Pagina 4 – Azienda Sicura

Lista CVE 2023/32xxx

CVE nel gruppo: 32xxx

CVE-2023-32063 (Clicca per dettagli)

CVE-2023-32064 (OroCRMCallBundle has incorrect call view page visibility)

CVE-2023-32065 (OroCommerce Customer Portal Incorrect Customer and Customer Group Frontend Menus pages visibility)

CVE-2023-32066 (OroCommerce get-totals-for-checkout API endpoint returns unwanted data)

CVE-2023-32067 (Time Tracker has Stored XSS vulnerability in Week View plugin)

CVE-2023-32068 (0-byte UDP payload DoS in c-ares)

CVE-2023-32069 (URL Redirection to Untrusted Site in XWiki)

CVE-2023-32070 (XWiki Platform privilege escalation (PR)/RCE from account through class sheet)

CVE-2023-32071 (Improper Neutralization of Script in Attributes in XWiki (X)HTML renderers)

CVE-2023-32072 (XWiki Platform vulnerable to RXSS via editor parameter – importinline template)

CVE-2023-32073 (Tuleap vulnerable toXSS via the triggered job URL of a Jenkins job)

CVE-2023-32074 (AVideo command injection vulnerability)

CVE-2023-32075 (Nextcloud user_oidc app is missing brute force protection)

CVE-2023-32076 (Pimcore vulnerable to Business Logic Errors in Customer automation rules)

CVE-2023-32077 (in-toto vulnerable to Configuration Read From Local Directory)

CVE-2023-32078 (Netmaker has Hardcoded DNS Secret Key)

CVE-2023-32079 (Netmaker IDOR Vulnerability Allows User to Update Other User’s Password)

CVE-2023-32080 (Netmaker Privilige Escalation Vulnerability)

CVE-2023-32081 (Wings vulnerable to escape to host from installation container)

CVE-2023-32082 (Vert.x STOMP server process client frames that would not send initially a connect frame)

CVE-2023-32083 (etcd key name can be accessed via LeaseTimeToLive API)

CVE-2023-32084 (Microsoft Failover Cluster Information Disclosure Vulnerability)

CVE-2023-32085 (HTTP.sys Denial of Service Vulnerability)

CVE-2023-32086 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability)

CVE-2023-32087 (Clicca per dettagli)

CVE-2023-32088 (Clicca per dettagli)

CVE-2023-32089 (Clicca per dettagli)

CVE-2023-32090 (Clicca per dettagli)

CVE-2023-32091 (Clicca per dettagli)

CVE-2023-32092 (WordPress POEditor Plugin <= 0.9.4 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-32093 (WordPress Community by PeepSo Plugin <= 6.0.9.0 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-32094 (WordPress TPG Redirect Plugin <= 1.0.7 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-32095 (WordPress Extended Post Status plugin <= 1.0.19 - Broken Access Control vulnerability)

CVE-2023-32096 (WordPress Rename Media Files Plugin <= 1.0.1 is vulnerable to Remote Code Execution (RCE))

CVE-2023-32097 (Key duplication in GSDK)

CVE-2023-32098 (Key duplication in GSDK)

CVE-2023-32099 (Key duplication in GSDK)

CVE-2023-32100 (Key duplication in GSDK)

CVE-2023-32101 (Key duplication in GSDK)

CVE-2023-32102 (WordPress Library Viewer Plugin <= 2.0.6 is vulnerable to Open Redirection)

CVE-2023-32103 (WordPress Library Viewer Plugin <= 2.0.6 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32104 (WordPress TP Education Plugin <= 4.4 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32105 (WordPress MyCurator Content Curation Plugin <= 3.74 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-32106 (WordPress WPPizza Plugin <= 3.17.1 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32107 (WordPress WP Docs Plugin <= 1.9.9 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32108 (WordPress Photo Gallery by Ays Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32109 (WordPress Albo Pretorio Online Plugin <= 4.6.3 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32110 (WordPress Albo Pretorio Online Plugin <= 4.6.3 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32111 (WordPress JupiterX theme <= 3.0.0 - Auth. Local File Inclusion vulnerability)

CVE-2023-32112 (Memory Corruption vulnerability in SAP PowerDesigner (Proxy))

CVE-2023-32113 (Missing Authorization Check in Vendor Master Hierarchy)

CVE-2023-32114 (Information Disclosure vulnerability in SAP GUI for Windows)

CVE-2023-32115 (Denial of Service in SAP NetWeaver)

CVE-2023-32116 (SQL Injection in Master Data Synchronization (MDS COMPARE TOOL))

CVE-2023-32117 (WordPress Custom post types Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32118 (WordPress Integrate Google Drive plugin <= 1.1.99 - Unauthenticated Broken Access Control vulnerability)

CVE-2023-32119 (WordPress SALERT Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32121 (WordPress WPO365 | Mail Integration for Office 365 / Outlook Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32122 (WordPress Zero Spam Plugin <= 5.4.4 is vulnerable to SQL Injection)

CVE-2023-32123 (WordPress Spiffy Calendar Plugin <= 4.9.3 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32124 (WordPress The7 Theme <= 11.7.3 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-32125 (WordPress Publish Confirm Message Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-32126 (WordPress Multi Rating Plugin <= 5.0.6 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-32127 (WordPress SALERT plugin <= 1.2.1 - Broken Access Control vulnerability)

CVE-2023-32128 (WordPress Multi Rating plugin <= 5.0.6 - Unauth Arbitrary rating value change)

CVE-2023-32129 (WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations Plugin <= 2.2.7 is vulnerable to SQL Injection)

CVE-2023-32130 (WordPress Editorialmag theme <= 1.1.9 - Authenticated Arbitrary Plugin Activation)

CVE-2023-32131 (WordPress Multi Rating Plugin <= 5.0.6 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-32132 (Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability)

CVE-2023-32133 (Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability)

CVE-2023-32134 (Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability)

CVE-2023-32135 (Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Remote Code Execution Vulnerability)

CVE-2023-32136 (Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability)

CVE-2023-32137 (D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability)

CVE-2023-32138 (D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability)

CVE-2023-32139 (D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability)

CVE-2023-32140 (D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability)

CVE-2023-32141 (D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability)

CVE-2023-32142 (D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability)

CVE-2023-32143 (D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability)

Precedente Successivo