Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-4972 |
|
Vulnerability in yepas (CVE-2023-4972)
vulnerability in yepas (CVE-2023-4972). Successful exploitation can lead to full system takeover.
|
| CVE-2023-32611 |
|
Vulnerability in dos (CVE-2023-32611)
vulnerability in dos (CVE-2023-32611). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-4669 |
|
Vulnerability in exagate (CVE-2023-4669)
vulnerability in exagate (CVE-2023-4669). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4832 |
|
SQL Injection in sqli (CVE-2023-4832)
SQL injection in sqli (CVE-2023-4832). Successful exploitation can lead to full system takeover.
|
| CVE-2023-26369 KEV |
|
[KEV] Out-of-Bounds Write in Adobe acrobat-and-reader (CVE-2023-26369)
out-of-bounds write in Adobe acrobat-and-reader (CVE-2023-26369). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-4039 |
|
Vulnerability in gnu (CVE-2023-4039)
vulnerability in gnu (CVE-2023-4039). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-4863 KEV |
|
[KEV] Out-of-Bounds Write in Google chromium-webp (CVE-2023-4863)
out-of-bounds write in Google chromium-webp (CVE-2023-4863). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2023-20269 KEV |
|
[KEV] Vulnerability in Cisco adaptive-security-appliance-and-firepower-threat-defense (CVE-2023-20269)
vulnerability in Cisco adaptive-security-appliance-and-firepower-threat-defense (CVE-2023-20269). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-39637 |
|
Command Injection in dlink (CVE-2023-39637)
command injection in dlink (CVE-2023-39637). Successful exploitation can lead to full system takeover.
|
| CVE-2023-41013 |
|
Cross-Site Scripting (XSS) in icewarp (CVE-2023-41013)
cross-site scripting in icewarp (CVE-2023-41013). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-36802 KEV |
|
[KEV] Use-After-Free in Microsoft streaming-service-proxy (CVE-2023-36802)
vulnerability in Microsoft streaming-service-proxy (CVE-2023-36802). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36761 KEV |
|
[KEV] Vulnerability in Microsoft word (CVE-2023-36761)
vulnerability in Microsoft word (CVE-2023-36761). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41064 KEV |
|
[KEV] Vulnerability in Apple ios (CVE-2023-41064)
vulnerability in Apple ios (CVE-2023-41064). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27715 |
|
Authentication Bypass in mofinetwork (CVE-2021-27715)
authentication bypass in mofinetwork (CVE-2021-27715). Successful exploitation can lead to full system takeover.
|
| CVE-2023-40271 |
|
Vulnerability in trustedfirmware (CVE-2023-40271)
vulnerability in trustedfirmware (CVE-2023-40271). Data can be tampered with by attackers.
|
| CVE-2021-45811 |
|
SQL Injection in sqli (CVE-2021-45811)
SQL injection in sqli (CVE-2021-45811). Confidential information can be exposed externally.
|
| CVE-2023-37798 |
|
Cross-Site Scripting (XSS) in vanderbilt (CVE-2023-37798)
cross-site scripting in vanderbilt (CVE-2023-37798). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-33246 KEV |
|
[KEV] Code Injection in Apache rocketmq (CVE-2023-33246)
code injection in Apache rocketmq (CVE-2023-33246). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41009 |
|
Unrestricted File Upload in adlered (CVE-2023-41009)
vulnerability in adlered (CVE-2023-41009). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4781 |
|
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
|
| CVE-2023-4178 |
|
Vulnerability in neutron (CVE-2023-4178)
vulnerability in neutron (CVE-2023-4178). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4034 |
|
SQL Injection in sqli (CVE-2023-4034)
SQL injection in sqli (CVE-2023-4034). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4531 |
|
SQL Injection in sqli (CVE-2023-4531)
SQL injection in sqli (CVE-2023-4531). Successful exploitation can lead to full system takeover.
|
| CVE-2023-3616 |
|
SQL Injection in sqli (CVE-2023-3616)
SQL injection in sqli (CVE-2023-3616). Successful exploitation can lead to full system takeover.
