Lista CVE 2023/34xxx

CVE nel gruppo: 34xxx

CVE-2023-34041 (Clicca per dettagli)

CVE-2023-34042 (CVE-2023-34041-Abuse of HTTP Hop-by-Hop Headers in Cloud Foundry Gorouter)

CVE-2023-34043 (Clicca per dettagli)

CVE-2023-34044 (Clicca per dettagli)

CVE-2023-34045 (Information disclosure vulnerability in bluetooth device-sharing functionality)

CVE-2023-34046 (VMware Fusion installer local privilege escalation)

CVE-2023-34047 (VMware Fusion TOCTOU local privilege escalation vulnerability)

CVE-2023-34048 (Exposure of data and identity to wrong session in Spring for GraphQL)

CVE-2023-34049 (VMware vCenter Server Out-of-Bounds Write Vulnerability)

CVE-2023-34050 (Salt security advisory release – 2023-OCT-27)

CVE-2023-34051 (Spring AMQP Deserialization Vulnerability)

CVE-2023-34052 (Clicca per dettagli)

CVE-2023-34053 (Clicca per dettagli)

CVE-2023-34054 (Spring Framework server Web Observations DoS Vulnerability)

CVE-2023-34055 (Reactor Netty HTTP Server Metrics DoS Vulnerability)

CVE-2023-34056 (Spring Boot server Web Observations DoS Vulnerability)

CVE-2023-34057 (VMware vCenter Server Partial Information Disclosure Vulnerability)

CVE-2023-34058 (Clicca per dettagli)

CVE-2023-34059 (Clicca per dettagli)

CVE-2023-34060 (Clicca per dettagli)

CVE-2023-34061 (Clicca per dettagli)

CVE-2023-34062 (CVE-2023-34061 – Gorouter route pruning)

CVE-2023-34063 (Clicca per dettagli)

CVE-2023-34064 (Clicca per dettagli)

CVE-2023-34085 (Privilege Escalation Vulnerability)

CVE-2023-34086 (User Attribute Disclosure via DynamoDB Data Stores)

CVE-2023-34087 (Clicca per dettagli)

CVE-2023-34088 (Clicca per dettagli)

CVE-2023-34089 (Collabora Online has Stored Cross-Site-Scripting vulnerability in admin interface)

CVE-2023-34090 (Decidim Cross-site Scripting vulnerability in the processes filter)

CVE-2023-34091 (Decidim vulnerable to sensitive data disclosure)

CVE-2023-34092 (Kyverno resource with a deletionTimestamp may allow policy circumvention)

CVE-2023-34093 (Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//))

CVE-2023-34094 (Strapi allows actors to make all attributes on a content-type public without noticing it)

CVE-2023-34095 (ChuanhuChatGPT vulnerable to unauthorized configuration file access)

CVE-2023-34096 (cpdb-libs vulnerable to buffer overflows via scanf)

CVE-2023-34097 (Thruk has Path Traversal Vulnerability in panorama.pm)

CVE-2023-34098 (Database password exposed in logs in hoppscotch)

CVE-2023-34099 (Dependency configuration exposed in Shopware)

CVE-2023-34100 (Improper mail validation in Shopware)

CVE-2023-34101 (Out-of-Bounds Read in contiki-ng)

CVE-2023-34102 (Contiki-NG vulnerable to out-of-bounds read when processing ICMP DAO input)

CVE-2023-34103 (Possible unsafe reflection / partial denial of service in avo)

CVE-2023-34104 (Stored XSS (Cross Site Scripting) in html content based fields of avo)

CVE-2023-34105 (Regex Injection via Doctype Entities)

CVE-2023-34106 (SRS has command injection vulnerability in demonstration api-server for HTTP callback.)

CVE-2023-34107 (GLPI vulnerable to unauthorized access to User data)

CVE-2023-34108 (GLPI vulnerable to unauthorized access to KnowbaseItem data)

CVE-2023-34109 (Manipulation of Internal Dovecot Variables in mailcow via crafted Passwords)

CVE-2023-34110 (User input results in Unbounded resource consumption in @zxcvbn-ts/core)

CVE-2023-34111 (Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user error)

CVE-2023-34112 (Command Injection Vulnerability in `Release PR Merged` Workflow in taosdata/grafanaplugin)

CVE-2023-34113 (JavaCPP project actions vulnerable to code injection )

CVE-2023-34114 (Clicca per dettagli)

CVE-2023-34115 (Clicca per dettagli)

CVE-2023-34116 (Clicca per dettagli)

CVE-2023-34117 (Clicca per dettagli)

CVE-2023-34118 (Clicca per dettagli)

CVE-2023-34119 (Clicca per dettagli)

CVE-2023-34120 (Clicca per dettagli)