Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-34842 |
|
Code Injection in dedecms (CVE-2023-34842)
code injection in dedecms (CVE-2023-34842). Successful exploitation can lead to full system takeover.
|
| CVE-2023-37647 |
|
SQL Injection in sqli (CVE-2023-37647)
SQL injection in sqli (CVE-2023-37647). Successful exploitation can lead to full system takeover.
|
| CVE-2023-35081 KEV |
|
[KEV] Path Traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081)
path traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-22623 |
|
Path Traversal in path-traversal (CVE-2020-22623)
path traversal in path-traversal (CVE-2020-22623). Confidential information can be exposed externally.
|
| CVE-2021-36580 |
|
Open Redirect in icewarp (CVE-2021-36580)
vulnerability in icewarp (CVE-2021-36580). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-37580 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2023-37580)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2023-37580). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-35066 |
|
SQL Injection in sqli (CVE-2023-35066)
SQL injection in sqli (CVE-2023-35066). Successful exploitation can lead to full system takeover.
|
| CVE-2023-35067 |
|
Vulnerability in infodrom (CVE-2023-35067)
vulnerability in infodrom (CVE-2023-35067). Confidential information can be exposed externally.
|
| CVE-2023-3046 |
|
SQL Injection in sqli (CVE-2023-3046)
SQL injection in sqli (CVE-2023-3046). Successful exploitation can lead to full system takeover.
|
| CVE-2023-35078 KEV |
|
[KEV] Authentication Bypass in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35078)
authentication bypass in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35078). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-3640 |
|
Vulnerability in c (CVE-2023-3640)
vulnerability in c (CVE-2023-3640). Successful exploitation can lead to full system takeover.
|
| CVE-2023-3019 |
|
Use-After-Free in dos (CVE-2023-3019)
vulnerability in dos (CVE-2023-3019). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-35391 |
|
SSRF (Server-Side Request Forgery) in deskpro (CVE-2021-35391)
SSRF in deskpro (CVE-2021-35391). Successful exploitation can lead to full system takeover.
|
| CVE-2023-37728 |
|
Cross-Site Scripting (XSS) in icewarp (CVE-2023-37728)
cross-site scripting in icewarp (CVE-2023-37728). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-29298 KEV |
|
[KEV] Vulnerability in Adobe coldfusion (CVE-2023-29298)
vulnerability in Adobe coldfusion (CVE-2023-29298). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-38205 KEV |
|
[KEV] Vulnerability in Adobe coldfusion (CVE-2023-38205)
vulnerability in Adobe coldfusion (CVE-2023-38205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-37733 |
|
Cross-Site Scripting (XSS) in tduckcloud (CVE-2023-37733)
cross-site scripting in tduckcloud (CVE-2023-37733). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-3519 KEV |
|
[KEV] Code Injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-3519)
code injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-3519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-30383 |
|
Vulnerability in dos (CVE-2023-30383)
vulnerability in dos (CVE-2023-30383). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-3376 |
|
SQL Injection in sqli (CVE-2023-3376)
SQL injection in sqli (CVE-2023-3376). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2963 |
|
SQL Injection in sqli (CVE-2023-2963)
SQL injection in sqli (CVE-2023-2963). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2960 |
|
Cross-Site Scripting (XSS) in olivaekspertiz (CVE-2023-2960)
cross-site scripting in olivaekspertiz (CVE-2023-2960). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-2959 |
|
Authentication Bypass in olivaekspertiz (CVE-2023-2959)
authentication bypass in olivaekspertiz (CVE-2023-2959). Confidential information can be exposed externally.
|
| CVE-2023-36884 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-36884)
vulnerability in Microsoft windows (CVE-2023-36884). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-31821 |
|
Vulnerability in albis (CVE-2023-31821)
vulnerability in albis (CVE-2023-31821). Confidential information can be exposed externally.
|
| CVE-2023-31824 |
|
Vulnerability in dericia (CVE-2023-31824)
vulnerability in dericia (CVE-2023-31824). Confidential information can be exposed externally.
|
| CVE-2023-35070 |
|
SQL Injection in sqli (CVE-2023-35070)
SQL injection in sqli (CVE-2023-35070). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2957 |
|
SQL Injection in sqli (CVE-2023-2957)
SQL injection in sqli (CVE-2023-2957). Successful exploitation can lead to full system takeover.
|
| CVE-2023-1547 |
|
SQL Injection in sqli (CVE-2023-1547)
SQL injection in sqli (CVE-2023-1547). Successful exploitation can lead to full system takeover.
|
| CVE-2023-3319 |
|
Cross-Site Scripting (XSS) in idisplay (CVE-2023-3319)
cross-site scripting in idisplay (CVE-2023-3319). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-35069 |
|
Path Traversal in path-traversal (CVE-2023-35069)
path traversal in path-traversal (CVE-2023-35069). Confidential information can be exposed externally.
|
| CVE-2022-29303 KEV |
|
[KEV] OS Command Injection in Solarview compact (CVE-2022-29303)
OS command injection in Solarview compact (CVE-2022-29303). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-20021 |
|
Vulnerability in dos (CVE-2020-20021)
vulnerability in dos (CVE-2020-20021). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-33162 |
|
Microsoft Excel Information Disclosure Vulnerability
Microsoft Excel Information Disclosure Vulnerability
|
| CVE-2023-33161 |
|
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
|
| CVE-2023-33149 |
|
Microsoft Office Graphics Remote Code Execution Vulnerability
Microsoft Office Graphics Remote Code Execution Vulnerability
|
| CVE-2023-33153 |
|
Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
|
| CVE-2023-33152 |
|
Microsoft ActiveX Remote Code Execution Vulnerability
Microsoft ActiveX Remote Code Execution Vulnerability
|
| CVE-2023-33148 |
|
Microsoft Office Elevation of Privilege Vulnerability
Microsoft Office Elevation of Privilege Vulnerability
|
| CVE-2023-33158 |
|
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
|
| CVE-2023-33150 |
|
Microsoft Office Security Feature Bypass Vulnerability
Microsoft Office Security Feature Bypass Vulnerability
|
| CVE-2023-31818 |
|
Vulnerability in marukyu (CVE-2023-31818)
vulnerability in marukyu (CVE-2023-31818). Confidential information can be exposed externally.
|
| CVE-2020-20118 |
|
Vulnerability in dos (CVE-2020-20118)
vulnerability in dos (CVE-2020-20118). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-35311 KEV |
|
[KEV] Vulnerability in Microsoft outlook (CVE-2023-35311)
vulnerability in Microsoft outlook (CVE-2023-35311). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36874 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-36874)
vulnerability in Microsoft windows (CVE-2023-36874). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-31199 KEV |
|
[KEV] Unsafe Deserialization in Netwrix auditor (CVE-2022-31199)
vulnerability in Netwrix auditor (CVE-2022-31199). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-3271 |
|
Vulnerability in sick (CVE-2023-3271)
vulnerability in sick (CVE-2023-3271). Confidential information can be exposed externally.
|
| CVE-2023-3273 |
|
Vulnerability in sick (CVE-2023-3273)
vulnerability in sick (CVE-2023-3273). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-3045 |
|
SQL Injection in sqli (CVE-2023-3045)
SQL injection in sqli (CVE-2023-3045). Successful exploitation can lead to full system takeover.
|
| CVE-2023-35699 |
|
Vulnerability in sick (CVE-2023-35699)
vulnerability in sick (CVE-2023-35699). Confidential information can be exposed externally.
|