Lista CVE - 2023 / Giugno
Visualizzazione 1001 - 1100 di 2395 CVE per Giugno 2023 (Pagina 11 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-31638 | 2023-06-13 | Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and... |
| CVE-2022-31639 | 2023-06-13 | Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and... |
| CVE-2023-28303 | 2023-06-13 | Windows Snipping Tool Information Disclosure Vulnerability |
| CVE-2023-34247 | 2023-06-13 | @keystone-6/auth Open Redirect vulnerability |
| CVE-2023-34249 | 2023-06-13 | benjjvi/PyBB may send unsanitized request to SQL database |
| CVE-2023-20867 | 2023-06-13 | VMware Tools Authentication Bypass Vulnerability |
| CVE-2023-28598 | 2023-06-13 | Zoom for Linux clients prior to 5.13.10 contain an HTML injection vulnerability. If a victim starts a chat with a malicious user it could result in a Zoom application crash. |
| CVE-2023-28599 | 2023-06-13 | Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting... |
| CVE-2023-28600 | 2023-06-13 | Zoom for MacOSclients prior to 5.14.0 contain an improper access control vulnerability. A malicious user may be able to delete/replace Zoom Client files potentially causing a loss of integrity and... |
| CVE-2023-28601 | 2023-06-13 | Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability. A malicious user may alter protected Zoom Client memory... |
| CVE-2023-1707 | 2023-06-13 | Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6. |
| CVE-2023-28602 | 2023-06-13 | Zoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic signature vulnerability. A malicious user may potentially downgrade Zoom Client components to previous versions. |
| CVE-2023-28603 | 2023-06-13 | Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A malicious user may potentially delete local files without proper permissions. |
| CVE-2023-34120 | 2023-06-13 | Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of... |
| CVE-2023-34121 | 2023-06-13 | Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via... |
| CVE-2023-3214 | 2023-06-13 | Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) |
| CVE-2023-3215 | 2023-06-13 | Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2023-3216 | 2023-06-13 | Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2023-3217 | 2023-06-13 | Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2023-34114 | 2023-06-13 | Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially enable information disclosure via network access. |
| CVE-2023-34115 | 2023-06-13 | Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue... |
| CVE-2022-43684 | 2023-06-13 | ACL bypass in Reporting functionality |
| CVE-2023-2637 | 2023-06-13 | Rockwell Automation FactoryTalk System Services Vulnerable To Use Of Hard-Coded Cryptographic Key |
| CVE-2023-2638 | 2023-06-13 | Rockwell Automation FactoryTalk System Services Vulnerable to a Denial-of-Service Attack |
| CVE-2023-2639 | 2023-06-13 | Rockwell Automation FactoryTalk System Services Vulnerable to Sensitive Information Disclosure |
| CVE-2023-2778 | 2023-06-13 | Rockwell Automation FactoryTalk Transaction Manager Vulnerable to Denial-Of-Service |
| CVE-2023-31142 | 2023-06-13 | Discourse's general category permissions could be set back to default |
| CVE-2023-32061 | 2023-06-13 | Discourse Topic Creation Page Allows iFrame Tag without Restrictions |
| CVE-2023-32301 | 2023-06-13 | Discourse's canonical url not being used for topic embeddings |
| CVE-2023-34250 | 2023-06-13 | Discourse vulnerable to exposure of number of topics recently created in private categories |
| CVE-2023-24938 | 2023-06-13 | Windows CryptoAPI Denial of Service Vulnerability |
| CVE-2023-29353 | 2023-06-13 | Sysinternals Process Monitor for Windows Denial of Service Vulnerability |
| CVE-2023-32029 | 2023-06-13 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2023-33137 | 2023-06-13 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2023-33139 | 2023-06-13 | Visual Studio Information Disclosure Vulnerability |
| CVE-2023-33146 | 2023-06-13 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2023-21565 | 2023-06-13 | Azure DevOps Server Spoofing Vulnerability |
| CVE-2023-21569 | 2023-06-13 | Azure DevOps Server Spoofing Vulnerability |
| CVE-2023-29346 | 2023-06-13 | NTFS Elevation of Privilege Vulnerability |
| CVE-2023-29351 | 2023-06-13 | Windows Group Policy Elevation of Privilege Vulnerability |
| CVE-2023-29352 | 2023-06-13 | Windows Remote Desktop Security Feature Bypass Vulnerability |
| CVE-2023-29355 | 2023-06-13 | DHCP Server Service Information Disclosure Vulnerability |
| CVE-2023-29357 | 2023-06-13 | Microsoft SharePoint Server Elevation of Privilege Vulnerability |
| CVE-2023-29358 | 2023-06-13 | Windows GDI Elevation of Privilege Vulnerability |
| CVE-2023-29359 | 2023-06-13 | GDI Elevation of Privilege Vulnerability |
| CVE-2023-29360 | 2023-06-13 | Microsoft Streaming Service Elevation of Privilege Vulnerability |
| CVE-2023-29361 | 2023-06-13 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| CVE-2023-29362 | 2023-06-13 | Remote Desktop Client Remote Code Execution Vulnerability |
