Lista CVE - 2023 / Giugno
Visualizzazione 1901 - 2000 di 2395 CVE per Giugno 2023 (Pagina 20 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-35163 | 2023-06-23 | Vega's validators able to submit duplicate transactions |
| CVE-2023-35165 | 2023-06-23 | AWS CDK EKS overly permissive trust policies |
| CVE-2023-35169 | 2023-06-23 | php-imap vulnerable to RCE through a directory traversal vulnerability |
| CVE-2023-35171 | 2023-06-23 | Nextcloud Server vulnerable to open redirect on "Unsupported browser" warning |
| CVE-2023-35172 | 2023-06-23 | Nextcloud Server password reset endpoint is not brute force protected |
| CVE-2023-35173 | 2023-06-23 | End-to-End encrypted file-drops can be made inaccessible |
| CVE-2023-35927 | 2023-06-23 | Nextcloud system addressbooks can be modified by malicious trusted server |
| CVE-2023-35928 | 2023-06-23 | Nextcloud user scoped external storage can be used to gather credentials of other users |
| CVE-2023-35932 | 2023-06-23 | jcvi vulnerable to Configuration Injection due to unsanitized user input |
| CVE-2023-1783 | 2023-06-23 | OrangeScrum 2.0.11 - AWS Credentials Leak via PDF Rendering |
| CVE-2023-1721 | 2023-06-23 | Yoga Class Registration System 1.0 - RCE |
| CVE-2023-1724 | 2023-06-24 | Faveo Helpdesk Enterprise 6.0.1 - Privilege Escalation via Stored XSS |
| CVE-2023-1722 | 2023-06-24 | Yoga Class Registration System 1.0 - ATO |
| CVE-2023-3197 | 2023-06-24 | The MStore API plugin for WordPress is vulnerable to Unauthenticated... |
| CVE-2023-3388 | 2023-06-24 | The Beautiful Cookie Consent Banner for WordPress is vulnerable to... |
| CVE-2023-3387 | 2023-06-24 | The Lana Text to Image plugin for WordPress is vulnerable... |
| CVE-2015-20109 | 2023-06-25 | end_pattern (called from internal_fnmatch) in the GNU C Library (aka... |
| CVE-2023-36612 | 2023-06-25 | Directory traversal can occur in the Basecamp com.basecamp.bc3 application before... |
| CVE-2023-36630 | 2023-06-25 | In CloudPanel before 2.3.1, insecure file upload leads to privilege... |
| CVE-2023-36632 | 2023-06-25 | The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers... |
| CVE-2023-36660 | 2023-06-25 | The OCB feature in libnettle in Nettle 3.9 before 3.9.1... |
| CVE-2023-36663 | 2023-06-25 | it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows... |
| CVE-2023-36664 | 2023-06-25 | Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices... |
| CVE-2023-36666 | 2023-06-25 | INEX IXP-Manager before 6.3.1 allows XSS. list-preamble.foil.php, page-header-preamble.foil.php, edit-form.foil.php, page-header-preamble.foil.php,... |
| CVE-2023-36661 | 2023-06-25 | Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth... |
| CVE-2023-3396 | 2023-06-25 | Campcodes Retro Cellphone Online Store index.php sql injection |
| CVE-2020-20210 | 2023-06-26 | Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via... |
| CVE-2021-31635 | 2023-06-26 | Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a... |
| CVE-2022-40010 | 2023-06-26 | Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered... |
| CVE-2022-48332 | 2023-06-26 | Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys... |
| CVE-2022-48333 | 2023-06-26 | Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys... |
| CVE-2022-48334 | 2023-06-26 | Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys... |
| CVE-2022-48335 | 2023-06-26 | Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning... |
| CVE-2022-48336 | 2023-06-26 | Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData... |
| CVE-2023-25306 | 2023-06-26 | MultiMC Launcher <= 0.6.16 is vulnerable to Directory Traversal. |
| CVE-2023-25307 | 2023-06-26 | nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal. |
| CVE-2023-27082 | 2023-06-26 | Cross Site Scripting (XSS) vulnerability in /admin.php in Pluck CMS... |
| CVE-2023-28485 | 2023-06-26 | A stored cross-site scripting (Stored XSS) vulnerability in file preview... |
| CVE-2023-29459 | 2023-06-26 | The laola.redbull application through 5.1.9-R for Android exposes the exported... |
| CVE-2023-30261 | 2023-06-26 | Command Injection vulnerability in OpenWB 1.6 and 1.7 allows remote... |
| CVE-2023-33404 | 2023-06-26 | An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs... |
| CVE-2023-33580 | 2023-06-26 | Phpgurukul Student Study Center Management System V1.0 is vulnerable to... |
| CVE-2023-34924 | 2023-06-26 | H3C Magic B1STW B1STV100R012 was discovered to contain a stack... |
| CVE-2023-36252 | 2023-06-26 | An issue in Ateme Flamingo XL v.3.6.20 and XS v.3.6.5... |
| CVE-2023-36301 | 2023-06-26 | Talend Data Catalog before 8.0-20230221 contain a directory traversal vulnerability... |
| CVE-2023-36631 | 2023-06-26 | Lack of access control in wfc.exe in Malwarebytes Binisoft Windows... |
| CVE-2023-36662 | 2023-06-26 | The TechTime User Management components for Atlassian products allow stored... |
| CVE-2023-36675 | 2023-06-26 | An issue was discovered in MediaWiki before 1.35.11, 1.36.x through... |
| CVE-2020-23065 | 2023-06-26 | Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform... |
