Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-4671 |
|
SQL Injection in sqli (CVE-2023-4671)
SQL injection in sqli (CVE-2023-4671). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4672 |
|
Cross-Site Scripting (XSS) in talentyazilim (CVE-2023-4672)
cross-site scripting in talentyazilim (CVE-2023-4672). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-6190 |
|
Path Traversal in path-traversal (CVE-2023-6190)
path traversal in path-traversal (CVE-2023-6190). Successful exploitation can lead to full system takeover.
|
| CVE-2023-51767 |
|
Vulnerability in openbsd (CVE-2023-51767)
vulnerability in openbsd (CVE-2023-51767). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6145 |
|
SQL Injection in sqli (CVE-2023-6145)
SQL injection in sqli (CVE-2023-6145). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6122 |
|
Cross-Site Scripting (XSS) in softomi (CVE-2023-6122)
cross-site scripting in softomi (CVE-2023-6122). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-5988 |
|
Cross-Site Scripting (XSS) in uyumsoft (CVE-2023-5988)
cross-site scripting in uyumsoft (CVE-2023-5988). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-5989 |
|
Cross-Site Scripting (XSS) in uyumsoft (CVE-2023-5989)
cross-site scripting in uyumsoft (CVE-2023-5989). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-6931 |
|
Out-of-Bounds Write in privilege-escalation (CVE-2023-6931)
out-of-bounds write in privilege-escalation (CVE-2023-6931). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6932 |
|
Use-After-Free in privilege-escalation (CVE-2023-6932)
vulnerability in privilege-escalation (CVE-2023-6932). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6817 |
|
Use-After-Free in privilege-escalation (CVE-2023-6817)
vulnerability in privilege-escalation (CVE-2023-6817). Successful exploitation can lead to full system takeover.
|
| CVE-2023-47324 |
|
Cross-Site Scripting (XSS) in silverpeas (CVE-2023-47324)
cross-site scripting in silverpeas (CVE-2023-47324). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-47322 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47322)
vulnerability in csrf (CVE-2023-47322). Successful exploitation can lead to full system takeover.
|
| CVE-2023-47326 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47326)
vulnerability in csrf (CVE-2023-47326). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6377 |
|
Out-of-Bounds Read in privilege-escalation (CVE-2023-6377)
vulnerability in privilege-escalation (CVE-2023-6377). Successful exploitation can lead to full system takeover.
|
| CVE-2023-49494 |
|
Cross-Site Scripting (XSS) in dedecms (CVE-2023-49494)
cross-site scripting in dedecms (CVE-2023-49494). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-33411 |
|
Path Traversal in path-traversal (CVE-2023-33411)
path traversal in path-traversal (CVE-2023-33411). Confidential information can be exposed externally.
|
| CVE-2023-48940 |
|
Cross-Site Scripting (XSS) in daicuo (CVE-2023-48940)
cross-site scripting in daicuo (CVE-2023-48940). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-49926 |
|
app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget.
app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget.
|
| CVE-2023-5634 |
|
SQL Injection in sqli (CVE-2023-5634)
SQL injection in sqli (CVE-2023-5634). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6118 |
|
Path Traversal in path-traversal (CVE-2023-6118)
path traversal in path-traversal (CVE-2023-6118). Confidential information can be exposed externally.
|
| CVE-2023-3631 |
|
SQL Injection in sqli (CVE-2023-3631)
SQL injection in sqli (CVE-2023-3631). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4406 |
|
Cross-Site Scripting (XSS) in kc-group-e-commerce-software-project (CVE-2023-4406)
cross-site scripting in kc-group-e-commerce-software-project (CVE-2023-4406). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-3377 |
|
SQL Injection in sqli (CVE-2023-3377)
SQL injection in sqli (CVE-2023-3377). Successful exploitation can lead to full system takeover.
|
| CVE-2023-48105 |
|
Out-of-Bounds Write in c (CVE-2023-48105)
out-of-bounds write in c (CVE-2023-48105). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-2889 |
|
SQL Injection in sqli (CVE-2023-2889)
SQL injection in sqli (CVE-2023-2889). Successful exploitation can lead to full system takeover.
