Lista CVE 2023/3xxx

CVE nel gruppo: 3xxx

CVE-2023-3063 (Clicca per dettagli)

CVE-2023-3064 (Clicca per dettagli)

CVE-2023-3065 (Mobatime mobile application – Sensitive information disclosure)

CVE-2023-3066 (Mobatime mobile application – Authentication bypass)

CVE-2023-3067 (Mobatime mobile application – Broken authorisation)

CVE-2023-3068 (Cross-site Scripting (XSS) – Stored in zadam/trilium)

CVE-2023-3069 (Campcodes Retro Cellphone Online Store modal_add_product.php sql injection)

CVE-2023-3070 (Unverified Password Change in tsolucio/corebos)

CVE-2023-3071 (Cross-site Scripting (XSS) – Stored in tsolucio/corebos)

CVE-2023-3072 (Cross-site Scripting (XSS) – Stored in tsolucio/corebos)

CVE-2023-3073 (Nomad ACL Policies without Label are Applied to Unexpected Resources)

CVE-2023-3074 (Cross-site Scripting (XSS) – Stored in tsolucio/corebos)

CVE-2023-3075 (Cross-site Scripting (XSS) – Stored in tsolucio/corebos)

CVE-2023-3076 (Cross-Site Request Forgery (CSRF) in tsolucio/corebos)

CVE-2023-3077 (MStore API < 3.9.9 - Unauthenticated Privilege Escalation)

CVE-2023-3078 (MStore API < 3.9.8 - Unauthenticated Blind SQLi)

CVE-2023-3079 (Clicca per dettagli)

CVE-2023-3080 (Clicca per dettagli)

CVE-2023-3081 (Clicca per dettagli)

CVE-2023-3082 (Clicca per dettagli)

CVE-2023-3083 (Clicca per dettagli)

CVE-2023-3084 (Cross-site Scripting (XSS) – Stored in nilsteampassnet/teampass)

CVE-2023-3085 (Cross-site Scripting (XSS) – Stored in nilsteampassnet/teampass)

CVE-2023-3086 (X-WRT luci 404 Error Template dispatcher.uc run_action cross site scripting)

CVE-2023-3087 (Cross-site Scripting (XSS) – Stored in nilsteampassnet/teampass)

CVE-2023-3088 (Clicca per dettagli)

CVE-2023-3089 (Clicca per dettagli)

CVE-2023-3090 (Ocp & fips mode)

CVE-2023-3091 (Out-of-bounds write in Linux kernel’s ipvlan network driver)

CVE-2023-3092 (Captura CRYPTBASE.dll uncontrolled search path)

CVE-2023-3093 (Clicca per dettagli)

CVE-2023-3094 (Clicca per dettagli)

CVE-2023-3095 (code-projects Agro-School Management System btn_functions.php doUpdateQuestion sql injection)

CVE-2023-3096 (Improper Access Control in nilsteampassnet/teampass)

CVE-2023-3097 (KylinSoft kylin-software-properties changedSource access control)

CVE-2023-3098 (KylinSoft kylin-software-properties setMainSource os command injection)

CVE-2023-3099 (KylinSoft youker-assistant restore_all_sound_file path traversal)

CVE-2023-3100 (KylinSoft youker-assistant Arbitrary File dbus.SystemBus delete_file access control)

CVE-2023-3102 (IBOS del actionDel sql injection)

CVE-2023-3103 (Insertion of Sensitive Information Into Sent Data in GitLab)

CVE-2023-3104 (Authentication Bypass by Spoofing in Unitree Robotics A1)

CVE-2023-3105 (Missing Authentication for Critical Function in Unitree Robotics A1)

CVE-2023-3106 (Clicca per dettagli)

CVE-2023-3107 (Kernel: netlink socket crash (null pointer deref) in netlink_dump function)

CVE-2023-3108 (Remote denial of service in IPv6 fragment reassembly)

CVE-2023-3109 (Kernel: a race condition in crypto module in the function skcipher_recvmsg)

CVE-2023-3110 (Cross-site Scripting (XSS) – Stored in admidio/admidio)

CVE-2023-3111 (Buffer overflow in S0 Decryption on Unify Gateway)

CVE-2023-3112 (Clicca per dettagli)

CVE-2023-3113 (Clicca per dettagli)

CVE-2023-3114 (Clicca per dettagli)

CVE-2023-3115 (Terraform Enterprise Agent Pool Controls Allowed Unauthorized Workspaces To Target an Agent Pool)

CVE-2023-3116 (Incorrect User Management in GitLab)

CVE-2023-3117 (Liteos-A has a incorrect default permissions vulnerability)

CVE-2023-3118 (Clicca per dettagli)

CVE-2023-3119 (Export All URLs < 4.6 - Reflected XSS)

CVE-2023-3120 (SourceCodester Service Provider Management System view.php sql injection)

CVE-2023-3121 (SourceCodester Service Provider Management System view_service.php sql injection)

CVE-2023-3122 (Dahua Smart Parking Management image server-side request forgery)

CVE-2023-3123 (Clicca per dettagli)

CVE-2023-3124 (Clicca per dettagli)

CVE-2023-3125 (Clicca per dettagli)

CVE-2023-3126 (Clicca per dettagli)

CVE-2023-3127 (Clicca per dettagli)

CVE-2023-3128 (Improper Authentication in iSTAR)

CVE-2023-3129 (Clicca per dettagli)

CVE-2023-3130 (URL Shortify < 1.7.0 - Admin+ Cross Site Scripting)

CVE-2023-3131 (Short URL < 1.6.5 - Admin+ Cross Site Scripting)

CVE-2023-3132 (MStore API < 3.9.7 - Subscriber+ Unauthorized Settings Update)

CVE-2023-3133 (Clicca per dettagli)

CVE-2023-3134 (Tutor LMS < 2.2.1 - Unauthenticated Access to Tutor LMS Lesson Resources via REST API)

CVE-2023-3135 (Forminator < 1.24.4 - Reflected XSS)

CVE-2023-3136 (Clicca per dettagli)

CVE-2023-3138 (Clicca per dettagli)

CVE-2023-3139 (Clicca per dettagli)

CVE-2023-3140 (Protect WP Admin < 4.0 - Unauthenticated Protection Bypass)

CVE-2023-3141 (KNIME Hub Web Application is vulnerable to clickjacking)

CVE-2023-3142 (Clicca per dettagli)

CVE-2023-3143 (Cross-site Scripting (XSS) – Stored in microweber/microweber)

CVE-2023-3144 (SourceCodester Online Discussion Forum Site manage_post.php cross site scripting)