Lista CVE - 2023 / Maggio
Visualizzazione 401 - 500 di 2420 CVE per Maggio 2023 (Pagina 5 di 25)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-27957 | 2023-05-08 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or... |
| CVE-2023-27958 | 2023-05-08 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to... |
| CVE-2023-27959 | 2023-05-08 | The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges. |
| CVE-2023-27960 | 2023-05-08 | This issue was addressed by removing the vulnerable code. This issue is fixed in GarageBand for macOS 10.4.8. An app may be able to gain elevated privileges during the installation... |
| CVE-2023-27961 | 2023-05-08 | Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4,... |
| CVE-2023-27962 | 2023-05-08 | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to modify... |
| CVE-2023-27963 | 2023-05-08 | The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS... |
| CVE-2023-27965 | 2023-05-08 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute... |
| CVE-2023-27966 | 2023-05-08 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox. |
| CVE-2023-27967 | 2023-05-08 | The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with... |
| CVE-2023-27968 | 2023-05-08 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write... |
| CVE-2023-27969 | 2023-05-08 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS... |
| CVE-2023-27970 | 2023-05-08 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with... |
| CVE-2023-28178 | 2023-05-08 | A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app... |
| CVE-2023-28180 | 2023-05-08 | A denial-of-service issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. A user in a privileged network position may be able to cause a... |
| CVE-2023-28181 | 2023-05-08 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.4, macOS... |
| CVE-2023-28182 | 2023-05-08 | The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big... |
| CVE-2023-28189 | 2023-05-08 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to view sensitive... |
| CVE-2023-28190 | 2023-05-08 | A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive... |
| CVE-2023-28192 | 2023-05-08 | A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to read... |
| CVE-2023-28194 | 2023-05-08 | The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home... |
| CVE-2023-28200 | 2023-05-08 | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An... |
| CVE-2023-28201 | 2023-05-08 | This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4.... |
| CVE-2023-29693 | 2023-05-08 | H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad. |
| CVE-2023-29696 | 2023-05-08 | H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set. |
| CVE-2023-29944 | 2023-05-08 | Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench |
| CVE-2023-30018 | 2023-05-08 | Judging Management System v1.0 is vulnerable to SQL Injection. via /php-jms/review_se_result.php?mainevent_id=. |
| CVE-2023-30019 | 2023-05-08 | imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter. |
| CVE-2023-30092 | 2023-05-08 | SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter. |
| CVE-2023-30185 | 2023-05-08 | CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \attachment\SystemAttachmentServices.php. |
| CVE-2023-30257 | 2023-05-08 | A buffer overflow in the component /proc/ftxxxx-debug of FiiO M6 Build Number v1.0.4 allows attackers to escalate privileges to root. |
| CVE-2023-30334 | 2023-05-08 | AsmBB v2.9.1 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the MiniMag.asm and bbcode.asm libraries. |
| CVE-2023-30787 | 2023-05-08 | MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/introductions` endpoint and first_met_additional_info parameter. |
| CVE-2023-30788 | 2023-05-08 | MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people/add` endpoint and nickName, description, lastName, middleName and firstName parameter. |
| CVE-2023-30789 | 2023-05-08 | MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/work` endpoint and job and company parameter. |
| CVE-2023-30790 | 2023-05-08 | MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/relationships` endpoint and first_name and last_name parameter. |
| CVE-2023-31178 | 2023-05-08 | AgilePoint NX v8.0 SU2.2 & SU2.3 – Arbitrary File Delete |
| CVE-2023-31179 | 2023-05-08 | AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal |
| CVE-2023-31180 | 2023-05-08 | WJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - Reflected cross-site scripting (RXSS) |
| CVE-2023-31181 | 2023-05-08 | WJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - CWE-22: Path Traversal |
| CVE-2023-31182 | 2023-05-08 | EasyTor Applications – Authorization Bypass |
| CVE-2023-31183 | 2023-05-08 | Cybonet PineApp Mail Secure RXSS vulnerability |
| CVE-2023-32233 | 2023-05-08 | In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local... |
| CVE-2023-2534 | 2023-05-08 | Information disclouse and DoS via websocket push events |
| CVE-2023-31038 | 2023-05-08 | Apache Log4cxx: SQL injection when using ODBC appender |