| CVE-2023-29363 | 2023-06-13 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| CVE-2023-29364 | 2023-06-13 | Windows Authentication Elevation of Privilege Vulnerability |
| CVE-2023-29365 | 2023-06-13 | Windows Media Remote Code Execution Vulnerability |
| CVE-2023-29366 | 2023-06-13 | Windows Geolocation Service Remote Code Execution Vulnerability |
| CVE-2023-29367 | 2023-06-13 | iSCSI Target WMI Provider Remote Code Execution Vulnerability |
| CVE-2023-29368 | 2023-06-13 | Windows Filtering Platform Elevation of Privilege Vulnerability |
| CVE-2023-29369 | 2023-06-13 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-29370 | 2023-06-13 | Windows Media Remote Code Execution Vulnerability |
| CVE-2023-29371 | 2023-06-13 | Windows GDI Elevation of Privilege Vulnerability |
| CVE-2023-29372 | 2023-06-13 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-29373 | 2023-06-13 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2023-32008 | 2023-06-13 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
| CVE-2023-32009 | 2023-06-13 | Windows Collaborative Translation Framework Elevation of Privilege Vulnerability |
| CVE-2023-32010 | 2023-06-13 | Windows Bus Filter Driver Elevation of Privilege Vulnerability |
| CVE-2023-32011 | 2023-06-13 | Windows iSCSI Discovery Service Denial of Service Vulnerability |
| CVE-2023-32012 | 2023-06-13 | Windows Container Manager Service Elevation of Privilege Vulnerability |
| CVE-2023-32013 | 2023-06-13 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2023-32014 | 2023-06-13 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| CVE-2023-32015 | 2023-06-13 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| CVE-2023-32016 | 2023-06-13 | Windows Installer Information Disclosure Vulnerability |
| CVE-2023-32017 | 2023-06-13 | Microsoft PostScript Printer Driver Remote Code Execution Vulnerability |
| CVE-2023-32018 | 2023-06-13 | Windows Hello Remote Code Execution Vulnerability |
| CVE-2023-32019 | 2023-06-13 | Windows Kernel Information Disclosure Vulnerability |
| CVE-2023-32020 | 2023-06-13 | Windows DNS Spoofing Vulnerability |
| CVE-2023-32021 | 2023-06-13 | Windows SMB Witness Service Security Feature Bypass Vulnerability |
| CVE-2023-32022 | 2023-06-13 | Windows Server Service Security Feature Bypass Vulnerability |
| CVE-2023-32032 | 2023-06-13 | .NET and Visual Studio Elevation of Privilege Vulnerability |
| CVE-2023-33126 | 2023-06-13 | .NET and Visual Studio Remote Code Execution Vulnerability |
| CVE-2023-33128 | 2023-06-13 | .NET and Visual Studio Remote Code Execution Vulnerability |
| CVE-2023-33129 | 2023-06-13 | Microsoft SharePoint Server Denial of Service Vulnerability |
| CVE-2023-33130 | 2023-06-13 | Microsoft SharePoint Server Spoofing Vulnerability |
| CVE-2023-33131 | 2023-06-13 | Microsoft Outlook Remote Code Execution Vulnerability |
| CVE-2023-33132 | 2023-06-13 | Microsoft SharePoint Server Spoofing Vulnerability |
| CVE-2023-33133 | 2023-06-13 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2023-33135 | 2023-06-13 | .NET and Visual Studio Elevation of Privilege Vulnerability |
| CVE-2023-33140 | 2023-06-13 | Microsoft OneNote Spoofing Vulnerability |
| CVE-2023-33142 | 2023-06-13 | Microsoft SharePoint Server Elevation of Privilege Vulnerability |
| CVE-2023-33144 | 2023-06-13 | Visual Studio Code Spoofing Vulnerability |
| CVE-2023-33145 | 2023-06-13 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| CVE-2020-22402 | 2023-06-14 | Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code. |
| CVE-2021-31280 | 2023-06-14 | An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the keywords parameter. |
| CVE-2023-25367 | 2023-06-14 | Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS allows unfiltered user input resulting in Remote Code Execution (RCE) with SCPI interface or web server. |
| CVE-2023-25368 | 2023-06-14 | Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS is vulnerable to Incorrect Access Control. An unauthenticated attacker can overwrite firmnware. |
| CVE-2023-25369 | 2023-06-14 | Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS is vulnerable to Denial of Service on the user interface triggered by malformed SCPI command. |
| CVE-2023-25434 | 2023-06-14 | libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215. |
| CVE-2023-26062 | 2023-06-14 | A mobile network solution internal fault is found in Nokia Web Element Manager before 22 R1, in which an authenticated, unprivileged user can execute administrative functions. Exploitation is not possible... |
| CVE-2023-30082 | 2023-06-14 | A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the... |
| CVE-2023-30150 | 2023-06-14 | PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocustomajax/leoajax.php. |
| CVE-2023-31671 | 2023-06-14 | PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess(). |
| CVE-2023-31746 | 2023-06-14 | There is a command injection vulnerability in the adslr VW2100 router with firmware version M1DV1.0. An unauthenticated attacker can exploit the vulnerability to execute system commands as the root user. |
| CVE-2023-3227 | 2023-06-14 | Insufficient Granularity of Access Control in fossbilling/fossbilling |
| CVE-2023-3228 | 2023-06-14 | Business Logic Errors in fossbilling/fossbilling |