|
| CVE-2023-35065 |
|
SQL Injection in sqli (CVE-2023-35065)
SQL injection in sqli (CVE-2023-35065). Successful exploitation can lead to full system takeover.
|
| CVE-2023-35068 |
|
SQL Injection in sqli (CVE-2023-35068)
SQL injection in sqli (CVE-2023-35068). Successful exploitation can lead to full system takeover.
|
| CVE-2023-35072 |
|
SQL Injection in sqli (CVE-2023-35072)
SQL injection in sqli (CVE-2023-35072). Successful exploitation can lead to full system takeover.
|
| CVE-2023-3375 |
|
Unrestricted File Upload in bookreen (CVE-2023-3375)
vulnerability in bookreen (CVE-2023-3375). Successful exploitation can lead to full system takeover.
|
| CVE-2023-3374 |
|
Vulnerability in privilege-escalation (CVE-2023-3374)
vulnerability in privilege-escalation (CVE-2023-3374). Successful exploitation can lead to full system takeover.
|
| CVE-2023-36361 |
|
SQL Injection in sqli (CVE-2023-36361)
SQL injection in sqli (CVE-2023-36361). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4733 |
|
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
|
| CVE-2023-4750 |
|
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
|
| CVE-2023-4736 |
|
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.
|
| CVE-2023-4735 |
|
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.
|
| CVE-2023-4734 |
|
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.
|
| CVE-2023-36088 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-36088)
SSRF in ssrf (CVE-2023-36088). Confidential information can be exposed externally.
|
| CVE-2021-3262 |
|
SQL Injection in trispark (CVE-2021-3262)
SQL injection in trispark (CVE-2021-3262). Successful exploitation can lead to full system takeover.
|
| CVE-2023-39810 |
|
An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.
An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.
|
| CVE-2023-32077 |
|
Vulnerability in github.com/gravitl/netmaker (CVE-2023-32077)
vulnerability in github.com/gravitl/netmaker (CVE-2023-32077). Confidential information can be exposed externally. Mitigation: upgrade to `0.17.1` or later.
|
| CVE-2023-38831 KEV |
|
[KEV] Vulnerability in Rarlab winrar (CVE-2023-38831)
vulnerability in Rarlab winrar (CVE-2023-38831). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-32315 KEV |
|
[KEV] Path Traversal in Ignite realtime ignite-realtime (CVE-2023-32315)
path traversal in Ignite realtime ignite-realtime (CVE-2023-32315). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41098 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2023-41098)
cross-site scripting in misp-project (CVE-2023-41098). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-27418 |
|
Use-After-Free in fedoraproject (CVE-2020-27418)
vulnerability in fedoraproject (CVE-2020-27418). Confidential information can be exposed externally.
|
| CVE-2023-38035 KEV |
|
[KEV] Authorization Flaw in Ivanti sentry (CVE-2023-38035)
vulnerability in Ivanti sentry (CVE-2023-38035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-27532 KEV |
|
[KEV] Vulnerability in Veeam backup-replication (CVE-2023-27532)
vulnerability in Veeam backup-replication (CVE-2023-27532). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-39061 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-39061)
vulnerability in csrf (CVE-2023-39061). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-38836 |
|
Unrestricted File Upload in boidcms (CVE-2023-38836)
vulnerability in boidcms (CVE-2023-38836). Successful exploitation can lead to full system takeover.
|
| CVE-2023-38899 |
|
SQL Injection in sqli (CVE-2023-38899)
SQL injection in sqli (CVE-2023-38899). Successful exploitation can lead to full system takeover.
|
| CVE-2023-39807 |
|
SQL Injection in sqli (CVE-2023-39807)
SQL injection in sqli (CVE-2023-39807). Successful exploitation can lead to full system takeover.
|
| CVE-2023-39809 |
|
Command Injection in nvki (CVE-2023-39809)
command injection in nvki (CVE-2023-39809). Successful exploitation can lead to full system takeover.
|