Lista CVE 2023/40xxx

CVE nel gruppo: 40xxx

CVE-2023-40022 (N/A)

CVE-2023-40023 (Rizin vulnerable to Integer Overflow in C++ demangler logic)

CVE-2023-40024 (Yaklang Plugin’s Fuzztag Component Allows Unauthorized Local File Reading)

CVE-2023-40025 (Reflected Cross-Site Scripting (XSS) in scancode.io license endpoint)

CVE-2023-40026 (Argo CD web terminal session doesn’t expire)

CVE-2023-40027 (Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server)

CVE-2023-40028 (Conditionally missing authorization in @keystone-6/core)

CVE-2023-40029 (Arbitrary file read via symlinks in Ghost)

CVE-2023-40030 (Cluster secret might leak in cluster details page in Argo CD)

CVE-2023-40031 (Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reports)

CVE-2023-40032 (Notepad++ vulnerable to heap buffer write overflow in Utf8_16_Read::convert)

CVE-2023-40033 (Potential segfault due to NULL pointer dereference in libvips)

CVE-2023-40034 (Server-Side Request Forgery via Avatar upload in flarum)

CVE-2023-40035 (Repositoty takeover in woodpecker-ci)

CVE-2023-40036 (Craft CMS vulnerable to Remote Code Execution via validatePath bypass)

CVE-2023-40037 (Notepad++ global buffer read overflow in CharDistributionAnalysis::HandleOneChar)

CVE-2023-40038 (Apache NiFi: Incomplete Validation of JDBC and JNDI Connection URLs)

CVE-2023-40039 (N/A)

CVE-2023-40040 (N/A)

CVE-2023-40041 (N/A)

CVE-2023-40042 (N/A)

CVE-2023-40043 (N/A)

CVE-2023-40044 (MOVEit Transfer System Administrator SQL Injection)

CVE-2023-40045 (WS_FTP Server Ad Hoc Transfer Module .NET Deserialization Vulnerability)

CVE-2023-40046 (WS_FTP Server Ad Hoc Transfer Module Reflected Cross-Site Scripting Vulnerability)

CVE-2023-40047 (WS_FTP Server SQL Injection via Administrative Interface)

CVE-2023-40048 (WS_FTP Server Stored Cross-Site Scripting Vulnerability)

CVE-2023-40049 (WS_FTP Server Cross-Site Request Forgery (CSRF) Vulnerability)

CVE-2023-40050 (WS_FTP Server Information Disclosure via Directory Listing)

CVE-2023-40051 (Automate Vulnerable to Malicious Content Uploaded Through Embedded Compliance Application)

CVE-2023-40052 (Progress Application Server (PAS) for OpenEdge File Upload via Directory Traversal)

CVE-2023-40053 (Progress Application Server (PAS) for OpenEdge Denial of Service)

CVE-2023-40054 (HTML injection Vulnerability in Serv-U 15.4)

CVE-2023-40055 (SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability)

CVE-2023-40056 (SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability)

CVE-2023-40057 (SolarWinds Platform SQL Injection Remote Code Execution Vulnerability)

CVE-2023-40058 (SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution)

CVE-2023-40060 (Sensitive Information Disclosure Vulnerability )

CVE-2023-40061 (2FA/MFA Bypass Vulnerability in Serv-U 15.4 and 15.4 Hotfix 1)

CVE-2023-40062 (Insecure Job Execution Mechanism Vulnerability )