Lista CVE 2023/6xxx

CVE nel gruppo: 6xxx

CVE-2023-6067 (Clicca per dettagli)

CVE-2023-6068 (WP User Profile Avatar <= 1.0.1 - Contributor+ Stored XSS)

CVE-2023-6069 (On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some)

CVE-2023-6070 (Improper Link Resolution Before File Access in froxlor/froxlor)

CVE-2023-6071 (Clicca per dettagli)

CVE-2023-6072 (Clicca per dettagli)

CVE-2023-6073 (Clicca per dettagli)

CVE-2023-6074 (DoS and Control of Volume Settings for VW ID.3 ICAS3 IVI ECU)

CVE-2023-6075 (PHPGurukul Restaurant Table Booking System Booking Reservation check-status.php sql injection)

CVE-2023-6076 (PHPGurukul Restaurant Table Booking System Reservation Request index.php cross site scripting)

CVE-2023-6077 (PHPGurukul Restaurant Table Booking System Reservation Status booking-details.php information disclosure)

CVE-2023-6078 (Slider – Ultimate Responsive Image Slider < 3.5.12 - Subscriber+ Arbitrary Post Access)

CVE-2023-6079 (OS Command Injection vulnerability affecting BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023)

CVE-2023-6080 (Clicca per dettagli)

CVE-2023-6081 (Privilege Escalation to SYSTEM in Lakeside Software Installer)

CVE-2023-6082 (Chart.js for WordPress <= 2023.2 - Editor+ Stored Cross-Site Scripting in New Chart)

CVE-2023-6083 (Chart.js for WordPress <= 2023.2 - Editor+ Stored Cross-Site Scripting)

CVE-2023-6084 (Clicca per dettagli)

CVE-2023-6085 (Tongda OA 2017 delete.php sql injection)

CVE-2023-6086 (Clicca per dettagli)

CVE-2023-6087 (Clicca per dettagli)

CVE-2023-6088 (Clicca per dettagli)

CVE-2023-6089 (Clicca per dettagli)

CVE-2023-6090 (Clicca per dettagli)

CVE-2023-6091 (WordPress Mollie Payments for WooCommerce Plugin <= 7.3.11 is vulnerable to Arbitrary File Upload)

CVE-2023-6092 (WordPress Theme Editor plugin <= 2.7.1 - Arbitrary File Upload vulnerability)

CVE-2023-6093 (Clicca per dettagli)

CVE-2023-6094 (OnCell G3150A-LTE Series: Clickjacking Vulnerability)

CVE-2023-6095 (OnCell G3150A-LTE Series: Web Server Transmits Cleartext Credentials)

CVE-2023-6096 (Remote Code Execution without authentication using memory overflow)

CVE-2023-6097 (using a inappropriate encryption logic)

CVE-2023-6098 (SQL Injection on ICSSolution ICS Business Manager)

CVE-2023-6099 (Cross-site Scripting on ICSSolution ICS Business Manager)

CVE-2023-6100 (Shenzhen Youkate Industrial Facial Love Cloud Payment System Account SystemMng.ashx privileges management)

CVE-2023-6101 (Maiwei Safety Production Control Platform GetItemList information disclosure)

CVE-2023-6102 (Maiwei Safety Production Control Platform Intelligent Monitoring ha.html information disclosure)

CVE-2023-6103 (Maiwei Safety Production Control Platform unrestricted upload)

CVE-2023-6104 (Intelbras RX 1500 SSID WiFi.html cross site scripting)

CVE-2023-6105 (Clicca per dettagli)

CVE-2023-6106 (ManageEngine Information Disclosure in Multiple Products)

CVE-2023-6107 (Clicca per dettagli)

CVE-2023-6109 (Clicca per dettagli)

CVE-2023-6110 (Clicca per dettagli)

CVE-2023-6111 (Openstack: deleting a non existing access rule deletes another existing access rule in it’s scope)

CVE-2023-6112 (Use-after-free in Linux kernel’s netfilter: nf_tables component)

CVE-2023-6113 (Clicca per dettagli)

CVE-2023-6114 (WP Staging (Free < 3.1.3, Pro < 5.1.3) - Unauthenticated Backup Download)

CVE-2023-6115 (Duplicator < 1.5.7.1; Duplicator Pro < 4.5.14.2 - Unauthenticated Sensitive Data Exposure)

CVE-2023-6116 (Clicca per dettagli)

CVE-2023-6117 (Remote Code Execution without authentication using stack overflow)

CVE-2023-6118 (M-Files REST API allows Denial of Service)

CVE-2023-6119 (Path Traversal in Neutron IP Camera)

CVE-2023-6120 (Clicca per dettagli)

CVE-2023-6121 (Clicca per dettagli)

CVE-2023-6122 (Kernel: nvme: info leak due to out-of-bounds read in nvmet_ctrl_find_get)

CVE-2023-6123 (Reflected XSS in Softomi E-commerce Software)

CVE-2023-6124 (Improper Neutralization vulnerability affects OpenText ALM Octane. )

CVE-2023-6125 (Server-Side Request Forgery (SSRF) in salesagility/suitecrm)

CVE-2023-6126 (Code Injection in salesagility/suitecrm)

CVE-2023-6127 (Code Injection in salesagility/suitecrm)

CVE-2023-6128 (Unrestricted Upload of File with Dangerous Type in salesagility/suitecrm)

CVE-2023-6129 (Cross-site Scripting (XSS) – Reflected in salesagility/suitecrm)

CVE-2023-6130 (POLY1305 MAC implementation corrupts vector registers on PowerPC)

CVE-2023-6131 (Path Traversal: ‘\..\filename’ in salesagility/suitecrm)

CVE-2023-6132 (Code Injection in salesagility/suitecrm)

CVE-2023-6133 (AVEVA Edge products Uncontrolled Search Path Element)

CVE-2023-6134 (Clicca per dettagli)

CVE-2023-6135 (Keycloak: reflected xss via wildcard in oidc redirect_uri)

CVE-2023-6136 (Clicca per dettagli)

CVE-2023-6137 (WordPress Debug Log Manager Plugin <= 2.3.0 is vulnerable to Sensitive Data Exposure)

CVE-2023-6138 (WordPress Frontier Post Plugin <= 6.1 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-6139 (Clicca per dettagli)

CVE-2023-6140 (Essential Real Estate < 4.4.0 - Subscriber+ Denial of Service via Arbitrary Option Update)

CVE-2023-6141 (Essential Real Estate < 4.4 - Subscriber+ Arbitrary File Upload)

CVE-2023-6142 (Essential Real Estate < 4.4.0 - Subscriber+ Stored XSS)

CVE-2023-6143 (Dev Blog v1.0 – Stored XSS)

CVE-2023-6144 (Mali GPU Kernel Driver allows improper GPU memory processing operations)

CVE-2023-6145 (Dev Blog v1.0 – ATO)

CVE-2023-6146 (SQLi in Softomi E-commerce Software)

CVE-2023-6147 (Stored XSS Vulnerability in QualysGuard VM/PC )