Lista CVE - 2023 / Giugno
Visualizzazione 1801 - 1900 di 2395 CVE per Giugno 2023 (Pagina 19 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-32352 | 2023-06-23 | A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5.... |
| CVE-2023-32360 | 2023-06-23 | An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able... |
| CVE-2023-32373 | 2023-06-23 | A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5... |
| CVE-2023-32387 | 2023-06-23 | A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. A remote attacker may be able... |
| CVE-2023-32390 | 2023-06-23 | The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Photos belonging to the Hidden Photos Album could... |
| CVE-2023-32391 | 2023-06-23 | The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. A shortcut may... |
| CVE-2023-32395 | 2023-06-23 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to... |
| CVE-2023-32400 | 2023-06-23 | This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Entitlements and privacy permissions granted to this app... |
| CVE-2023-32404 | 2023-06-23 | This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. An app may be able to bypass Privacy... |
| CVE-2023-32409 | 2023-06-23 | The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and... |
| CVE-2023-32417 | 2023-06-23 | This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may... |
| CVE-2023-32422 | 2023-06-23 | This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able... |
| CVE-2023-32434 | 2023-06-23 | An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1,... |
| CVE-2023-32435 | 2023-06-23 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7.... |
| CVE-2023-32439 | 2023-06-23 | A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, Safari 16.5.1. Processing... |
| CVE-2023-3317 | 2023-06-23 | A use-after-free flaw was found in mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. This flaw could allow an attacker to crash the system after 'features' memory... |
| CVE-2023-34188 | 2023-06-23 | The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which... |
| CVE-2023-36271 | 2023-06-23 | LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. |
| CVE-2023-36272 | 2023-06-23 | LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. |
| CVE-2023-36274 | 2023-06-23 | LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. |
| CVE-2023-33141 | 2023-06-23 | Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability |
| CVE-2023-23344 | 2023-06-23 | HCL BigFix WebUI Insights is susceptible to a lack of sufficient authorization |
| CVE-2023-31469 | 2023-06-23 | Apache StreamPipes: Privilege escalation through non-admin user |
| CVE-2023-33299 | 2023-06-23 | A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically... |
| CVE-2023-32463 | 2023-06-23 | Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction. |
| CVE-2023-32464 | 2023-06-23 | Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying... |
| CVE-2023-25936 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28052 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28054 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28029 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable |
| CVE-2023-28059 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28061 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28042 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28041 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-3380 | 2023-06-23 | Wavlink WN579X3 Ping Test adm.cgi injection |
| CVE-2023-3381 | 2023-06-23 | SourceCodester Online School Fees System GET Parameter datatable.php cross site scripting |
| CVE-2023-28035 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28033 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-25937 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28030 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28056 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28040 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28039 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28028 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28032 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-3382 | 2023-06-23 | SourceCodester Game Result Matrix System GET Parameter save-delegates.php cross site scripting |
| CVE-2023-3383 | 2023-06-23 | SourceCodester Game Result Matrix System GET Parameter athlete-profile.php sql injection |
| CVE-2023-28036 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28027 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28034 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28031 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-25938 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28060 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28044 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28026 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28050 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28058 | 2023-06-23 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. |
| CVE-2023-28071 | 2023-06-23 | Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could... |
| CVE-2023-28073 | 2023-06-23 | Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system. |
| CVE-2023-32480 | 2023-06-23 | Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution. |
| CVE-2023-28064 | 2023-06-23 | Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. |
| CVE-2023-28065 | 2023-06-23 | Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially... |
| CVE-2023-34012 | 2023-06-23 | WordPress Premium Addons PRO Plugin <= 2.8.24 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-34021 | 2023-06-23 | WordPress Church Admin Plugin <= 3.7.29 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-35048 | 2023-06-23 | WordPress Booking and Rental Manager Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-32580 | 2023-06-23 | WordPress Password Protected Plugin <= 2.6.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-29100 | 2023-06-23 | WordPress The7 Theme <= 11.6.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-27427 | 2023-06-23 | WordPress CRM Memberships Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28751 | 2023-06-23 | WordPress Wp Ultimate Review Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23679 | 2023-06-23 | WordPress JS Help Desk – Best Help Desk & Support Plugin Plugin <= 2.7.7 is vulnerable to Insecure Direct Object References (IDOR) |
| CVE-2022-47614 | 2023-06-23 | WordPress MStore API Plugin <= 3.9.7 is vulnerable to SQL Injection |
| CVE-2023-34464 | 2023-06-23 | XWiki vulnerable to stored cross-site scripting via any wiki document and the displaycontent/rendercontent template |
| CVE-2023-35925 | 2023-06-23 | FastAsyncWorldEdit vulnerable to Uncontrolled Resource Consumption |
| CVE-2023-34465 | 2023-06-23 | XWiki Platform's Mail.MailConfig can be edited by any user with edit rights |
| CVE-2023-34466 | 2023-06-23 | XWiki Platform's tags on non-viewable pages can be revealed to users |
| CVE-2023-3391 | 2023-06-23 | SourceCodester Human Resource Management System detailview.php sql injection |
| CVE-2023-34467 | 2023-06-23 | XWiki Platform may retrieve email addresses of all users |
| CVE-2023-35150 | 2023-06-23 | XWiki Platform vulnerable to privilege escalation (PR) from view right via Invitation application |
| CVE-2023-35151 | 2023-06-23 | XWiki Platform may show email addresses in clear in REST results |
| CVE-2023-35152 | 2023-06-23 | XWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults |
| CVE-2023-25515 | 2023-06-23 | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data... |
| CVE-2023-25518 | 2023-06-23 | NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and... |
| CVE-2023-35153 | 2023-06-23 | XWiki Platform vulnerable to stored cross-site scripting in ClassEditSheet page via name parameters |
| CVE-2023-25520 | 2023-06-23 | NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service. |
| CVE-2023-3393 | 2023-06-23 | Code Injection in fossbilling/fossbilling |
| CVE-2023-3394 | 2023-06-23 | Session Fixation in fossbilling/fossbilling |
| CVE-2023-35155 | 2023-06-23 | XWiki Platform vulnerable to cross-site scripting in target parameter via share page by email |
| CVE-2023-35156 | 2023-06-23 | XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in delete template |
| CVE-2023-35157 | 2023-06-23 | XWiki Platform vulnerable to reflected cross-site scripting via delattachment action |
| CVE-2023-35158 | 2023-06-23 | XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in restore template |
| CVE-2023-35159 | 2023-06-23 | XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in deletespace template |
| CVE-2023-35160 | 2023-06-23 | XWiki Platform vulnerable to reflected cross-site scripting via back and xcontinue parameters in resubmit template |
| CVE-2023-35161 | 2023-06-23 | XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in DeleteApplication page |
| CVE-2023-35162 | 2023-06-23 | XPlatform Wiki vulnerable to cross-site scripting via xcontinue parameter in preview actions template |
| CVE-2023-35167 | 2023-06-23 | When setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by Id |
| CVE-2023-34460 | 2023-06-23 | Tauri vulnerable to Regression on Filesystem Scope Checks for Dotfiles |
| CVE-2023-35931 | 2023-06-23 | Shescape potential environment variable exposure on Windows with CMD |
| CVE-2023-34254 | 2023-06-23 | Remote inventory task command injection when using ssh command mode |
| CVE-2023-35154 | 2023-06-23 | Knowage-Server vulnerable to account validation bypass |
| CVE-2023-35163 | 2023-06-23 | Vega's validators able to submit duplicate transactions |