Lista CVE 2023/6xxx

CVE nel gruppo: 6xxx

CVE-2023-6021 (N/A)

CVE-2023-6022 (Ray Log File Local File Include)

CVE-2023-6023 (Cross-Site Request Forgery (CSRF) in prefecthq/prefect)

CVE-2023-6026 (ModelDB Local File Include)

CVE-2023-6027 (Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) in PHPMemcachedAdmin)

CVE-2023-6028 (Cross-site Scripting vulnerability in PHPMemcachedAdmin)

CVE-2023-6029 (SDM Web interface vulnerable to XSS)

CVE-2023-6032 (EazyDocs < 2.3.6 - Unauthenticated Arbitrary Posts Deletion and Document Management)

CVE-2023-6033 (N/A)

CVE-2023-6034 (Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in GitLab)

CVE-2023-6035 (N/A)

CVE-2023-6036 (EazyDocs < 2.3.4 - Subscriber + SQLi)

CVE-2023-6037 (Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass)

CVE-2023-6038 (WP TripAdvisor Review Slider < 11.9 - Admin+ Stored XSS)

CVE-2023-6039 (Local File Inclusion in h2oai/h2o-3)

CVE-2023-6040 (Kernel: use-after-free in drivers/net/usb/lan78xx.c in lan78xx_disconnect)

CVE-2023-6042 (An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family))

CVE-2023-6043 (Getwid < 2.0.3 - Unauthenticated Arbitrary Email Sending to Admin)

CVE-2023-6044 (N/A)

CVE-2023-6045 (N/A)

CVE-2023-6046 (Arkruntime has a type confusion vulnerability)

CVE-2023-6047 (EventON < 2.2 - Admin+ Stored HTML Injection)

CVE-2023-6048 (Reflected XSS in Algoritim E-commerce Software)

CVE-2023-6049 (Estatik Real Estate Plugin < 4.1.1 - Subscriber+ Arbitrary Option Update)

CVE-2023-6050 (Estatik Real Estate Plugin < 4.1.1 - Unauthenticated PHP Object Injection)

CVE-2023-6051 (Estatik Real Estate Plugin < 4.1.1 - Reflected XSS)

CVE-2023-6052 (Improper Control of Generation of Code (‘Code Injection’) in GitLab)

CVE-2023-6053 (Tongda OA 2017 delete.php sql injection)

CVE-2023-6054 (Tongda OA 2017 delete.php sql injection)

CVE-2023-6055 (Tongda OA 2017 lock.php sql injection)

CVE-2023-6056 (Improper Certificate Validation in Bitdefender Total Security HTTPS Scanning (VA-11158))

CVE-2023-6057 (Insecure Trust of Self-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11164))

CVE-2023-6058 (Insecure Trust of DSA-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11166))

CVE-2023-6060 (HTTPS Certificate Validation Issue in Bitdefender Safepay (VA-11167))

CVE-2023-6061 (N/A)

CVE-2023-6062 (N/A)

CVE-2023-6063 (Arbitrary File Write)

CVE-2023-6064 (WP Fastest Cache < 1.2.2 - Unauthenticated SQL Injection)

CVE-2023-6065 (PayHere Payment Gateway < 2.2.12 - Unauthenticated Log Data Disclosure)

CVE-2023-6066 (Quttera Web Malware Scanner < 3.4.2.1 - Directory Listing to Sensitive Data Exposure)