Lista CVE - 2023 / Aprile
Visualizzazione 1201 - 1300 di 2302 CVE per Aprile 2023 (Pagina 13 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2018-17453 | 2023-04-15 | An issue was discovered in GitLab Community and Enterprise Edition... |
| CVE-2018-17454 | 2023-04-15 | An issue was discovered in GitLab Community and Enterprise Edition... |
| CVE-2018-17455 | 2023-04-15 | An issue was discovered in GitLab Enterprise Edition before 11.1.7,... |
| CVE-2018-17536 | 2023-04-15 | An issue was discovered in GitLab Community and Enterprise Edition... |
| CVE-2018-17537 | 2023-04-15 | An issue was discovered in GitLab Community and Enterprise Edition... |
| CVE-2018-17883 | 2023-04-15 | An issue was discovered in Open Ticket Request System (OTRS)... |
| CVE-2019-14942 | 2023-04-15 | An issue was discovered in GitLab Community and Enterprise Edition... |
| CVE-2019-14944 | 2023-04-15 | An issue was discovered in GitLab Community and Enterprise Edition... |
| CVE-2020-17354 | 2023-04-15 | LilyPond before 2.24 allows attackers to bypass the -dsafe protection... |
| CVE-2020-27545 | 2023-04-15 | libdwarf before 20201017 has a one-byte out-of-bounds read because of... |
| CVE-2020-28163 | 2023-04-15 | libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and... |
| CVE-2020-29007 | 2023-04-15 | The Score extension through 0.3.0 for MediaWiki has a remote... |
| CVE-2021-30153 | 2023-04-15 | An issue was discovered in the VisualEditor extension in MediaWiki... |
| CVE-2021-34337 | 2023-04-15 | An issue was discovered in Mailman Core before 3.3.5. An... |
| CVE-2021-39295 | 2023-04-15 | In OpenBMC 2.9, crafted IPMI messages allow an attacker to... |
| CVE-2021-43612 | 2023-04-15 | In lldpd before 1.0.13, when decoding SONMP packets in the... |
| CVE-2021-45464 | 2023-04-15 | kvmtool through 39181fc allows an out-of-bounds write, related to virtio/balloon.c... |
| CVE-2022-2525 | 2023-04-15 | Improper Restriction of Excessive Authentication Attempts in janeczku/calibre-web |
| CVE-2022-43696 | 2023-04-15 | OX App Suite before 7.10.6-rev20 allows XSS via upsell ads. |
| CVE-2022-43697 | 2023-04-15 | OX App Suite before 7.10.6-rev30 allows XSS via an activity... |
| CVE-2022-43698 | 2023-04-15 | OX App Suite before 7.10.6-rev30 allows SSRF because changing a... |
| CVE-2022-43699 | 2023-04-15 | OX App Suite before 7.10.6-rev30 allows SSRF because e-mail account... |
| CVE-2022-45030 | 2023-04-15 | A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command=... |
| CVE-2022-47522 | 2023-04-15 | The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers... |
| CVE-2022-48177 | 2023-04-15 | X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered... |
| CVE-2022-48178 | 2023-04-15 | X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered... |
| CVE-2023-2102 | 2023-04-15 | Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments |
| CVE-2023-2103 | 2023-04-15 | Cross-site Scripting (XSS) - Stored in alextselegidis/easyappointments |
| CVE-2023-2104 | 2023-04-15 | Improper Access Control in alextselegidis/easyappointments |
| CVE-2023-2105 | 2023-04-15 | Session Fixation in alextselegidis/easyappointments |
| CVE-2023-2106 | 2023-04-15 | Weak Password Requirements in janeczku/calibre-web |
| CVE-2023-22669 | 2023-04-15 | Parsing of DWG files in Open Design Alliance Drawings SDK... |
| CVE-2023-22670 | 2023-04-15 | A heap-based buffer overflow exists in the DXF file reading... |
| CVE-2023-2089 | 2023-04-15 | SourceCodester Complaint Management System GET Parameter userprofile.php sql injection |
| CVE-2023-2027 | 2023-04-15 | The ZM Ajax Login & Register plugin for WordPress is... |
| CVE-2023-2091 | 2023-04-15 | KylinSoft youker-assistant adjust_cpufreq_scaling_governer os command injection |
| CVE-2023-2090 | 2023-04-15 | SourceCodester Employee and Visitor Gate Pass Logging System GET Parameter view_designation.php sql injection |
| CVE-2023-2092 | 2023-04-15 | SourceCodester Vehicle Service Management System view_service.php sql injection |
| CVE-2023-2093 | 2023-04-15 | SourceCodester Vehicle Service Management System Login.php sql injection |
| CVE-2023-2094 | 2023-04-15 | SourceCodester Vehicle Service Management System manage_mechanic.php sql injection |
| CVE-2023-2095 | 2023-04-15 | SourceCodester Vehicle Service Management System manage_category.php sql injection |
| CVE-2023-2096 | 2023-04-15 | SourceCodester Vehicle Service Management System manage_inventory.php sql injection |
| CVE-2023-2097 | 2023-04-15 | SourceCodester Vehicle Service Management System Master.php sql injection |
| CVE-2023-2098 | 2023-04-15 | SourceCodester Vehicle Service Management System topBarNav.php cross site scripting |
| CVE-2023-2099 | 2023-04-15 | SourceCodester Vehicle Service Management System Users.php cross site scripting |
| CVE-2023-2100 | 2023-04-15 | SourceCodester Vehicle Service Management System index.php cross site scripting |
| CVE-2023-2101 | 2023-04-15 | moxi624 Mogu Blog v2 uploadPicsByUrl uploadPictureByUrl absolute path traversal |
| CVE-2023-2107 | 2023-04-15 | IBOS del&op=recycle sql injection |
| CVE-2023-29201 | 2023-04-15 | org.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability |
