Pagina 4 – Azienda Sicura

Lista CVE 2023/35xxx

CVE nel gruppo: 35xxx

CVE-2023-35075 (Clicca per dettagli)

CVE-2023-35077 (HTML injection via channel autocomplete)

CVE-2023-35078 (Clicca per dettagli)

CVE-2023-35080 (Clicca per dettagli)

CVE-2023-35081 (Clicca per dettagli)

CVE-2023-35082 (Clicca per dettagli)

CVE-2023-35083 (Clicca per dettagli)

CVE-2023-35084 (Clicca per dettagli)

CVE-2023-35085 (Clicca per dettagli)

CVE-2023-35086 (Clicca per dettagli)

CVE-2023-35087 (ASUS RT-AX56U V2 & RT-AC86U – Format String -1)

CVE-2023-35088 (ASUS RT-AX56U V2 & RT-AC86U – Format String – 2)

CVE-2023-35089 (Apache InLong: SQL injection in audit endpoint)

CVE-2023-35090 (WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-35091 (WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-35092 (WordPress WooCommerce Stock Manager Plugin <= 2.10.0 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-35093 (WordPress breadcrumb simple Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-35094 (WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Broken Access Control)

CVE-2023-35095 (WordPress WP Matterport Shortcode Plugin <= 2.1.4 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-35096 (WordPress Flo Forms Plugin <= 1.0.40 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-35097 (WordPress myCred Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-35098 (WordPress WP Affiliate Links Plugin <= 0.1.1 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-35110 (WordPress NextGen GalleryView Plugin <= 0.5.5 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-35116 (Clicca per dettagli)

CVE-2023-35120 (Clicca per dettagli)

CVE-2023-35121 (PiiGAB M-Bus Cross-Site Request Forgery)

CVE-2023-35123 (Clicca per dettagli)

CVE-2023-35124 (Clicca per dettagli)

CVE-2023-35126 (Clicca per dettagli)

CVE-2023-35127 (Clicca per dettagli)

CVE-2023-35128 (Fuji Electric Tellus Lite V-Simulator Stack-based Buffer Overflow)

CVE-2023-35131 (Clicca per dettagli)

CVE-2023-35132 (Moodle: xss risk on groups page)

CVE-2023-35133 (Moodle: minor sql injection risk on mnet sso access control page)

CVE-2023-35134 (Moodle: ssrf risk due to insufficient check on the curl blocked hosts)

CVE-2023-35136 (Weintek Weincloud Weak Password Recovery Mechanism for Forgotten Password)

CVE-2023-35137 (Clicca per dettagli)

CVE-2023-35138 (Clicca per dettagli)

CVE-2023-35139 (Clicca per dettagli)

CVE-2023-35140 (Clicca per dettagli)

CVE-2023-35141 (Clicca per dettagli)

CVE-2023-35142 (Clicca per dettagli)

CVE-2023-35143 (Clicca per dettagli)

CVE-2023-35144 (Clicca per dettagli)

CVE-2023-35145 (Clicca per dettagli)

CVE-2023-35146 (Clicca per dettagli)

CVE-2023-35147 (Clicca per dettagli)

CVE-2023-35148 (Clicca per dettagli)

CVE-2023-35149 (Clicca per dettagli)

CVE-2023-35150 (Clicca per dettagli)

CVE-2023-35151 (XWiki Platform vulnerable to privilege escalation (PR) from view right via Invitation application)

CVE-2023-35152 (XWiki Platform may show email addresses in clear in REST results)

CVE-2023-35153 (XWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults)

CVE-2023-35154 (XWiki Platform vulnerable to stored cross-site scripting in ClassEditSheet page via name parameters)

CVE-2023-35155 (Knowage-Server vulnerable to account validation bypass)

CVE-2023-35156 (XWiki Platform vulnerable to cross-site scripting in target parameter via share page by email)

CVE-2023-35157 (XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in delete template)

CVE-2023-35158 (XWiki Platform vulnerable to reflected cross-site scripting via delattachment action)

CVE-2023-35159 (XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in restore template)

CVE-2023-35160 (XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in deletespace template)

CVE-2023-35161 (XWiki Platform vulnerable to reflected cross-site scripting via back and xcontinue parameters in resubmit template)

CVE-2023-35162 (XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in DeleteApplication page)

CVE-2023-35163 (XPlatform Wiki vulnerable to cross-site scripting via xcontinue parameter in preview actions template)

CVE-2023-35164 (Vega’s validators able to submit duplicate transactions )

CVE-2023-35165 (Unauthorized users can manipulate a dashboard created by an administrator in DataEase)

CVE-2023-35166 (AWS CDK EKS overly permissive trust policies)

CVE-2023-35167 (Privilege escalation (PR) from account through TipsPanel)

CVE-2023-35168 (When setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by Id)

CVE-2023-35169 (DataEase has a privilege bypass vulnerability)

CVE-2023-35170 (php-imap vulnerable to RCE through a directory traversal vulnerability)

CVE-2023-35171 (Clicca per dettagli)

CVE-2023-35172 (Nextcloud Server vulnerable to open redirect on “Unsupported browser” warning)

CVE-2023-35173 (Nextcloud Server password reset endpoint is not brute force protected)

CVE-2023-35174 (End-to-End encrypted file-drops can be made inaccessible)

CVE-2023-35175 (Livebook Desktop’s protocol handler can be exploited to execute arbitrary command on Windows)

CVE-2023-35176 (Clicca per dettagli)

CVE-2023-35177 (Clicca per dettagli)

CVE-2023-35178 (Clicca per dettagli)

CVE-2023-35179 (Clicca per dettagli)

CVE-2023-35180 (2FA/MFA Bypass Vulnerability in Serv-U 15.4 )

Precedente Successivo