Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2023-5989 Cross-Site Scripting (XSS) in uyumsoft (CVE-2023-5989)
cross-site scripting in uyumsoft (CVE-2023-5989). Risk of unauthorized operations or information disclosure.
CVE-2023-49897 KEV [KEV] OS Command Injection in Fxc ae1021 (CVE-2023-49897)
OS command injection in Fxc ae1021 (CVE-2023-49897). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-47565 KEV [KEV] OS Command Injection in Qnap viostor-nvr (CVE-2023-47565)
OS command injection in Qnap viostor-nvr (CVE-2023-47565). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-50989 Command Injection in tenda (CVE-2023-50989)
command injection in tenda (CVE-2023-50989). Successful exploitation can lead to full system takeover.
CVE-2023-50988 Out-of-Bounds Write in tenda (CVE-2023-50988)
out-of-bounds write in tenda (CVE-2023-50988). Successful exploitation can lead to full system takeover.
CVE-2023-50990 Out-of-Bounds Write in tenda (CVE-2023-50990)
out-of-bounds write in tenda (CVE-2023-50990). Successful exploitation can lead to full system takeover.
CVE-2023-50992 Out-of-Bounds Write in tenda (CVE-2023-50992)
out-of-bounds write in tenda (CVE-2023-50992). Successful exploitation can lead to full system takeover.
CVE-2023-50984 Out-of-Bounds Write in tenda (CVE-2023-50984)
out-of-bounds write in tenda (CVE-2023-50984). Successful exploitation can lead to full system takeover.
CVE-2023-50985 Out-of-Bounds Write in tenda (CVE-2023-50985)
out-of-bounds write in tenda (CVE-2023-50985). Successful exploitation can lead to full system takeover.
CVE-2023-50986 Out-of-Bounds Write in tenda (CVE-2023-50986)
out-of-bounds write in tenda (CVE-2023-50986). Successful exploitation can lead to full system takeover.
CVE-2023-50987 Out-of-Bounds Write in tenda (CVE-2023-50987)
out-of-bounds write in tenda (CVE-2023-50987). Successful exploitation can lead to full system takeover.
CVE-2023-50983 Command Injection in tenda (CVE-2023-50983)
command injection in tenda (CVE-2023-50983). Successful exploitation can lead to full system takeover.
CVE-2023-6932 Use-After-Free in privilege-escalation (CVE-2023-6932)
vulnerability in privilege-escalation (CVE-2023-6932). Successful exploitation can lead to full system takeover.
CVE-2023-6931 Out-of-Bounds Write in privilege-escalation (CVE-2023-6931)
out-of-bounds write in privilege-escalation (CVE-2023-6931). Successful exploitation can lead to full system takeover.
CVE-2023-51385 OS Command Injection in openbsd (CVE-2023-51385)
OS command injection in openbsd (CVE-2023-51385). Risk of unauthorized operations or information disclosure.
CVE-2023-51384 Vulnerability in openbsd (CVE-2023-51384)
vulnerability in openbsd (CVE-2023-51384). Confidential information can be exposed externally.
CVE-2023-6817 Use-After-Free in privilege-escalation (CVE-2023-6817)
vulnerability in privilege-escalation (CVE-2023-6817). Successful exploitation can lead to full system takeover.
CVE-2023-47324 Cross-Site Scripting (XSS) in silverpeas (CVE-2023-47324)
cross-site scripting in silverpeas (CVE-2023-47324). Risk of unauthorized operations or information disclosure.
CVE-2023-47320 Authorization Flaw in silverpeas (CVE-2023-47320)
vulnerability in silverpeas (CVE-2023-47320). Data can be tampered with by attackers.
CVE-2023-47325 Vulnerability in silverpeas (CVE-2023-47325)
vulnerability in silverpeas (CVE-2023-47325). Risk of unauthorized operations or information disclosure.
CVE-2023-47322 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47322)
vulnerability in csrf (CVE-2023-47322). Successful exploitation can lead to full system takeover.
CVE-2023-47326 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47326)
vulnerability in csrf (CVE-2023-47326). Successful exploitation can lead to full system takeover.
CVE-2023-6478 Vulnerability in xorg (CVE-2023-6478)
vulnerability in xorg (CVE-2023-6478). Confidential information can be exposed externally.
CVE-2023-6377 Out-of-Bounds Read in privilege-escalation (CVE-2023-6377)
vulnerability in privilege-escalation (CVE-2023-6377). Successful exploitation can lead to full system takeover.
CVE-2023-49494 Cross-Site Scripting (XSS) in dedecms (CVE-2023-49494)
cross-site scripting in dedecms (CVE-2023-49494). Risk of unauthorized operations or information disclosure.