| CVE-2023-31039 | 2023-05-08 | Apache bRPC: ServerOptions.pid_file may cause arbitrary code execution |
| CVE-2023-29247 | 2023-05-08 | Stored XSS on Apache Airflow |
| CVE-2022-46799 | 2023-05-08 | WordPress Easy Testimonial Slider and Form Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25021 | 2023-05-08 | WordPress FareHarbor for WordPress Plugin <= 3.6.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23668 | 2023-05-08 | WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-25754 | 2023-05-08 | Apache Airflow: Privilege escalation using airflow logs |
| CVE-2022-45812 | 2023-05-08 | WordPress Exxp Plugin <= 2.6.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2575 | 2023-05-08 | Authenticated Buffer Overflow |
| CVE-2023-25452 | 2023-05-08 | WordPress CMS Press Plugin <= 0.2.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28169 | 2023-05-08 | WordPress Easy Event calendar Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2574 | 2023-05-08 | Authenticated Command Injection |
| CVE-2023-2573 | 2023-05-08 | Authenticated Command Injection |
| CVE-2023-25052 | 2023-05-08 | WordPress Yandex.News Feed by Teplitsa Plugin <= 1.12.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-1905 | 2023-05-08 | WP Popups < 2.1.5.1 - Contributor+ Stored XSS |
| CVE-2023-0894 | 2023-05-08 | Pickup | Delivery | Dine-in date time <= 1.0.9 - Admin+ Stored XSS |
| CVE-2023-0768 | 2023-05-08 | Avirato hotels online booking engine <= 5.0.5 - Subscriber+ SQLi |
| CVE-2023-0267 | 2023-05-08 | Ultimate Carousel For WPBakery Page Builder <= 2.6 - Contributor+ Stored XSS |
| CVE-2023-0948 | 2023-05-08 | Japanized For WooCommerce < 2.5.8 - Reflected XSS |
| CVE-2023-0421 | 2023-05-08 | Cloud Manager <= 1.0 - Reflected XSS |
| CVE-2023-1660 | 2023-05-08 | ChatBot < 4.4.9 - Unauthenticated Stored XSS |
| CVE-2023-0544 | 2023-05-08 | WP Login Box <= 2.0.2 - Admin+ Stored XSS |
| CVE-2023-1011 | 2023-05-08 | ChatBot < 4.4.5 - Stored XSS via CSRF |
| CVE-2023-0522 | 2023-05-08 | Enable/Disable Auto Login when Register <= 1.1.0 - Settings Update via CSRF |
| CVE-2023-2114 | 2023-05-08 | NEX-Forms < 8.4 - Admin+ SQL Injection |
| CVE-2023-1651 | 2023-05-08 | ChatBot < 4.4.9 - Subscriber+ OpenAI Settings Update to Stored XSS |
| CVE-2023-0514 | 2023-05-08 | Membership Database <= 1.0 - Reflected XSS |
| CVE-2023-0542 | 2023-05-08 | Custom Post Type List Shortcode <= 1.4.4 - Contributor+ Stored XSS |
| CVE-2023-1650 | 2023-05-08 | ChatBot < 4.4.7 - Unauthenticated PHP Object Injection |
| CVE-2023-1806 | 2023-05-08 | WP Inventory Manager < 2.1.0.12 - Reflected XSS |
| CVE-2023-1649 | 2023-05-08 | ChatBot < 4.5.1 - Admin+ Stored XSS |
| CVE-2023-0536 | 2023-05-08 | Wp-D3 <= 2.4.1 - Contributor+ Stored XSS |
| CVE-2023-0280 | 2023-05-08 | Ultimate Carousel For Elementor <= 2.1.7 - Contributor+ Stored XSS |
| CVE-2023-1347 | 2023-05-08 | Customizer Export/Import < 0.9.6 - Admin+ PHP Object Injection |
| CVE-2022-4118 | 2023-05-08 | Bitcoin / AltCoin Payment Gateway <= 1.7.1 - Unauthenticated SQLi |
| CVE-2023-1408 | 2023-05-08 | Video List Manager <= 1.7 - Admin+ SQL Injection |
| CVE-2023-0537 | 2023-05-08 | Product Slider For WooCommerce Lite <= 1.1.7 - Contributor+ Stored XSS |
| CVE-2023-0603 | 2023-05-08 | Sloth Logo Customizer <= 2.0.2 - Stored XSS via CSRF |
| CVE-2023-0526 | 2023-05-08 | Post Shortcode <= 2.0.9 - Contributor+ Stored Cross-Site Scripting |
| CVE-2023-0268 | 2023-05-08 | Mega Addons For WPBakery Page Builder < 4.3.0 - Contributor+ Stored XSS |
| CVE-2023-22779 | 2023-05-08 | Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol |
| CVE-2023-22780 | 2023-05-08 | Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol |
| CVE-2023-22781 | 2023-05-08 | Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol |
| CVE-2023-22782 | 2023-05-08 | Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol |
| CVE-2023-22783 | 2023-05-08 | Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol |
| CVE-2023-22784 | 2023-05-08 | Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol |
| CVE-2023-22785 | 2023-05-08 | Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol |
| CVE-2023-22786 | 2023-05-08 | Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol |
| CVE-2023-22787 | 2023-05-08 | Unauthenticated Denial of Service (DoS) in Aruba InstantOS or ArubaOS 10 Service Accessed via the PAPI Protocol |
| CVE-2023-22788 | 2023-05-08 | Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface |
| CVE-2023-22789 | 2023-05-08 | Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface |
| CVE-2023-22790 | 2023-05-08 | Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface |
| CVE-2023-22791 | 2023-05-08 | Aruba InstantOS and ArubaOS 10 Sensitive Information Disclosure |
| CVE-2022-47437 | 2023-05-08 | WordPress WSB Brands Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2022-47439 | 2023-05-08 | WordPress Open Graphite Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28493 | 2023-05-08 | WordPress Newsmag Theme <= 2.4.4 is vulnerable to Cross Site Scripting (XSS) |