| CVE-2023-29202 | 2023-04-15 | org.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerability |
| CVE-2023-29203 | 2023-04-15 | Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm |
| CVE-2023-29204 | 2023-04-15 | URL Redirection to Untrusted Site ('Open Redirect') in org.xwiki.platform:xwiki-platform-oldcore |
| CVE-2023-29205 | 2023-04-15 | org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro |
| CVE-2023-29206 | 2023-04-15 | org.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins |
| CVE-2023-29207 | 2023-04-15 | Improper Neutralization of Script-Related HTML Tags (XSS) in the LiveTable Macro |
| CVE-2023-29208 | 2023-04-15 | Data leak through deleted documents |
| CVE-2023-29209 | 2023-04-15 | org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerability |
| CVE-2023-29210 | 2023-04-15 | org.xwiki.platform:xwiki-platform-notifications-ui Eval Injection vulnerability |
| CVE-2015-10101 | 2023-04-15 | Google Analytics Top Content Widget Plugin class-tgm-plugin-activation.php cross site scripting |
| CVE-2022-37705 | 2023-04-16 | A privilege escalation flaw was found in Amanda 3.5.1 in... |
| CVE-2021-33990 | 2023-04-16 | Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. NOTE:... |
| CVE-2021-36520 | 2023-04-16 | A SQL injection vulnerability in I-Tech Trainsmart r1044 exists via... |
| CVE-2022-28353 | 2023-04-16 | In the External Redirect Warning Plugin 1.3 for MyBB, the... |
| CVE-2022-30076 | 2023-04-16 | ENTAB ERP 1.0 allows attackers to discover users' full names... |
| CVE-2022-34125 | 2023-04-16 | front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows... |
| CVE-2022-34126 | 2023-04-16 | The Activity plugin before 3.1.1 for GLPI allows reading local... |
| CVE-2022-34127 | 2023-04-16 | The Managentities plugin before 4.0.2 for GLPI allows reading local... |
| CVE-2022-34128 | 2023-04-16 | The Cartography (aka positions) plugin before 6.0.1 for GLPI allows... |
| CVE-2022-37186 | 2023-04-16 | In LemonLDAP::NG before 2.0.15. some sessions are not deleted when... |
| CVE-2022-37255 | 2023-04-16 | TP-Link Tapo C310 1.3.0 devices allow access to the RTSP... |
| CVE-2022-37306 | 2023-04-16 | OX App Suite before 7.10.6-rev30 allows XSS via an upsell... |
| CVE-2022-37704 | 2023-04-16 | Amanda 3.5.1 allows privilege escalation from the regular user backup... |
| CVE-2022-38840 | 2023-04-16 | cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML... |
| CVE-2022-38841 | 2023-04-16 | Linksys AX3200 1.1.00 is vulnerable to OS command injection by... |
| CVE-2022-40946 | 2023-04-16 | On D-Link DIR-819 Firmware Version 1.06 Hardware Version A1 devices,... |
| CVE-2023-30772 | 2023-04-16 | The Linux kernel before 6.2.9 has a race condition and... |
| CVE-2022-48312 | 2023-04-16 | The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation... |
| CVE-2023-29211 | 2023-04-16 | org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerability |
| CVE-2023-29212 | 2023-04-16 | xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability |
| CVE-2023-29214 | 2023-04-16 | org.xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability |
| CVE-2023-29506 | 2023-04-16 | org.xwiki.platform:xwiki-platform-security-authentication-default XSS with authenticated endpoints |
| CVE-2023-29507 | 2023-04-16 | org.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors |
| CVE-2023-29508 | 2023-04-16 | org.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Cross-site Scripting |
| CVE-2023-29509 | 2023-04-16 | org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability |
| CVE-2023-30537 | 2023-04-16 | org.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalation |
| CVE-2022-48313 | 2023-04-16 | The Bluetooth module has a vulnerability of bypassing the user... |
| CVE-2023-29511 | 2023-04-16 | xwiki-platform-administration-ui vulnerable to privilege escalation |
| CVE-2023-30542 | 2023-04-16 | GovernorCompatibilityBravo may trim proposal calldata |
| CVE-2022-48314 | 2023-04-16 | The Bluetooth module has a vulnerability of bypassing the user... |
| CVE-2023-2108 | 2023-04-16 | SourceCodester Judging Management System edit_contestant.php sql injection |
| CVE-2023-27610 | 2023-04-16 | WordPress Transbank Webpay REST Plugin <= 1.6.6 is vulnerable to SQL Injection |
| CVE-2023-30474 | 2023-04-16 | WordPress Ultimate Noindex Nofollow Tool II Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-22687 | 2023-04-16 | WordPress Freesoul Deactivate Plugins – Plugin manager and cleanup Plugin <= 1.9.4.0 is vulnerable to Sensitive Data Exposure |
| CVE-2022-43480 | 2023-04-16 | WordPress Homepage Pop-up Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-43458 | 2023-04-16 | WordPress Advanced Floating Content Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-44734 | 2023-04-16 | WordPress Car Rental by BestWebSoft Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-45849 | 2023-04-16 | WordPress Activello Theme <= 1.4.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2021-33797 | 2023-04-17 | Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to... |
| CVE-2022-44726 | 2023-04-17 | The TouchDown Timesheet tracking component 4.1.4 for Jira allows XSS... |
| CVE-2022-46389 | 2023-04-17 | Cross-Site Scripting (XSS) vulnerability found on logout functionality |