Lista CVE - 2023 / Gennaio
Visualizzazione 201 - 300 di 2351 CVE per Gennaio 2023 (Pagina 3 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-39084 | 2023-01-04 | In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. |
| CVE-2022-39085 | 2023-01-04 | In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. |
| CVE-2022-39086 | 2023-01-04 | In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. |
| CVE-2022-39087 | 2023-01-04 | In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. |
| CVE-2022-39088 | 2023-01-04 | In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. |
| CVE-2022-39104 | 2023-01-04 | In contacts service, there is a missing permission check. This could lead to local denial of service in Contacts service with no additional execution privileges needed. |
| CVE-2022-39116 | 2023-01-04 | In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39118 | 2023-01-04 | In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-44422 | 2023-01-04 | In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| CVE-2022-44423 | 2023-01-04 | In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| CVE-2022-44424 | 2023-01-04 | In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| CVE-2022-44425 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44426 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44427 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44428 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44429 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44430 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44431 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44432 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44434 | 2023-01-04 | In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| CVE-2022-44435 | 2023-01-04 | In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| CVE-2022-44436 | 2023-01-04 | In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| CVE-2022-44437 | 2023-01-04 | In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| CVE-2022-44438 | 2023-01-04 | In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| CVE-2022-44439 | 2023-01-04 | In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| CVE-2022-44440 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44441 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44442 | 2023-01-04 | In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. |
| CVE-2022-44443 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44444 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44445 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-44446 | 2023-01-04 | In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| CVE-2022-46081 | 2023-01-04 | In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from continued exposure of private personal information. NOTE: this is disputed by the vendor because the LiveTrack... |
| CVE-2022-46456 | 2023-01-04 | NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c. |
| CVE-2022-46457 | 2023-01-04 | NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c. |
| CVE-2022-48216 | 2023-01-04 | Uniswap Universal Router before 1.1.0 mishandles reentrancy. This would have allowed theft of funds. |
| CVE-2023-0046 | 2023-01-04 | Improper Restriction of Names for Files and Other Resources in lirantal/daloradius |
| CVE-2023-0048 | 2023-01-04 | Code Injection in lirantal/daloradius |
| CVE-2023-0049 | 2023-01-04 | Out-of-bounds Read in vim/vim |
| CVE-2023-0051 | 2023-01-04 | Heap-based Buffer Overflow in vim/vim |
| CVE-2023-0054 | 2023-01-04 | Out-of-bounds Write in vim/vim |
| CVE-2023-0055 | 2023-01-04 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in pyload/pyload |
| CVE-2010-10003 | 2023-01-04 | gesellix titlelink plugin_content_title.php sql injection |
| CVE-2014-125039 | 2023-01-04 | kkokko NeoXplora Trainer cross site scripting |
| CVE-2019-25094 | 2023-01-04 | innologi appointments Extension Appointment cross site scripting |
| CVE-2020-36639 | 2023-01-04 | AlliedModders AMX Mod X Console Command adminvote.sma cmdVoteMap path traversal |
| CVE-2016-15008 | 2023-01-04 | oxguy3 coebot-www channel.js showChannelBoir cross site scripting |
| CVE-2023-22457 | 2023-01-04 | org.xwiki.contrib:application-ckeditor-ui vulnerable to Remote Code Execution via Cross-Site Request Forgery |
| CVE-2023-22460 | 2023-01-04 | go-ipld-prime json codec may panic if asked to encode bytes |
| CVE-2023-22461 | 2023-01-04 | sanitize-svg Filter Bypass Allows Cross-Site Scripting (XSS) |
| CVE-2022-45875 | 2023-01-04 | Apache DolphinScheduler: Remote command execution Vulnerability in script alert plugin |
| CVE-2023-22463 | 2023-01-04 | KubePi's Hardcoded Jwtsigkeys allows malicious actor to login with a forged JWT token |
