Lista CVE - 2023 / Aprile
Visualizzazione 1401 - 1500 di 2302 CVE per Aprile 2023 (Pagina 15 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-2145 | 2023-04-18 | Campcodes Online Thesis Archiving System projects_per_curriculum.php sql injection |
| CVE-2023-2020 | 2023-04-18 | Unauthorized scheduling of downtimes via REST API |
| CVE-2023-2146 | 2023-04-18 | Campcodes Online Thesis Archiving System Master.php sql injection |
| CVE-2023-2147 | 2023-04-18 | Campcodes Online Thesis Archiving System view_details.php sql injection |
| CVE-2023-2148 | 2023-04-18 | Campcodes Online Thesis Archiving System view_curriculum.php sql injection |
| CVE-2022-45838 | 2023-04-18 | WordPress ARForms Form Builder Plugin <= 1.5.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2149 | 2023-04-18 | Campcodes Online Thesis Archiving System manage_user.php sql injection |
| CVE-2022-45839 | 2023-04-18 | WordPress WHA Puzzle Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-44735 | 2023-04-18 | WordPress WP Clictracker Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2150 | 2023-04-18 | SourceCodester Task Reminder System Master.php sql injection |
| CVE-2023-2151 | 2023-04-18 | SourceCodester Student Study Center Desk Management System manage_student.php sql injection |
| CVE-2022-44632 | 2023-04-18 | WordPress Content Repeater – Custom Posts Simplified Plugin <= 1.1.13 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2152 | 2023-04-18 | SourceCodester Student Study Center Desk Management System index.php file inclusion |
| CVE-2022-45836 | 2023-04-18 | WordPress Download Manager Plugin <= 3.2.59 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2153 | 2023-04-18 | SourceCodester Complaint Management System POST Parameter editable_ajax.php cross site scripting |
| CVE-2023-2154 | 2023-04-18 | SourceCodester Task Reminder System sql injection |
| CVE-2023-2155 | 2023-04-18 | SourceCodester Air Cargo Management System cross site scripting |
| CVE-2023-28140 | 2023-04-18 | Executable Hijacking |
| CVE-2023-28141 | 2023-04-18 | NTFS Junction |
| CVE-2023-28142 | 2023-04-18 | Race Condition |
| CVE-2023-28143 | 2023-04-18 | Local Privilege Escalation |
| CVE-2023-27976 | 2023-04-18 | A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause remote code execution when a valid user visits a malicious link provided through the web endpoints. Affected... |
| CVE-2023-1548 | 2023-04-18 | A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to perform a denial of service through the console server service that is part of EcoStruxure Control... |
| CVE-2023-25556 | 2023-04-18 | A CWE-287: Improper Authentication vulnerability exists that could allow a device to be compromised when a key of less than seven digits is entered and the attacker has access to... |
| CVE-2023-22307 | 2023-04-18 | Site-Passwords in GET parameters |
| CVE-2023-22294 | 2023-04-18 | Privilege escalation in Checkmk Appliance |
| CVE-2022-34755 | 2023-04-18 | A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which... |
| CVE-2023-21896 | 2023-04-18 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon... |
| CVE-2023-21902 | 2023-04-18 | Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications (component: Application). The supported version that is affected is 8.0.8.1. Easily exploitable vulnerability allows low... |
| CVE-2023-21903 | 2023-04-18 | Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: OBVAM Internal Tfr Domain). Supported versions that are affected are 14.5, 14.6 and 14.7. Difficult... |
| CVE-2023-21904 | 2023-04-18 | Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: OBVAM Trn Journal Domain). Supported versions that are affected are 14.5, 14.6 and 14.7. Difficult... |
| CVE-2023-21905 | 2023-04-18 | Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: Routing Hub). Supported versions that are affected are 14.5, 14.6 and 14.7. Easily exploitable vulnerability... |
| CVE-2023-21906 | 2023-04-18 | Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: SMS Module). Supported versions that are affected are 14.5, 14.6 and 14.7. Easily exploitable vulnerability... |
| CVE-2023-21907 | 2023-04-18 | Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: OBVAM Trn Journal Domain). Supported versions that are affected are 14.5, 14.6 and 14.7. Difficult... |
| CVE-2023-21908 | 2023-04-18 | Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: OBVAM Trn Journal Domain). Supported versions that are affected are 14.5, 14.6 and 14.7. Difficult... |
| CVE-2023-21909 | 2023-04-18 | Vulnerability in the Siebel CRM product of Oracle Siebel CRM (component: UI Framework). Supported versions that are affected are 23.3 and prior. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2023-21910 | 2023-04-18 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Web General). Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low... |
| CVE-2023-21911 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access... |
| CVE-2023-21912 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 5.7.41 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows... |
| CVE-2023-21913 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21915 | 2023-04-18 | Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Book/Internal Transfer). Supported versions that are affected are 14.5, 14.6 and 14.7. Easily exploitable vulnerability allows low... |
| CVE-2023-21916 | 2023-04-18 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Web Server). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21917 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21918 | 2023-04-18 | Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local... |
| CVE-2023-21919 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21920 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21921 | 2023-04-18 | Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable... |
