Lista CVE 2023/47xxx

CVE nel gruppo: 47xxx

CVE-2023-47063 (Clicca per dettagli)

CVE-2023-47064 (Adobe Illustrator 2023 CC 27.7 Memory Corruption Out-Of-Bounds-Write Vulnerability IV.)

CVE-2023-47065 (Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79))

CVE-2023-47066 (Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79))

CVE-2023-47067 (ZDI-CAN-21705: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability)

CVE-2023-47068 (ZDI-CAN-21706: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability)

CVE-2023-47069 (ZDI-CAN-21702: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability)

CVE-2023-47070 (ZDI-CAN-21703: Adobe After Effects M4A File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability)

CVE-2023-47071 (ZDI-CAN-21708: Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability)

CVE-2023-47072 (ZDI-CAN-21704: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability)

CVE-2023-47073 (ZDI-CAN-21790: Adobe After Effects MP4 File Uninitialized Variable Information Disclosure Vulnerability)

CVE-2023-47074 (ZDI-CAN-21709: Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability)

CVE-2023-47075 (ZDI-CAN-21812: Adobe Illustrator JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability)

CVE-2023-47076 (ZDI-CAN-22006: Adobe Illustrator JP2 File Parsing Use-After-Free Remote Code Execution Vulnerability)

CVE-2023-47077 (Adobe InDesign CC 2023 Memory Corruption Vulnerability IV.)

CVE-2023-47078 (Adobe InDesign CC 2023 Memory Corruption Vulnerability VI.)

CVE-2023-47079 (ZDI-CAN-22249: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability)

CVE-2023-47080 (ZDI-CAN-22279: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability)

CVE-2023-47081 (Adobe Substance 3D Stager v2.1.1 Vulnerability VI)

CVE-2023-47090 (Adobe Substance 3D Stager v2.1.1 Vulnerability II)

CVE-2023-47091 (Clicca per dettagli)

CVE-2023-47092 (Clicca per dettagli)

CVE-2023-47093 (Clicca per dettagli)

CVE-2023-47094 (Clicca per dettagli)

CVE-2023-47095 (Clicca per dettagli)

CVE-2023-47096 (Clicca per dettagli)

CVE-2023-47097 (Clicca per dettagli)

CVE-2023-47098 (Clicca per dettagli)

CVE-2023-47099 (Clicca per dettagli)

CVE-2023-47100 (Clicca per dettagli)

CVE-2023-47101 (Clicca per dettagli)

CVE-2023-47102 (Clicca per dettagli)

CVE-2023-47104 (Clicca per dettagli)

CVE-2023-47105 (Clicca per dettagli)

CVE-2023-47106 (Clicca per dettagli)

CVE-2023-47107 (Incorrect processing of fragment in the URL leads to Authorization Bypass in Traefik)

CVE-2023-47108 (PILOS account takeover through password reset poisoning)

CVE-2023-47109 (DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics )

CVE-2023-47110 (PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block)

CVE-2023-47111 (Any value can be changed in the configuration table by an employee having access to block reassurance module )

CVE-2023-47112 (ZITADEL race condition in lockout policy execution)

CVE-2023-47113 (Authenticated users can view job names and groups they do not have authorization to view in Rundeck)

CVE-2023-47114 (DLL Search Order Hijacking vulnerability in BleachBit for Windows)

CVE-2023-47115 (Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages)

CVE-2023-47116 (Label Studio XSS Vulnerability on Avatar Upload)

CVE-2023-47117 (Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` Protections)

CVE-2023-47118 (Object Relational Mapper Leak Vulnerability in Filtering Task in Label Studio)

CVE-2023-47119 (Heap buffer overflow in T64 codec decompression)

CVE-2023-47120 (HTML injection in oneboxed links)

CVE-2023-47121 (Discourse DoS through Onebox favicon URL)

CVE-2023-47122 (Discourse SSRF vulnerability in Embedding)

CVE-2023-47123 (Gitsign’s Rekor public keys fetched from upstream API instead of local TUF client.)

CVE-2023-47124 (iTop vulnerable to XSS vulnerability in n:n relations “tagset” widget)

CVE-2023-47125 (Denial of service whith ACME HTTPChallenge in Traefik)

CVE-2023-47126 (By-passing Cross-Site Scripting Protection in HTML Sanitizer)

CVE-2023-47127 (Information Disclosure in Install Tool in typo3/cms-install)

CVE-2023-47128 (Weak Authentication in Session Handling in typo3/cms-core)

CVE-2023-47129 (piccolo SQL Injection via named transaction savepoints)

CVE-2023-47130 (Statamic CMS remote code execution via front-end form uploads)

CVE-2023-47131 (Unsafe deserialization of user data in yiisoft/yii)