Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-27532 KEV |
|
[KEV] Vulnerability in Veeam backup-replication (CVE-2023-27532)
vulnerability in Veeam backup-replication (CVE-2023-27532). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-26359 KEV |
|
[KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2023-26359)
vulnerability in Adobe coldfusion (CVE-2023-26359). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-24489 KEV |
|
[KEV] Vulnerability in Citrix content-collaboration (CVE-2023-24489)
vulnerability in Citrix content-collaboration (CVE-2023-24489). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-18368 KEV |
|
[KEV] OS Command Injection in Zyxel p660hn-t1a-routers (CVE-2017-18368)
OS command injection in Zyxel p660hn-t1a-routers (CVE-2017-18368). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-35081 KEV |
|
[KEV] Path Traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081)
path traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-37580 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2023-37580)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2023-37580). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-35078 KEV |
|
[KEV] Authentication Bypass in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35078)
authentication bypass in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35078). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-38205 KEV |
|
[KEV] Vulnerability in Adobe coldfusion (CVE-2023-38205)
vulnerability in Adobe coldfusion (CVE-2023-38205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-29298 KEV |
|
[KEV] Vulnerability in Adobe coldfusion (CVE-2023-29298)
vulnerability in Adobe coldfusion (CVE-2023-29298). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-3519 KEV |
|
[KEV] Code Injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-3519)
code injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-3519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36884 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-36884)
vulnerability in Microsoft windows (CVE-2023-36884). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-29303 KEV |
|
[KEV] OS Command Injection in Solarview compact (CVE-2022-29303)
OS command injection in Solarview compact (CVE-2022-29303). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-35311 KEV |
|
[KEV] Vulnerability in Microsoft outlook (CVE-2023-35311)
vulnerability in Microsoft outlook (CVE-2023-35311). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36874 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-36874)
vulnerability in Microsoft windows (CVE-2023-36874). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-31199 KEV |
|
[KEV] Unsafe Deserialization in Netwrix auditor (CVE-2022-31199)
vulnerability in Netwrix auditor (CVE-2022-31199). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-29256 KEV |
|
[KEV] Use-After-Free in Arm :unknown: (CVE-2021-29256)
vulnerability in Arm :unknown: (CVE-2021-29256). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2023-07-05` or later.
|
| CVE-2021-25371 KEV |
|
[KEV] Vulnerability in Samsung mobile-devices (CVE-2021-25371)
vulnerability in Samsung mobile-devices (CVE-2021-25371). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-17621 KEV |
|
[KEV] OS Command Injection in D-link dir-859-router (CVE-2019-17621)
OS command injection in D-link dir-859-router (CVE-2019-17621). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-20500 KEV |
|
[KEV] OS Command Injection in D-link dwl-2600ap-access-point (CVE-2019-20500)
OS command injection in D-link dwl-2600ap-access-point (CVE-2019-20500). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25489 KEV |
|
[KEV] Vulnerability in Samsung mobile-devices (CVE-2021-25489)
vulnerability in Samsung mobile-devices (CVE-2021-25489). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25487 KEV |
|
[KEV] Out-of-Bounds Read in Samsung mobile-devices (CVE-2021-25487)
vulnerability in Samsung mobile-devices (CVE-2021-25487). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25394 KEV |
|
[KEV] Use-After-Free in Samsung mobile-devices (CVE-2021-25394)
vulnerability in Samsung mobile-devices (CVE-2021-25394). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25395 KEV |
|
[KEV] Vulnerability in Samsung mobile-devices (CVE-2021-25395)
vulnerability in Samsung mobile-devices (CVE-2021-25395). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25372 KEV |
|
[KEV] Out-of-Bounds Write in Samsung mobile-devices (CVE-2021-25372)
out-of-bounds write in Samsung mobile-devices (CVE-2021-25372). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-20867 KEV |
|
[KEV] Authentication Bypass in Vmware tools (CVE-2023-20867)
authentication bypass in Vmware tools (CVE-2023-20867). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-27992 KEV |
|
[KEV] OS Command Injection in Zyxel multiple-network-attached-storage-nas-devices (CVE-2023-27992)
OS command injection in Zyxel multiple-network-attached-storage-nas-devices (CVE-2023-27992). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-32439 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2023-32439)
vulnerability in Apple multiple-products (CVE-2023-32439). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-32435 KEV |
|
[KEV] Out-of-Bounds Write in Apple multiple-products (CVE-2023-32435)
out-of-bounds write in Apple multiple-products (CVE-2023-32435). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-32434 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2023-32434)
vulnerability in Apple multiple-products (CVE-2023-32434). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-20887 KEV |
|
[KEV] Command Injection in Vmware aria-operations-for-networks (CVE-2023-20887)
command injection in Vmware aria-operations-for-networks (CVE-2023-20887). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-0165 KEV |
|
[KEV] Vulnerability in Microsoft win32k (CVE-2016-0165)
vulnerability in Microsoft win32k (CVE-2016-0165). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-9079 KEV |
|
[KEV] Use-After-Free in Mozilla firefox (CVE-2016-9079)
vulnerability in Mozilla firefox (CVE-2016-9079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-12641 KEV |
|
[KEV] OS Command Injection in roundcube (CVE-2020-12641)
OS command injection in roundcube (CVE-2020-12641). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44026 KEV |
|
[KEV] SQL Injection in roundcube (CVE-2021-44026)
SQL injection in roundcube (CVE-2021-44026). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-35730 KEV |
|
[KEV] Cross-Site Scripting (XSS) in roundcube (CVE-2020-35730)
cross-site scripting in roundcube (CVE-2020-35730). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-27997 KEV |
|
[KEV] Vulnerability in Fortinet fortios-and-fortiproxy-ssl-vpn (CVE-2023-27997)
vulnerability in Fortinet fortios-and-fortiproxy-ssl-vpn (CVE-2023-27997). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-3079 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2023-3079)
vulnerability in Google chromium-v8 (CVE-2023-3079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33009 KEV |
|
[KEV] Vulnerability in Zyxel multiple-firewalls (CVE-2023-33009)
vulnerability in Zyxel multiple-firewalls (CVE-2023-33009). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33010 KEV |
|
[KEV] Vulnerability in Zyxel multiple-firewalls (CVE-2023-33010)
vulnerability in Zyxel multiple-firewalls (CVE-2023-33010). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-34362 KEV |
|
[KEV] SQL Injection in Progress moveit-transfer (CVE-2023-34362)
SQL injection in Progress moveit-transfer (CVE-2023-34362). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28771 KEV |
|
[KEV] OS Command Injection in Zyxel multiple-firewalls (CVE-2023-28771)
OS command injection in Zyxel multiple-firewalls (CVE-2023-28771). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-2868 KEV |
|
[KEV] Vulnerability in Barracuda networks barracuda-networks (CVE-2023-2868)
vulnerability in Barracuda networks barracuda-networks (CVE-2023-2868). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28204 KEV |
|
[KEV] Out-of-Bounds Read in Apple multiple-products (CVE-2023-28204)
vulnerability in Apple multiple-products (CVE-2023-28204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-32373 KEV |
|
[KEV] Use-After-Free in Apple multiple-products (CVE-2023-32373)
vulnerability in Apple multiple-products (CVE-2023-32373). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-6415 KEV |
|
[KEV] Information Disclosure in Cisco ios (CVE-2016-6415)
vulnerability in Cisco ios (CVE-2016-6415). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-21492 KEV |
|
[KEV] Vulnerability in Samsung mobile-devices (CVE-2023-21492)
vulnerability in Samsung mobile-devices (CVE-2023-21492). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-0196 KEV |
|
[KEV] Vulnerability in Linux kernel (CVE-2014-0196)
vulnerability in Linux kernel (CVE-2014-0196). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-8735 KEV |
|
[KEV] Vulnerability in Apache tomcat (CVE-2016-8735)
vulnerability in Apache tomcat (CVE-2016-8735). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-3560 KEV |
|
[KEV] Authorization Flaw in Red hat red-hat (CVE-2021-3560)
vulnerability in Red hat red-hat (CVE-2021-3560). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-25717 KEV |
|
[KEV] Code Injection in Ruckus wireless ruckus-wireless (CVE-2023-25717)
code injection in Ruckus wireless ruckus-wireless (CVE-2023-25717). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|