Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2023-5367 Out-of-Bounds Write in c (CVE-2023-5367)
out-of-bounds write in c (CVE-2023-5367). Successful exploitation can lead to full system takeover.
CVE-2023-46010 Code Injection in seacms (CVE-2023-46010)
code injection in seacms (CVE-2023-46010). Successful exploitation can lead to full system takeover.
CVE-2023-46136 Vulnerability in werkzeug (CVE-2023-46136)
vulnerability in werkzeug (CVE-2023-46136). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.8` or later.
CVE-2023-20273 KEV [KEV] OS Command Injection in cisco (CVE-2023-20273)
OS command injection in cisco (CVE-2023-20273). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-45992 Cross-Site Scripting (XSS) in csrf (CVE-2023-45992)
cross-site scripting in csrf (CVE-2023-45992). Successful exploitation can lead to full system takeover.
CVE-2023-45815 Cross-Site Scripting (XSS) in archivebox (CVE-2023-45815)
cross-site scripting in archivebox (CVE-2023-45815). Confidential information can be exposed externally. Mitigation: upgrade to `0.9.0` or later.
CVE-2023-45379 SQL Injection in sqli (CVE-2023-45379)
SQL injection in sqli (CVE-2023-45379). Successful exploitation can lead to full system takeover.
CVE-2022-37830 Interway a.s WebJET CMS 8.6.896 is vulnerable to Cross Site Scripting (XSS).
Interway a.s WebJET CMS 8.6.896 is vulnerable to Cross Site Scripting (XSS).
CVE-2023-38545 Out-of-Bounds Write in haxx (CVE-2023-38545)
out-of-bounds write in haxx (CVE-2023-38545). Successful exploitation can lead to full system takeover.
CVE-2023-4966 KEV [KEV] Buffer Overflow in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-4966)
vulnerability in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-4966). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-45898 Use-After-Free in c (CVE-2023-45898)
vulnerability in c (CVE-2023-45898). Successful exploitation can lead to full system takeover.
CVE-2023-20198 KEV [KEV] Vulnerability in Cisco ios-xe-web-ui (CVE-2023-20198)
vulnerability in Cisco ios-xe-web-ui (CVE-2023-20198). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-30148 Cross-Site Scripting (XSS) in store-opart (CVE-2023-30148)
cross-site scripting in store-opart (CVE-2023-30148). Confidential information can be exposed externally.
CVE-2023-5045 SQL Injection in sqli (CVE-2023-5045)
SQL injection in sqli (CVE-2023-5045). Successful exploitation can lead to full system takeover.
CVE-2023-5046 SQL Injection in sqli (CVE-2023-5046)
SQL injection in sqli (CVE-2023-5046). Successful exploitation can lead to full system takeover.
CVE-2023-36565 Microsoft Office Graphics Elevation of Privilege Vulnerability
Microsoft Office Graphics Elevation of Privilege Vulnerability
CVE-2023-43896 Vulnerability in macrium (CVE-2023-43896)
vulnerability in macrium (CVE-2023-43896). Successful exploitation can lead to full system takeover.
CVE-2023-36563 KEV [KEV] Vulnerability in Microsoft wordpad (CVE-2023-36563)
vulnerability in Microsoft wordpad (CVE-2023-36563). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-21608 KEV [KEV] Use-After-Free in Adobe acrobat-and-reader (CVE-2023-21608)
vulnerability in Adobe acrobat-and-reader (CVE-2023-21608). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-20109 KEV [KEV] Out-of-Bounds Write in Cisco ios-and-ios-xe (CVE-2023-20109)
out-of-bounds write in Cisco ios-and-ios-xe (CVE-2023-20109). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-44487 KEV [KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.
CVE-2023-41763 KEV [KEV] SSRF (Server-Side Request Forgery) in Microsoft skype-for-business (CVE-2023-41763)
SSRF in Microsoft skype-for-business (CVE-2023-41763). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-43615 Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
CVE-2023-45199 Vulnerability in trustedfirmware (CVE-2023-45199)
vulnerability in trustedfirmware (CVE-2023-45199). Successful exploitation can lead to full system takeover.
CVE-2023-4530 SQL Injection in sqli (CVE-2023-4530)
SQL injection in sqli (CVE-2023-4530). Successful exploitation can lead to full system takeover.