CVE-2023-6448 KEV [KEV] Vulnerability in Unitronics vision-plc-and-hmi (CVE-2023-6448)
vulnerability in Unitronics vision-plc-and-hmi (CVE-2023-6448). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33413 Vulnerability in supermicro (CVE-2023-33413)
vulnerability in supermicro (CVE-2023-33413). Successful exploitation can lead to full system takeover.
CVE-2023-33411 Path Traversal in path-traversal (CVE-2023-33411)
path traversal in path-traversal (CVE-2023-33411). Confidential information can be exposed externally.
CVE-2023-46218 Vulnerability in haxx (CVE-2023-46218)
vulnerability in haxx (CVE-2023-46218). Risk of unauthorized operations or information disclosure. Exploitable via ``curl.co.uk``.
CVE-2023-41265 KEV [KEV] Vulnerability in Qlik sense (CVE-2023-41265)
vulnerability in Qlik sense (CVE-2023-41265). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41266 KEV [KEV] Vulnerability in Qlik sense (CVE-2023-41266)
vulnerability in Qlik sense (CVE-2023-41266). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-48940 Cross-Site Scripting (XSS) in daicuo (CVE-2023-48940)
cross-site scripting in daicuo (CVE-2023-48940). Risk of unauthorized operations or information disclosure.
CVE-2023-33107 KEV [KEV] Vulnerability in Qualcomm multiple-chipsets (CVE-2023-33107)
vulnerability in Qualcomm multiple-chipsets (CVE-2023-33107). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33063 KEV [KEV] Use-After-Free in :linux_kernel:Qualcomm (CVE-2023-33063)
vulnerability in :linux_kernel:Qualcomm (CVE-2023-33063). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2023-12-05` or later.
CVE-2022-22071 KEV [KEV] Use-After-Free in Qualcomm multiple-chipsets (CVE-2022-22071)
vulnerability in Qualcomm multiple-chipsets (CVE-2022-22071). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33106 KEV [KEV] Vulnerability in Qualcomm multiple-chipsets (CVE-2023-33106)
vulnerability in Qualcomm multiple-chipsets (CVE-2023-33106). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-42916 KEV [KEV] Out-of-Bounds Read in Apple multiple-products (CVE-2023-42916)
vulnerability in Apple multiple-products (CVE-2023-42916). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-42917 KEV [KEV] Out-of-Bounds Write in Apple java (CVE-2023-42917)
out-of-bounds write in Apple java (CVE-2023-42917). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
CVE-2023-49926 app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget.
app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget.
CVE-2023-5636 Unrestricted File Upload in arslansoft-education-portal-project (CVE-2023-5636)
vulnerability in arslansoft-education-portal-project (CVE-2023-5636). Successful exploitation can lead to full system takeover.
CVE-2023-5637 Unrestricted File Upload in arslansoft-education-portal-project (CVE-2023-5637)
vulnerability in arslansoft-education-portal-project (CVE-2023-5637). Confidential information can be exposed externally.
CVE-2023-5634 SQL Injection in sqli (CVE-2023-5634)
SQL injection in sqli (CVE-2023-5634). Successful exploitation can lead to full system takeover.
CVE-2023-49081 Vulnerability in aiohttp (CVE-2023-49081)
vulnerability in aiohttp (CVE-2023-49081). Risk of unauthorized operations or information disclosure.
CVE-2023-6345 KEV [KEV] Vulnerability in Google chromium-skia (CVE-2023-6345)
vulnerability in Google chromium-skia (CVE-2023-6345). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-49082 Vulnerability in aiohttp (CVE-2023-49082)
vulnerability in aiohttp (CVE-2023-49082). Risk of unauthorized operations or information disclosure.
CVE-2023-23325 OS Command Injection in zumtobel (CVE-2023-23325)
OS command injection in zumtobel (CVE-2023-23325). Successful exploitation can lead to full system takeover.
CVE-2023-24294 Vulnerability in zumtobel (CVE-2023-24294)
vulnerability in zumtobel (CVE-2023-24294). Risk of unauthorized operations or information disclosure.
CVE-2023-23324 Vulnerability in zumtobel (CVE-2023-23324)
vulnerability in zumtobel (CVE-2023-23324). Successful exploitation can lead to full system takeover.
CVE-2023-6201 OS Command Injection in univera (CVE-2023-6201)
OS command injection in univera (CVE-2023-6201). Successful exploitation can lead to full system takeover.
CVE-2023-6150 Privilege Escalation in eskom (CVE-2023-6150)
vulnerability in eskom (CVE-2023-6150). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →