Lista CVE 2023/4xxx

CVE nel gruppo: 4xxx

CVE-2023-4000 (N/A)

CVE-2023-4001 (N/A)

CVE-2023-4002 (Grub2: bypass the grub password protection feature)

CVE-2023-4003 (Insertion of Sensitive Information Into Sent Data in GitLab)

CVE-2023-4004 ( One Identity Password Manager version 5.9.7.1 – Unauthenticated physical access privilege escalation)

CVE-2023-4005 (Kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove())

CVE-2023-4006 (Insufficient Session Expiration in fossbilling/fossbilling)

CVE-2023-4007 (Improper Neutralization of Formula Elements in a CSV File in thorsten/phpmyfaq)

CVE-2023-4008 (Cross-site Scripting (XSS) – Stored in thorsten/phpmyfaq)

CVE-2023-4009 (Incorrect Ownership Assignment in GitLab)

CVE-2023-4010 (Privilege Escalation for Project Owner and Project User Admin Roles in Ops Manager)

CVE-2023-4011 (Kernel: usb: hcd: malformed usb descriptor leads to infinite loop in usb_giveback_urb())

CVE-2023-4012 (Allocation of Resources Without Limits or Throttling in GitLab)

CVE-2023-4013 (Incomplete Internal State Distinction in ntpsec)

CVE-2023-4014 (GDPR Cookie Compliance < 4.12.5 - License Update/Deactivation via CSRF)

CVE-2023-4015 (N/A)

CVE-2023-4016 (Use-after-free in Linux kernel’s netfilter: nf_tables component)

CVE-2023-4017 (N/A)

CVE-2023-4018 (Goya <= 1.0.8.7 - Unauthenticated Reflected Cross-Site Scripting via Multiple Parameters)

CVE-2023-4019 (Direct Request (‘Forced Browsing’) in GitLab)