| CVE-2023-22464 | 2023-01-04 | ViewVC XSS vulnerability in revision view changed path "copyfrom" locations |
| CVE-2023-22465 | 2023-01-04 | Http4s has fatal error parsing User-Agent and Server headers |
| CVE-2022-46180 | 2023-01-04 | Arbitrary HTML injection in discourse-mermaid-theme-component |
| CVE-2022-22352 | 2023-01-04 | IBM Sterling B2B Integrator Standard Edition cross-site scripting |
| CVE-2022-25926 | 2023-01-04 | Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization. |
| CVE-2022-34330 | 2023-01-04 | IBM Sterling B2B Integrator cross-site scripting |
| CVE-2022-43920 | 2023-01-04 | IBM Sterling B2B Integrator Standard Edition privilege escalation |
| CVE-2021-38928 | 2023-01-04 | IBM Sterling B2B Integrator Standard Edition cross-origin resource sharing |
| CVE-2022-22371 | 2023-01-04 | IBM Sterling B2B Integrator Standard Edition session fixation |
| CVE-2022-22338 | 2023-01-04 | IBM Sterling B2B Integrator Standard Edition SQL injection |
| CVE-2022-22337 | 2023-01-04 | IBM Sterling B2B Integrator Standard Edition information disclosure |
| CVE-2022-45052 | 2023-01-04 | Local File Inclusion in Axiell Iguana CMS |
| CVE-2022-45049 | 2023-01-04 | Reflected XSS in Axiell Iguana CMS |
| CVE-2022-45051 | 2023-01-04 | Reflected POST XSS in Axiell Iguana CMS |
| CVE-2021-4300 | 2023-01-04 | ghostlander Halcyon Block Verification main.cpp AddToBlockIndex access control |
| CVE-2021-4302 | 2023-01-04 | slackero phpwcms SVG File cross site scripting |
| CVE-2022-4875 | 2023-01-04 | fossology cross site scripting |
| CVE-2023-22466 | 2023-01-04 | Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe |
| CVE-2023-22467 | 2023-01-04 | luxon.js inefficient regular expression complexity vulnerability |
| CVE-2022-4876 | 2023-01-04 | Kaltura mwEmbed DefaultSettings.php cross site scripting |
| CVE-2021-32828 | 2023-01-05 | Regular expression Denial of Service in MooTools |
| CVE-2022-23548 | 2023-01-05 | Discourse is an option source discussion platform. Prior to version 2.8.14 on the `stable` branch and version 2.9.0.beta16 on the `beta` and `tests-passed` branches, parsing posts can be susceptible to... |
| CVE-2022-23549 | 2023-01-05 | Discourse vulnerable to bypass of post max_length using HTML comments |
| CVE-2022-3715 | 2023-01-05 | A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems. |
| CVE-2022-4378 | 2023-01-05 | A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash... |
| CVE-2022-44877 | 2023-01-05 | login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter. |
| CVE-2022-45995 | 2023-01-05 | There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is... |
| CVE-2022-46489 | 2023-01-05 | GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c. |
| CVE-2022-46490 | 2023-01-05 | GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c. |
| CVE-2022-47086 | 2023-01-05 | GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.c |
| CVE-2022-47087 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c |
| CVE-2022-47088 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow. |
| CVE-2022-47089 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gf_vvc_read_sps_bs_internal function of media_tools/av_parsers.c |
| CVE-2022-47091 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c |
| CVE-2022-47092 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is contains an Integer overflow vulnerability in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8316 |
| CVE-2022-47093 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid |
| CVE-2022-47094 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid |
| CVE-2022-47095 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c |
| CVE-2022-47523 | 2023-01-05 | Zoho ManageEngine Access Manager Plus before 4309, Password Manager Pro before 12210, and PAM360 before 5801 are vulnerable to SQL Injection. |
| CVE-2022-47543 | 2023-01-05 | An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects. |
| CVE-2022-47544 | 2023-01-05 | An issue was discovered in Siren Investigate before 12.1.7. Script variable whitelisting is insufficiently sandboxed. |
| CVE-2022-47653 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3_update_channels function of media_tools/av_parsers.c:9113 |
| CVE-2022-47654 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261 |
| CVE-2022-47655 | 2023-01-05 | Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback<unsigned short> |
| CVE-2022-47656 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273 |
| CVE-2022-47657 | 2023-01-05 | GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662 |
| CVE-2022-47658 | 2023-01-05 | GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function gf_hevc_read_vps_bs_internal of media_tools/av_parsers.c:8039 |
| CVE-2022-47659 | 2023-01-05 | GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_data |