | The Image horizontal reel scroll slideshow plugin for WordPress is... |
| CVE-2023-5432 | 2023-12-19 | The Jquery news ticker plugin for WordPress is vulnerable to... |
| CVE-2023-50376 | 2023-12-19 | WordPress Simple Membership Plugin <= 4.3.8 is vulnerable to Unauth. Reflected Cross Site Scripting (XSS) |
| CVE-2023-46104 | 2023-12-19 | Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb |
| CVE-2023-49736 | 2023-12-19 | Apache Superset: SQL Injection on where_in JINJA macro |
| CVE-2023-49734 | 2023-12-19 | Apache Superset: Privilege Escalation Vulnerability |
| CVE-2023-6945 | 2023-12-19 | SourceCodester Online Student Management System edit-student-detail.php cross site scripting |
| CVE-2023-6730 | 2023-12-19 | Deserialization of Untrusted Data in huggingface/transformers |
| CVE-2019-25158 | 2023-12-19 | pedroetb tts-api app.js onSpeechDone os command injection |
| CVE-2023-50762 | 2023-12-19 | When processing a PGP/MIME payload that contains digitally signed text,... |
| CVE-2023-50761 | 2023-12-19 | The signature of a digitally signed S/MIME email message may... |
| CVE-2023-6856 | 2023-12-19 | The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer... |
| CVE-2023-6857 | 2023-12-19 | When resolving a symlink, a race may occur where the... |
| CVE-2023-6858 | 2023-12-19 | Firefox was susceptible to a heap buffer overflow in `nsTextFragment`... |
| CVE-2023-6859 | 2023-12-19 | A use-after-free condition affected TLS socket creation when under memory... |
| CVE-2023-6860 | 2023-12-19 | The `VideoBridge` allowed any content process to use textures produced... |
| CVE-2023-6861 | 2023-12-19 | The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow... |
| CVE-2023-6862 | 2023-12-19 | A use-after-free was identified in the `nsDNSService::Init`. This issue appears... |
| CVE-2023-6863 | 2023-12-19 | The `ShutdownObserver()` was susceptible to potentially undefined behavior due to... |
| CVE-2023-6864 | 2023-12-19 | Memory safety bugs present in Firefox 120, Firefox ESR 115.5,... |
| CVE-2023-6135 | 2023-12-19 | Multiple NSS NIST curves were susceptible to a side-channel attack... |
| CVE-2023-6865 | 2023-12-19 | `EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could... |
| CVE-2023-6866 | 2023-12-19 | TypedArrays can be fallible and lacked proper exception handling. This... |
| CVE-2023-6867 | 2023-12-19 | The timing of a button click causing a popup to... |
| CVE-2023-6868 | 2023-12-19 | In some instances, the user-agent would allow push requests which... |
| CVE-2023-6869 | 2023-12-19 | A `<dialog>` element could have been manipulated to paint content... |
| CVE-2023-6870 | 2023-12-19 | Applications which spawn a Toast notification in a background thread... |
| CVE-2023-6871 | 2023-12-19 | Under certain conditions, Firefox did not display a warning when... |
| CVE-2023-6872 | 2023-12-19 | Browser tab titles were being leaked by GNOME to system... |
| CVE-2023-6873 | 2023-12-19 | Memory safety bugs present in Firefox 120. Some of these... |
| CVE-2023-6931 | 2023-12-19 | Out-of-bounds write in Linux kernel's Performance Events system component |
| CVE-2023-6932 | 2023-12-19 | Use-after-free in Linux kernel's ipv4: igmp component |
| CVE-2023-1514 | 2023-12-19 | A vulnerability exists in the component RTU500 Scripting interface. When... |
| CVE-2023-6913 | 2023-12-19 | Session Hijacking on Imou Life app |
| CVE-2023-6711 | 2023-12-19 | Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104... |
| CVE-2023-6280 | 2023-12-19 | XML External Entity Reference on 52North WPS |
| CVE-2023-43870 | 2023-12-19 | When installing the Net2 software a root certificate is installed... |
| CVE-2023-44983 | 2023-12-19 | WordPress Aruba HiSpeed Cache Plugin <= 2.0.6 is vulnerable to Sensitive Data Exposure |