CVE-2023-40044 KEV [KEV] Unsafe Deserialization in Progress ws-ftp-server (CVE-2023-40044)
vulnerability in Progress ws-ftp-server (CVE-2023-40044). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-3576 Buffer Overflow in dos (CVE-2023-3576)
vulnerability in dos (CVE-2023-3576). Risk of unauthorized operations or information disclosure.
CVE-2023-43261 Vulnerability in milesight (CVE-2023-43261)
vulnerability in milesight (CVE-2023-43261). Confidential information can be exposed externally.
CVE-2023-42793 KEV [KEV] Vulnerability in Jetbrains teamcity (CVE-2023-42793)
vulnerability in Jetbrains teamcity (CVE-2023-42793). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-28229 KEV [KEV] Vulnerability in Microsoft windows-cng-key-isolation-service (CVE-2023-28229)
vulnerability in Microsoft windows-cng-key-isolation-service (CVE-2023-28229). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-43176 Unsafe Deserialization in deserialization (CVE-2023-43176)
vulnerability in deserialization (CVE-2023-43176). Successful exploitation can lead to full system takeover.
CVE-2023-4211 KEV [KEV] Use-After-Free in Arm :unknown: (CVE-2023-4211)
vulnerability in Arm :unknown: (CVE-2023-4211). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2023-10-05` or later.
CVE-2023-5217 KEV [KEV] Out-of-Bounds Write in Google chromium-libvpx (CVE-2023-5217)
out-of-bounds write in Google chromium-libvpx (CVE-2023-5217). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41450 Code Injection in phpkobo (CVE-2023-41450)
code injection in phpkobo (CVE-2023-41450). Successful exploitation can lead to full system takeover.
CVE-2023-41446 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41446)
cross-site scripting in phpkobo (CVE-2023-41446). Risk of unauthorized operations or information disclosure.
CVE-2023-41447 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41447)
cross-site scripting in phpkobo (CVE-2023-41447). Risk of unauthorized operations or information disclosure.
CVE-2018-14667 KEV [KEV] Code Injection in Red hat red-hat (CVE-2018-14667)
code injection in Red hat red-hat (CVE-2018-14667). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41449 SSRF (Server-Side Request Forgery) in phpkobo (CVE-2023-41449)
SSRF in phpkobo (CVE-2023-41449). Successful exploitation can lead to full system takeover.
CVE-2023-41448 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41448)
cross-site scripting in phpkobo (CVE-2023-41448). Risk of unauthorized operations or information disclosure.
CVE-2023-41451 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41451)
cross-site scripting in phpkobo (CVE-2023-41451). Risk of unauthorized operations or information disclosure.
CVE-2023-41453 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41453)
cross-site scripting in phpkobo (CVE-2023-41453). Risk of unauthorized operations or information disclosure.
CVE-2023-41452 Cross-Site Request Forgery (CSRF) in phpkobo (CVE-2023-41452)
vulnerability in phpkobo (CVE-2023-41452). Successful exploitation can lead to full system takeover.
CVE-2023-41445 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41445)
cross-site scripting in phpkobo (CVE-2023-41445). Risk of unauthorized operations or information disclosure.
CVE-2023-4737 SQL Injection in sqli (CVE-2023-4737)
SQL injection in sqli (CVE-2023-4737). Successful exploitation can lead to full system takeover.
CVE-2023-43856 Vulnerability in iteachyou (CVE-2023-43856)
vulnerability in iteachyou (CVE-2023-43856). Confidential information can be exposed externally.
CVE-2023-43234 Code Injection in dedebiz (CVE-2023-43234)
code injection in dedebiz (CVE-2023-43234). Successful exploitation can lead to full system takeover.
CVE-2023-43232 Cross-Site Scripting (XSS) in dedebiz (CVE-2023-43232)
cross-site scripting in dedebiz (CVE-2023-43232). Risk of unauthorized operations or information disclosure.
CVE-2023-35071 SQL Injection in sqli (CVE-2023-35071)
SQL injection in sqli (CVE-2023-35071). Successful exploitation can lead to full system takeover.
CVE-2023-0833 Vulnerability in squareup (CVE-2023-0833)
vulnerability in squareup (CVE-2023-0833). Confidential information can be exposed externally.
CVE-2023-43278 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-43278)
vulnerability in csrf (CVE-2023-43278). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →