Pagina 4 – Azienda Sicura

Lista CVE 2023/46xxx

CVE nel gruppo: 46xxx

CVE-2023-46088 (Clicca per dettagli)

CVE-2023-46089 (WordPress WP Full Stripe Free Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-46090 (WordPress Userback Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-46091 (WordPress Spider Facebook Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-46092 (WordPress Category SEO Meta Tags Plugin <= 2.5 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-46093 (WordPress Webmaster Tools Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-46094 (WordPress Webmaster Tools Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-46095 (WordPress Conversios.io Plugin <= 6.5.3 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-46096 (WordPress Smooth Scroll Links Plugin <= 1.1.0 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-46097 (Clicca per dettagli)

CVE-2023-46098 (Clicca per dettagli)

CVE-2023-46099 (Clicca per dettagli)

CVE-2023-46100 (Clicca per dettagli)

CVE-2023-46102 (Cert manager has a use of uninitialized resource vulnerability)

CVE-2023-46103 (Clicca per dettagli)

CVE-2023-46104 (Clicca per dettagli)

CVE-2023-46115 (Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb)

CVE-2023-46116 (Updater Private Keys Possibly Leaked via Vite Environment Variables in tauri-cli)

CVE-2023-46117 (Remote Code Execution via insufficiently sanitized call to shell.openExternal)

CVE-2023-46118 (Inadequate validation of retrieved subdomains may lead to a Remote Code Execution in reconFTW)

CVE-2023-46119 (Denial of Service by publishing large messages over the HTTP API)

CVE-2023-46120 (Parse Server may crash when uploading file without extension)

CVE-2023-46121 (RabbitMQ Java client’s lack of message size limitation leads to remote DoS attack)

CVE-2023-46122 (Generic Extractor MITM Vulnerability in yt-dlp)

CVE-2023-46123 (Arbitrary file write via archive extraction (Zip Slip) vulnerability in sbt)

CVE-2023-46124 (jumpserver is vulnerable to password brute-force protection bypass via arbitrary IP values)

CVE-2023-46125 (Server-Side Request Forgery Vulnerability in Custom Integration Upload)

CVE-2023-46126 (Fides Information Disclosure Vulnerability in Config API Endpoint)

CVE-2023-46127 (Fides JavaScript Injection Vulnerability in Privacy Center URL)

CVE-2023-46128 (Frappe vulnerable to HTML injection by any Desk user)

CVE-2023-46129 (Exposure of hashed user passwords via REST API in Nautobot)

CVE-2023-46130 (xkeys Seal encryption used fixed key for all encryption)

CVE-2023-46131 (Bypassing height value allowed in some theme components)

CVE-2023-46132 (Grails® data binding causes JVM crash and/or DoS )

CVE-2023-46133 (Crosslinking transaction attack in hyperledger/fabric)

CVE-2023-46134 (crypto-es PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard)

CVE-2023-46135 (D-Tale vulnerable to Remote Code Execution through the Custom Filter Input)

CVE-2023-46136 (Panic in SignedPayload::from_payload)

CVE-2023-46137 (Werkzeug vulnerable to high resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning)

CVE-2023-46138 (twisted.web has disordered HTTP pipeline response)

CVE-2023-46139 (JumpServer default admin user email leak password reset)

CVE-2023-46141 (KernelSU signature validation mismatch)

CVE-2023-46142 (Phoenix Contact: Automation Worx and classic line controllers prone to Incorrect Permission Assignment for Critical Resource)

CVE-2023-46143 (PHOENIX CONTACT: Insufficient Read and Write Protection to Logic and Runtime Data in PLCnext Control)

CVE-2023-46144 (Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC)

CVE-2023-46145 (PHOENIX CONTACT: PLCnext Control prone to download of code without integrity check)

CVE-2023-46146 (WordPress Themify Ultra theme <= 7.3.5 - Authenticated Privilege Escalation vulnerability)

CVE-2023-46147 (WordPress Themify Ultra theme <= 7.3.5 - Multiple Broken Access Control vulnerability)

CVE-2023-46148 (WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to PHP Object Injection)

CVE-2023-46149 (WordPress Themify Ultra theme <= 7.3.5 - Authenticated Arbitrary Settings Change vulnerability)

CVE-2023-46150 (WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Arbitrary File Upload)

CVE-2023-46151 (WordPress WP Radio plugin <= 3.1.9 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-46152 (WordPress Product Category Tree Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-46153 (WordPress WOLF Plugin <= 1.0.7.1 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-46154 (WordPress User Feedback Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-46156 (WordPress e2pdf Plugin <= 1.20.18 is vulnerable to PHP Object Injection)

CVE-2023-46157 (Clicca per dettagli)

CVE-2023-46158 (Clicca per dettagli)

CVE-2023-46159 (IBM WebSphere Application Server session fixation)

CVE-2023-46167 (IBM Storage Ceph denial of service)

CVE-2023-46169 (IBM Db2 denial of service)

CVE-2023-46170 (IBM DS8900F file manipulation)

CVE-2023-46171 (IBM DS8900F information disclosure)

CVE-2023-46172 (IBM DS8900F information disclosure)

CVE-2023-46174 (IBM DS8900F security bypass)

CVE-2023-46175 (IBM InfoSphere Information Server cross-site scripting)

CVE-2023-46176 (IBM Cloud Pak for Multicloud Management information disclosure)

CVE-2023-46177 (IBM MQ privilege escalation)

CVE-2023-46179 (IBM MQ Appliance information disclosure)

CVE-2023-46181 (IBM Secure Proxy information disclosure)

CVE-2023-46182 (IBM Secure Proxy information disclosure)

CVE-2023-46183 (IBM Secure Proxy cross-site scripting)

CVE-2023-46186 (IBM PowerVM Hypervisor information disclosure)

CVE-2023-46187 (IBM Jazz for Service Management information disclosure)

CVE-2023-46188 (IBM InfoSphere Master Data Management cross-site scripting)

CVE-2023-46189 (WordPress Freesoul Deactivate Plugins plugin <= 2.1.3 - Broken Access Control vulnerability)

CVE-2023-46190 (WordPress Google Calendar Events Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-46191 (WordPress Novo-Map : your WP posts on custom google maps Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-46192 (WordPress Open Graph Metabox Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-46193 (WordPress Internal Link Building Plugin <= 1.2.3 is vulnerable to Cross Site Scripting (XSS))

Precedente Successivo