| CVE-2022-48331 | 2023-06-26 | Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys... |
| CVE-2023-28988 | 2023-06-26 | WordPress Direct checkout, Add to cart redirect for Woocommerce Plugin <= 2.1.48 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28992 | 2023-06-26 | WordPress Coupon Affiliates Plugin <= 5.4.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28991 | 2023-06-26 | WordPress Order date time for WooCommerce Plugin <= 3.0.19 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-29093 | 2023-06-26 | WordPress Conditional extra fees for woocommerce Plugin <= 1.0.96 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-1619 | 2023-06-26 | WAGO: DoS in multiple versions of multiple products |
| CVE-2023-1620 | 2023-06-26 | WAGO: DoS in multiple products in multiple versions using Codesys |
| CVE-2023-1150 | 2023-06-26 | WAGO: Series 750-3x/-8x prone to MODBUS server DoS |
| CVE-2023-22359 | 2023-06-26 | User-enumeration in RestAPI |
| CVE-2023-29423 | 2023-06-26 | WordPress Cancel order request WooCommerce Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-29424 | 2023-06-26 | WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.23 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-29427 | 2023-06-26 | WordPress Amelia Plugin <= 1.0.75 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-29430 | 2023-06-26 | WordPress TheRoof Theme <= 1.0.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-3398 | 2023-06-26 | Denial of Service in jgraph/drawio |
| CVE-2023-29434 | 2023-06-26 | WordPress Optin Forms Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-29436 | 2023-06-26 | WordPress IFrame Shortcode Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-29435 | 2023-06-26 | WordPress Cryptocurrency All-in-One Plugin <= 3.0.19 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-29437 | 2023-06-26 | WordPress Connections Business Directory Plugin <= 10.4.36 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-29438 | 2023-06-26 | WordPress SimpleModal Contact Form (SMCF) Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-2005 | 2023-06-26 | Tenable Plugin Feed ID #202306261202 Fixes Privilege Escalation Vulnerability |
| CVE-2023-35933 | 2023-06-26 | OpenFGA denial of service die to circular relationship |
| CVE-2023-35930 | 2023-06-26 | LookupResources may return partial results in spicedb |
| CVE-2023-2290 | 2023-06-26 | A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow... |
| CVE-2023-2992 | 2023-06-26 | An unauthenticated denial of service vulnerability exists in the SMM... |
| CVE-2023-2993 | 2023-06-26 | A valid, authenticated user with limited privileges may be able... |
| CVE-2023-3113 | 2023-06-26 | An unauthenticated XML external entity injection (XXE) vulnerability exists in... |
| CVE-2023-34418 | 2023-06-26 | A valid, authenticated LXCA user may be able to gain... |
| CVE-2023-34420 | 2023-06-26 | A valid, authenticated LXCA user with elevated privileges may be... |
| CVE-2023-34421 | 2023-06-26 | A valid, authenticated LXCA user with elevated privileges may be... |
| CVE-2023-34422 | 2023-06-26 | A valid, authenticated LXCA user with elevated privileges may be... |
| CVE-2023-33176 | 2023-06-26 | Blind SSRF When Uploading Presentation in BigBlueButton |
| CVE-2023-35168 | 2023-06-26 | DataEase has a privilege bypass vulnerability |
| CVE-2023-34463 | 2023-06-26 | Unauthorized users can delete applications in DataEase |
| CVE-2023-3420 | 2023-06-26 | Type Confusion in V8 in Google Chrome prior to 114.0.5735.198... |
| CVE-2023-3421 | 2023-06-26 | Use after free in Media in Google Chrome prior to... |
| CVE-2023-3422 | 2023-06-26 | Use after free in Guest View in Google Chrome prior... |
| CVE-2023-35164 | 2023-06-26 | Unauthorized users can manipulate a dashboard created by an administrator in DataEase |
| CVE-2023-28929 | 2023-06-26 | Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable... |
| CVE-2023-30902 | 2023-06-26 | A privilege escalation vulnerability in the Trend Micro Apex One... |
| CVE-2023-32521 | 2023-06-26 | A path traversal exists in a specific service dll of... |
| CVE-2023-32522 | 2023-06-26 | A path traversal exists in a specific dll of Trend... |
| CVE-2023-32523 | 2023-06-26 | Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5... |
| CVE-2023-32524 | 2023-06-26 | Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5... |
| CVE-2023-32525 | 2023-06-26 | Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities... |
| CVE-2023-32526 | 2023-06-26 | Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities... |
| CVE-2023-32527 | 2023-06-26 | Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php... |
| CVE-2023-32528 | 2023-06-26 | Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php... |
| CVE-2023-32529 | 2023-06-26 | Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities... |
| CVE-2023-32530 | 2023-06-26 | Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities... |
| CVE-2023-32531 | 2023-06-26 | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are... |
| CVE-2023-32532 | 2023-06-26 | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are... |