Lista CVE 2023/29xxx

CVE nel gruppo: 29xxx

CVE-2023-29000 (N/A)

CVE-2023-29001 (Nextcloud Desktop client does not verify received singed certificate in end-to-end encryption)

CVE-2023-29002 (Uncontrolled recursion due to insufficient validation of the IPv6 source routing header in Contiki-NG)

CVE-2023-29003 (Debug mode leaks confidential data in Cilium)

CVE-2023-29004 (SvelteKit has Insufficient Cross-Site Request Forgery Protection)

CVE-2023-29005 (Path Traversal Vulnerability in hap-wi/roxy-wi )

CVE-2023-29006 (No Rate Limiting on Login AUTH DB)

CVE-2023-29007 (Order GLPI plugin vulnerable to remote code execution from authenticated user)

CVE-2023-29008 (Arbitrary configuration injection via `git submodule deinit`)

CVE-2023-29009 (SvelteKit framework has Insufficient CSRF protection for CORS requests)

CVE-2023-29010 (basercms XSS Vulnerability via Favorites Feature)

CVE-2023-29011 (BudiBase Server-Side Request Forgery vulnerability)

CVE-2023-29012 (Git for Windows’s config file of `connect.exe` is susceptible to malicious placing)

CVE-2023-29013 (Git CMD erroneously executes `doskey.exe` in the current directory, if it exists)

CVE-2023-29014 (HTTP header parsing could cause a deny of service)

CVE-2023-29015 (Goobi viewer Core Reflected Cross-Site Scripting Vulnerability Using LOGID Parameter)

CVE-2023-29016 (Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments )

CVE-2023-29017 (Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames)

CVE-2023-29018 (vm2 Sandbox Escape vulnerability)

CVE-2023-29019 ( OpenFeature Operator vulnerable to Cluster-level Privilege Escalation)