Lista CVE - 2023 / Maggio
Visualizzazione 1501 - 1600 di 2420 CVE per Maggio 2023 (Pagina 16 di 25)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-20172 | 2023-05-18 | Cisco Identity Services Engine Arbitrary File Delete and File Read Vulnerabilities |
| CVE-2023-20173 | 2023-05-18 | Cisco Identity Services Engine XML External Entity Injection Vulnerabilities |
| CVE-2023-20174 | 2023-05-18 | Cisco Identity Services Engine XML External Entity Injection Vulnerabilities |
| CVE-2023-20182 | 2023-05-18 | Cisco DNA Center Software API Vulnerabilities |
| CVE-2023-20183 | 2023-05-18 | Cisco DNA Center Software API Vulnerabilities |
| CVE-2023-20184 | 2023-05-18 | Cisco DNA Center Software API Vulnerabilities |
| CVE-2023-20189 | 2023-05-18 | Cisco Small Business Series Switches Buffer Overflow Vulnerabilities |
| CVE-2023-27217 | 2023-05-18 | A stack-based buffer overflow in the ChangeFriendlyName() function of Belkin... |
| CVE-2023-2800 | 2023-05-18 | Insecure Temporary File in huggingface/transformers |
| CVE-2023-28369 | 2023-05-18 | Brother iPrint&Scan V6.11.2 and earlier contains an improper access control... |
| CVE-2023-29720 | 2023-05-18 | SofaWiki <=3.8.9 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2023-29857 | 2023-05-18 | An issue in Teslamate v1.27.1 allows attackers to obtain sensitive... |
| CVE-2023-29985 | 2023-05-18 | Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.php#date_from has... |
| CVE-2023-31597 | 2023-05-18 | An issue in Zammad v5.4.0 allows attackers to bypass e-mail... |
| CVE-2023-31655 | 2023-05-18 | redis v7.0.10 was discovered to contain a segmentation violation. This... |
| CVE-2023-31729 | 2023-05-18 | TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi. |
| CVE-2023-31871 | 2023-05-18 | OpenText Documentum Content Server before 23.2 has a flaw that... |
| CVE-2023-33204 | 2023-05-18 | sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow... |
| CVE-2023-1195 | 2023-05-18 | A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in... |
| CVE-2023-30124 | 2023-05-18 | LavaLite v9.0.0 is vulnerable to Cross Site Scripting (XSS). |
| CVE-2023-30333 | 2023-05-18 | An arbitrary file upload vulnerability in the component /admin/ThemeController.java of... |
| CVE-2023-33203 | 2023-05-18 | The Linux kernel before 6.2.9 has a race condition and... |
| CVE-2023-2757 | 2023-05-18 | The Waiting: One-click countdowns plugin for WordPress is vulnerable to... |
| CVE-2023-30868 | 2023-05-18 | WordPress CMS Tree Page View Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-30487 | 2023-05-18 | WordPress LearnPress Export Import Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-45453 | 2023-05-18 | TLS/SSL weak cipher suites enabled. The following products are affected:... |
| CVE-2022-45452 | 2023-05-18 | Local privilege escalation due to insecure folder permissions. The following... |
| CVE-2022-45457 | 2023-05-18 | Sensitive information disclosure and manipulation due to improper certification validation.... |
| CVE-2022-45458 | 2023-05-18 | Sensitive information disclosure and manipulation due to improper certification validation.... |
| CVE-2022-45459 | 2023-05-18 | Sensitive information disclosure due to insecure registry permissions. The following... |
| CVE-2022-45450 | 2023-05-18 | Sensitive information disclosure and manipulation due to improper authorization. The... |
| CVE-2023-31233 | 2023-05-18 | WordPress Baidu Tongji generator Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32515 | 2023-05-18 | WordPress Custom Field Suite Plugin <= 2.6.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-4418 | 2023-05-18 | Local privilege escalation due to unrestricted loading of unsigned libraries.... |
| CVE-2023-30780 | 2023-05-18 | WordPress User IP and Location Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47157 | 2023-05-18 | WordPress WP Custom Fields Search Plugin <= 1.2.34 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23999 | 2023-05-18 | WordPress Google Analytics by Monster Insights Plugin <= 8.14.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2782 | 2023-05-18 | Sensitive information disclosure due to improper authorization. The following products... |
| CVE-2023-23667 | 2023-05-18 | WordPress Brands for WooCommerce Plugin <= 3.7.0.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-27423 | 2023-05-18 | WordPress Auto Prune Posts Plugin <= 1.8.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-27430 | 2023-05-18 | WordPress Mass Delete Unused Tags Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-25698 | 2023-05-18 | WordPress Shoppable Images Lite Plugin <= 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-2789 | 2023-05-18 | GNU cflow parser.c parse_variable_declaration denial of service |
| CVE-2023-2790 | 2023-05-18 | TOTOLINK N200RE Telnet Service custom.conf password in configuration file |
| CVE-2023-2799 | 2023-05-18 | cnoa OA hard-coded password |
| CVE-2023-32322 | 2023-05-18 | Arbitrary file read in Ombi |
| CVE-2022-36326 | 2023-05-18 | Resource Exhaustion Vulnerability in Western Digital devices |
| CVE-2022-36327 | 2023-05-18 | Path traversal vulnerability leading to an arbitrary file write in Western Digital devices |
| CVE-2022-36328 | 2023-05-18 | Path Traversal Vulnerability leading to an arbitrary file read in Western Digital devices |
| CVE-2023-0965 | 2023-05-18 | Key duplication in GSDK |
| CVE-2023-1132 | 2023-05-18 | Key duplication in GSDK |
| CVE-2023-2481 | 2023-05-18 | Key duplication in GSDK |
| CVE-2023-32096 | 2023-05-18 | Key duplication in GSDK |
| CVE-2023-32097 | 2023-05-18 | Key duplication in GSDK |
| CVE-2023-32098 | 2023-05-18 | Key duplication in GSDK |
| CVE-2023-32099 | 2023-05-18 | Key duplication in GSDK |
| CVE-2023-32100 | 2023-05-18 | Key duplication in GSDK |
| CVE-2023-2024 | 2023-05-18 | Improper Authentication for OpenBlue Enterprise Manager Data Collector |
| CVE-2023-2025 | 2023-05-18 | Exposure of Sensitive Information in OpenBlue Enterprise Manager Data Collector |
| CVE-2023-23556 | 2023-05-18 | An error in BigInt conversion to Number in Hermes prior... |
| CVE-2023-23557 | 2023-05-18 | An error in Hermes' algorithm for copying objects properties prior... |
| CVE-2023-23759 | 2023-05-18 | There is a vulnerability in the fizz library prior to... |
| CVE-2023-24832 | 2023-05-18 | A null pointer dereference bug in Hermes prior to commit... |
| CVE-2023-24833 | 2023-05-18 | A use-after-free in BigIntPrimitive addition in Hermes prior to commit... |
| CVE-2023-25933 | 2023-05-18 | A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81... |
| CVE-2023-28081 | 2023-05-18 | A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81... |
| CVE-2023-28753 | 2023-05-18 | netconsd prior to v0.2 was vulnerable to an integer overflow... |
| CVE-2023-30470 | 2023-05-18 | A use-after-free related to unsound inference in the bytecode generation... |
| CVE-2022-35798 | 2023-05-18 | Azure Arc Jumpstart Information Disclosure Vulnerability |
| CVE-2023-32680 | 2023-05-18 | Missing SQL permissions check in metabase |
| CVE-2022-30114 | 2023-05-19 | A heap-based buffer overflow in a network service in Fastweb... |
| CVE-2023-20881 | 2023-05-19 | Cloud foundry instances having CAPI version between 1.140 and 1.152.0... |
| CVE-2023-26818 | 2023-05-19 | Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files,... |
| CVE-2023-30199 | 2023-05-19 | Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control... |
| CVE-2023-30774 | 2023-05-19 | A vulnerability was found in the libtiff library. This flaw... |
| CVE-2023-30775 | 2023-05-19 | A vulnerability was found in the libtiff library. This security... |
| CVE-2023-31707 | 2023-05-19 | SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php. |
| CVE-2023-31756 | 2023-05-19 | A command injection vulnerability exists in the administrative web portal... |
| CVE-2023-31757 | 2023-05-19 | DedeCMS up to v5.7.108 is vulnerable to XSS in sys_info.php... |
| CVE-2023-31862 | 2023-05-19 | jizhicms v2.4.6 is vulnerable to Cross Site Scripting (XSS). The... |
| CVE-2023-33240 | 2023-05-19 | Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor... |
| CVE-2023-2704 | 2023-05-19 | The BP Social Connect plugin for WordPress is vulnerable to... |
| CVE-2023-1618 | 2023-05-19 | Authentication Bypass Vulnerability in MELSEC WS Series Ethernet Interface Module |
| CVE-2023-2806 | 2023-05-19 | Weaver e-cology API RequestInfoByXml xml external entity reference |
| CVE-2023-28045 | 2023-05-19 | Dell CloudIQ Collector version 1.10.2 contains a missing encryption of... |
| CVE-2023-28514 | 2023-05-19 | IBM MQ information disclosure |
| CVE-2023-28950 | 2023-05-19 | IBM MQ information disclosure |
| CVE-2023-28529 | 2023-05-19 | IBM InfoSphere Information Server 11.7 |
| CVE-2023-22878 | 2023-05-19 | IBM InfoSphere Information Server information disclosure |
| CVE-2022-47984 | 2023-05-19 | IBM InfoSphere Information Server SQL injection |
| CVE-2023-2814 | 2023-05-19 | SourceCodester Class Scheduling System POST Parameter save_teacher.php cross site scripting |
| CVE-2023-2815 | 2023-05-19 | SourceCodester Online Jewelry Store POST Parameter supplier.php sql injection |
| CVE-2023-1996 | 2023-05-19 | Reflected Cross-site Scripting (XSS) vulnerability affecting Release 3DEXPERIENCE R2018x through Release 3DEXPERIENCE R2023x |
| CVE-2023-32679 | 2023-05-19 | Remote Code Execution via unrestricted file extension in Craft CMS |
| CVE-2023-32675 | 2023-05-19 | Nonpayable default functions are sometimes payable in vyper |
| CVE-2023-32677 | 2023-05-19 | Users who can send invitations can erroneously add users to streams during invitation in Zulip |
| CVE-2023-28623 | 2023-05-19 | Unauthorized user can register an account in specific configurations in Zulip |
| CVE-2023-32700 | 2023-05-20 | LuaTeX before 1.17.0 allows execution of arbitrary shell commands when... |
| CVE-2023-33244 | 2023-05-20 | Obsidian before 1.2.2 allows calls to unintended APIs (for microphone... |
| CVE-2023-2715 | 2023-05-20 | The Groundhogg plugin for WordPress is vulnerable to unauthorized modification... |