| CVE-2023-21922 | 2023-04-18 | Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Difficult to... |
| CVE-2023-21923 | 2023-04-18 | Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable... |
| CVE-2023-21924 | 2023-04-18 | Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable... |
| CVE-2023-21925 | 2023-04-18 | Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable... |
| CVE-2023-21926 | 2023-04-18 | Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable... |
| CVE-2023-21927 | 2023-04-18 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Interoperability SEC). Supported versions that are affected are Prior to 9.2.7.3. Easily exploitable vulnerability allows low privileged... |
| CVE-2023-21928 | 2023-04-18 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: IPS repository daemon). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with... |
| CVE-2023-21929 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21930 | 2023-04-18 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6,... |
| CVE-2023-21931 | 2023-04-18 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21932 | 2023-04-18 | Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: OXI). The supported version that is affected is 5.6. Difficult to exploit vulnerability allows high... |
| CVE-2023-21933 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21934 | 2023-04-18 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having User Account... |
| CVE-2023-21935 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21936 | 2023-04-18 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.7.3. Easily exploitable vulnerability allows low... |
| CVE-2023-21937 | 2023-04-18 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6,... |
| CVE-2023-21938 | 2023-04-18 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6,... |
| CVE-2023-21939 | 2023-04-18 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6,... |
| CVE-2023-21940 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker... |
| CVE-2023-21941 | 2023-04-18 | Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2023-21942 | 2023-04-18 | Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise... |
| CVE-2023-21943 | 2023-04-18 | Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise... |
| CVE-2023-21944 | 2023-04-18 | Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise... |
| CVE-2023-21945 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21946 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows low privileged attacker with network... |
| CVE-2023-21947 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker... |
| CVE-2023-21948 | 2023-04-18 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Core). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the... |
| CVE-2023-21952 | 2023-04-18 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Server). The supported version that is affected is 6.4.0.0.0. Easily exploitable vulnerability allows low privileged attacker... |
| CVE-2023-21953 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21954 | 2023-04-18 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6;... |
| CVE-2023-21955 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21956 | 2023-04-18 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21959 | 2023-04-18 | Vulnerability in the Oracle iReceivables product of Oracle E-Business Suite (component: Attachments). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via... |
| CVE-2023-21960 | 2023-04-18 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with... |
| CVE-2023-21962 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2023-21963 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Supported versions that are affected are 5.7.40 and prior and 8.0.31 and prior. Easily exploitable vulnerability allows... |
| CVE-2023-21964 | 2023-04-18 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21965 | 2023-04-18 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Server). The supported version that is affected is 6.4.0.0.0. Easily exploitable vulnerability allows low privileged attacker... |
| CVE-2023-21966 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21967 | 2023-04-18 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6,... |
| CVE-2023-21968 | 2023-04-18 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6,... |
| CVE-2023-21969 | 2023-04-18 | Vulnerability in Oracle SQL Developer (component: Installation). Supported versions that are affected are Prior to 23.1.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle... |
| CVE-2023-21970 | 2023-04-18 | Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Security). The supported version that is affected is 6.4.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access... |
| CVE-2023-21971 | 2023-04-18 | Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network... |
| CVE-2023-21972 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21973 | 2023-04-18 | Vulnerability in the Oracle iProcurement product of Oracle E-Business Suite (component: E-Content Manager Catalog). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network... |
| CVE-2023-21976 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21977 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21978 | 2023-04-18 | Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: GUI). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network... |
| CVE-2023-21979 | 2023-04-18 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21980 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Difficult to exploit vulnerability allows... |
| CVE-2023-21981 | 2023-04-18 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows high privileged attacker... |
| CVE-2023-21982 | 2023-04-18 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |