Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-5989 |
|
Cross-Site Scripting (XSS) in uyumsoft (CVE-2023-5989)
cross-site scripting in uyumsoft (CVE-2023-5989). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-49897 KEV |
|
[KEV] OS Command Injection in Fxc ae1021 (CVE-2023-49897)
OS command injection in Fxc ae1021 (CVE-2023-49897). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-47565 KEV |
|
[KEV] OS Command Injection in Qnap viostor-nvr (CVE-2023-47565)
OS command injection in Qnap viostor-nvr (CVE-2023-47565). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-50989 |
|
Command Injection in tenda (CVE-2023-50989)
command injection in tenda (CVE-2023-50989). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50988 |
|
Out-of-Bounds Write in tenda (CVE-2023-50988)
out-of-bounds write in tenda (CVE-2023-50988). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50990 |
|
Out-of-Bounds Write in tenda (CVE-2023-50990)
out-of-bounds write in tenda (CVE-2023-50990). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50992 |
|
Out-of-Bounds Write in tenda (CVE-2023-50992)
out-of-bounds write in tenda (CVE-2023-50992). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50984 |
|
Out-of-Bounds Write in tenda (CVE-2023-50984)
out-of-bounds write in tenda (CVE-2023-50984). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50985 |
|
Out-of-Bounds Write in tenda (CVE-2023-50985)
out-of-bounds write in tenda (CVE-2023-50985). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50986 |
|
Out-of-Bounds Write in tenda (CVE-2023-50986)
out-of-bounds write in tenda (CVE-2023-50986). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50987 |
|
Out-of-Bounds Write in tenda (CVE-2023-50987)
out-of-bounds write in tenda (CVE-2023-50987). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50983 |
|
Command Injection in tenda (CVE-2023-50983)
command injection in tenda (CVE-2023-50983). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6932 |
|
Use-After-Free in privilege-escalation (CVE-2023-6932)
vulnerability in privilege-escalation (CVE-2023-6932). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6931 |
|
Out-of-Bounds Write in privilege-escalation (CVE-2023-6931)
out-of-bounds write in privilege-escalation (CVE-2023-6931). Successful exploitation can lead to full system takeover.
|
| CVE-2023-51385 |
|
OS Command Injection in openbsd (CVE-2023-51385)
OS command injection in openbsd (CVE-2023-51385). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-51384 |
|
Vulnerability in openbsd (CVE-2023-51384)
vulnerability in openbsd (CVE-2023-51384). Confidential information can be exposed externally.
|
| CVE-2023-6817 |
|
Use-After-Free in privilege-escalation (CVE-2023-6817)
vulnerability in privilege-escalation (CVE-2023-6817). Successful exploitation can lead to full system takeover.
|
| CVE-2023-47324 |
|
Cross-Site Scripting (XSS) in silverpeas (CVE-2023-47324)
cross-site scripting in silverpeas (CVE-2023-47324). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-47320 |
|
Authorization Flaw in silverpeas (CVE-2023-47320)
vulnerability in silverpeas (CVE-2023-47320). Data can be tampered with by attackers.
|
| CVE-2023-47325 |
|
Vulnerability in silverpeas (CVE-2023-47325)
vulnerability in silverpeas (CVE-2023-47325). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-47322 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47322)
vulnerability in csrf (CVE-2023-47322). Successful exploitation can lead to full system takeover.
|
| CVE-2023-47326 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47326)
vulnerability in csrf (CVE-2023-47326). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6478 |
|
Vulnerability in xorg (CVE-2023-6478)
vulnerability in xorg (CVE-2023-6478). Confidential information can be exposed externally.
|
| CVE-2023-6377 |
|
Out-of-Bounds Read in privilege-escalation (CVE-2023-6377)
vulnerability in privilege-escalation (CVE-2023-6377). Successful exploitation can lead to full system takeover.
|
| CVE-2023-49494 |
|
Cross-Site Scripting (XSS) in dedecms (CVE-2023-49494)
cross-site scripting in dedecms (CVE-2023-49494). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-6448 KEV |
|
[KEV] Vulnerability in Unitronics vision-plc-and-hmi (CVE-2023-6448)
vulnerability in Unitronics vision-plc-and-hmi (CVE-2023-6448). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33413 |
|
Vulnerability in supermicro (CVE-2023-33413)
vulnerability in supermicro (CVE-2023-33413). Successful exploitation can lead to full system takeover.
|
| CVE-2023-33411 |
|
Path Traversal in path-traversal (CVE-2023-33411)
path traversal in path-traversal (CVE-2023-33411). Confidential information can be exposed externally.
|
| CVE-2023-46218 |
|
Vulnerability in haxx (CVE-2023-46218)
vulnerability in haxx (CVE-2023-46218). Risk of unauthorized operations or information disclosure. Exploitable via ``curl.co.uk``.
|
| CVE-2023-41265 KEV |
|
[KEV] Vulnerability in Qlik sense (CVE-2023-41265)
vulnerability in Qlik sense (CVE-2023-41265). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41266 KEV |
|
[KEV] Vulnerability in Qlik sense (CVE-2023-41266)
vulnerability in Qlik sense (CVE-2023-41266). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-48940 |
|
Cross-Site Scripting (XSS) in daicuo (CVE-2023-48940)
cross-site scripting in daicuo (CVE-2023-48940). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-33107 KEV |
|
[KEV] Vulnerability in Qualcomm multiple-chipsets (CVE-2023-33107)
vulnerability in Qualcomm multiple-chipsets (CVE-2023-33107). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33063 KEV |
|
[KEV] Use-After-Free in :linux_kernel:Qualcomm (CVE-2023-33063)
vulnerability in :linux_kernel:Qualcomm (CVE-2023-33063). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2023-12-05` or later.
|
| CVE-2022-22071 KEV |
|
[KEV] Use-After-Free in Qualcomm multiple-chipsets (CVE-2022-22071)
vulnerability in Qualcomm multiple-chipsets (CVE-2022-22071). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33106 KEV |
|
[KEV] Vulnerability in Qualcomm multiple-chipsets (CVE-2023-33106)
vulnerability in Qualcomm multiple-chipsets (CVE-2023-33106). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-42916 KEV |
|
[KEV] Out-of-Bounds Read in Apple multiple-products (CVE-2023-42916)
vulnerability in Apple multiple-products (CVE-2023-42916). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-42917 KEV |
|
[KEV] Out-of-Bounds Write in Apple java (CVE-2023-42917)
out-of-bounds write in Apple java (CVE-2023-42917). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
|
| CVE-2023-49926 |
|
app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget.
app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget.
|
| CVE-2023-5636 |
|
Unrestricted File Upload in arslansoft-education-portal-project (CVE-2023-5636)
vulnerability in arslansoft-education-portal-project (CVE-2023-5636). Successful exploitation can lead to full system takeover.
|
| CVE-2023-5637 |
|
Unrestricted File Upload in arslansoft-education-portal-project (CVE-2023-5637)
vulnerability in arslansoft-education-portal-project (CVE-2023-5637). Confidential information can be exposed externally.
|
| CVE-2023-5634 |
|
SQL Injection in sqli (CVE-2023-5634)
SQL injection in sqli (CVE-2023-5634). Successful exploitation can lead to full system takeover.
|
| CVE-2023-49081 |
|
Vulnerability in aiohttp (CVE-2023-49081)
vulnerability in aiohttp (CVE-2023-49081). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-6345 KEV |
|
[KEV] Vulnerability in Google chromium-skia (CVE-2023-6345)
vulnerability in Google chromium-skia (CVE-2023-6345). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-49082 |
|
Vulnerability in aiohttp (CVE-2023-49082)
vulnerability in aiohttp (CVE-2023-49082). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-23325 |
|
OS Command Injection in zumtobel (CVE-2023-23325)
OS command injection in zumtobel (CVE-2023-23325). Successful exploitation can lead to full system takeover.
|
| CVE-2023-24294 |
|
Vulnerability in zumtobel (CVE-2023-24294)
vulnerability in zumtobel (CVE-2023-24294). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-23324 |
|
Vulnerability in zumtobel (CVE-2023-23324)
vulnerability in zumtobel (CVE-2023-23324). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6201 |
|
OS Command Injection in univera (CVE-2023-6201)
OS command injection in univera (CVE-2023-6201). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6150 |
|
Privilege Escalation in eskom (CVE-2023-6150)
vulnerability in eskom (CVE-2023-6150). Confidential information can be exposed externally.
|