|
| CVE-2023-5047 |
|
SQL Injection in sqli (CVE-2023-5047)
SQL injection in sqli (CVE-2023-5047). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6011 |
|
Cross-Site Scripting (XSS) in dece (CVE-2023-6011)
cross-site scripting in dece (CVE-2023-6011). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-41425 |
|
Cross-Site Scripting (XSS) in wondercms (CVE-2023-41425)
cross-site scripting in wondercms (CVE-2023-41425). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-5678 |
|
Vulnerability in dos (CVE-2023-5678)
vulnerability in dos (CVE-2023-5678). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-36263 |
|
SQL Injection in sqli (CVE-2023-36263)
SQL injection in sqli (CVE-2023-36263). Successful exploitation can lead to full system takeover.
|
| CVE-2023-5807 |
|
SQL Injection in sqli (CVE-2023-5807)
SQL injection in sqli (CVE-2023-5807). Successful exploitation can lead to full system takeover.
|
| CVE-2023-5367 |
|
Out-of-Bounds Write in c (CVE-2023-5367)
out-of-bounds write in c (CVE-2023-5367). Successful exploitation can lead to full system takeover.
|
| CVE-2023-5574 |
|
Use-After-Free in dos (CVE-2023-5574)
vulnerability in dos (CVE-2023-5574). Successful exploitation can lead to full system takeover.
|
| CVE-2023-46136 |
|
Vulnerability in werkzeug (CVE-2023-46136)
vulnerability in werkzeug (CVE-2023-46136). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.8` or later.
|
| CVE-2023-45992 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2023-45992)
cross-site scripting in csrf (CVE-2023-45992). Successful exploitation can lead to full system takeover.
|
| CVE-2023-45815 |
|
Cross-Site Scripting (XSS) in archivebox (CVE-2023-45815)
cross-site scripting in archivebox (CVE-2023-45815). Confidential information can be exposed externally. Mitigation: upgrade to `0.9.0` or later.
|
| CVE-2023-45379 |
|
SQL Injection in sqli (CVE-2023-45379)
SQL injection in sqli (CVE-2023-45379). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37830 |
|
Interway a.s WebJET CMS 8.6.896 is vulnerable to Cross Site Scripting (XSS).
Interway a.s WebJET CMS 8.6.896 is vulnerable to Cross Site Scripting (XSS).
|
| CVE-2023-30148 |
|
Cross-Site Scripting (XSS) in store-opart (CVE-2023-30148)
cross-site scripting in store-opart (CVE-2023-30148). Confidential information can be exposed externally.
|
| CVE-2023-5045 |
|
SQL Injection in sqli (CVE-2023-5045)
SQL injection in sqli (CVE-2023-5045). Successful exploitation can lead to full system takeover.
|
| CVE-2023-5046 |
|
SQL Injection in sqli (CVE-2023-5046)
SQL injection in sqli (CVE-2023-5046). Successful exploitation can lead to full system takeover.
|
| CVE-2023-44487 KEV |
|
[KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.
|
| CVE-2023-45199 |
|
Vulnerability in trustedfirmware (CVE-2023-45199)
vulnerability in trustedfirmware (CVE-2023-45199). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4530 |
|
SQL Injection in sqli (CVE-2023-4530)
SQL injection in sqli (CVE-2023-4530). Successful exploitation can lead to full system takeover.
|
| CVE-2023-3576 |
|
Buffer Overflow in dos (CVE-2023-3576)
vulnerability in dos (CVE-2023-3576). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-43176 |
|
Unsafe Deserialization in deserialization (CVE-2023-43176)
vulnerability in deserialization (CVE-2023-43176). Successful exploitation can lead to full system takeover.
|
| CVE-2023-41446 |
|
Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41446)
cross-site scripting in phpkobo (CVE-2023-41446). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-41447 |
|
Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41447)
cross-site scripting in phpkobo (CVE-2023-41447). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-41448 |
|
Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41448)
cross-site scripting in phpkobo (CVE-2023-41448). Risk of unauthorized operations or information disclosure.
|