Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2023-26246 Privilege Escalation in hyundai (CVE-2023-26246)
vulnerability in hyundai (CVE-2023-26246). Successful exploitation can lead to full system takeover.
CVE-2023-26243 Path Traversal in hyundai (CVE-2023-26243)
path traversal in hyundai (CVE-2023-26243). Successful exploitation can lead to full system takeover.
CVE-2023-25292 Cross-Site Scripting (XSS) in group-office (CVE-2023-25292)
cross-site scripting in group-office (CVE-2023-25292). Risk of unauthorized operations or information disclosure.
CVE-2022-27979 Cross-Site Scripting (XSS) in tooljet (CVE-2022-27979)
cross-site scripting in tooljet (CVE-2022-27979). Risk of unauthorized operations or information disclosure.
CVE-2022-27978 Vulnerability in tooljet (CVE-2022-27978)
vulnerability in tooljet (CVE-2022-27978). Data can be tampered with by attackers.
CVE-2023-30404 Code Injection in aigital (CVE-2023-30404)
code injection in aigital (CVE-2023-30404). Successful exploitation can lead to full system takeover.
CVE-2023-26735 SSRF (Server-Side Request Forgery) in prometheus (CVE-2023-26735)
SSRF in prometheus (CVE-2023-26735). Confidential information can be exposed externally.
CVE-2023-27350 KEV [KEV] Vulnerability in Papercut mfng (CVE-2023-27350)
vulnerability in Papercut mfng (CVE-2023-27350). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-28432 KEV [KEV] Information Disclosure in minio (CVE-2023-28432)
vulnerability in minio (CVE-2023-28432). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-2136 KEV [KEV] Vulnerability in Google platform/external/skia (CVE-2023-2136)
vulnerability in Google platform/external/skia (CVE-2023-2136). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `13:2023-07-01` or later.
CVE-2023-27043 Vulnerability in libpython (CVE-2023-27043)
vulnerability in libpython (CVE-2023-27043). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.8.20, 3.10.15, 3.11.10, 3.12.6, 3.9.20` or later.
CVE-2017-6742 KEV [KEV] Buffer Overflow in Cisco ios-and-ios-xe-software (CVE-2017-6742)
vulnerability in Cisco ios-and-ios-xe-software (CVE-2017-6742). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-46640 Command Injection in nanoleaf (CVE-2022-46640)
command injection in nanoleaf (CVE-2022-46640). Successful exploitation can lead to full system takeover.
CVE-2023-1873 SQL Injection in sqli (CVE-2023-1873)
SQL injection in sqli (CVE-2023-1873). Successful exploitation can lead to full system takeover.
CVE-2023-1723 SQL Injection in sqli (CVE-2023-1723)
SQL injection in sqli (CVE-2023-1723). Successful exploitation can lead to full system takeover.
CVE-2019-8526 KEV [KEV] Use-After-Free in Apple macos (CVE-2019-8526)
vulnerability in Apple macos (CVE-2019-8526). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-2033 KEV [KEV] Vulnerability in Google chromium-v8 (CVE-2023-2033)
vulnerability in Google chromium-v8 (CVE-2023-2033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-1833 Vulnerability in redline (CVE-2023-1833)
vulnerability in redline (CVE-2023-1833). Successful exploitation can lead to full system takeover.
CVE-2023-1803 Vulnerability in redline (CVE-2023-1803)
vulnerability in redline (CVE-2023-1803). Successful exploitation can lead to full system takeover.
CVE-2023-27666 Cross-Site Scripting (XSS) in auto-dealer-management-system-project (CVE-2023-27666)
cross-site scripting in auto-dealer-management-system-project (CVE-2023-27666). Risk of unauthorized operations or information disclosure.
CVE-2023-1863 SQL Injection in sqli (CVE-2023-1863)
SQL injection in sqli (CVE-2023-1863). Successful exploitation can lead to full system takeover.
CVE-2023-27667 Auto Dealer Management System v1.0 was discovered to contain a SQL injection vulnerability.
Auto Dealer Management System v1.0 was discovered to contain a SQL injection vulnerability.
CVE-2023-27779 SQL Injection in sqli (CVE-2023-27779)
SQL injection in sqli (CVE-2023-27779). Successful exploitation can lead to full system takeover.
CVE-2023-27812 Path Traversal in bloofox (CVE-2023-27812)
path traversal in bloofox (CVE-2023-27812). Data can be tampered with by attackers.
CVE-2023-29492 KEV [KEV] Code Injection in Novi survey novi-survey (CVE-2023-29492)
code injection in Novi survey novi-survey (CVE-2023-29492). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-20963 KEV [KEV] Vulnerability in Android platform/frameworks/base (CVE-2023-20963)
vulnerability in Android platform/frameworks/base (CVE-2023-20963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `13:2023-03-01` or later.
CVE-2023-27216 OS Command Injection in dlink (CVE-2023-27216)
OS command injection in dlink (CVE-2023-27216). Successful exploitation can lead to full system takeover.
CVE-2023-27775 Cross-Site Scripting (XSS) in liveaction (CVE-2023-27775)
cross-site scripting in liveaction (CVE-2023-27775). Risk of unauthorized operations or information disclosure.
CVE-2023-0645 Out-of-Bounds Read in libjxl-project (CVE-2023-0645)
vulnerability in libjxl-project (CVE-2023-0645). Confidential information can be exposed externally.
CVE-2023-28252 KEV [KEV] Vulnerability in Microsoft windows (CVE-2023-28252)
vulnerability in Microsoft windows (CVE-2023-28252). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-24721 Cross-Site Scripting (XSS) in liveaction (CVE-2023-24721)
cross-site scripting in liveaction (CVE-2023-24721). Risk of unauthorized operations or information disclosure.
CVE-2023-28205 KEV [KEV] Use-After-Free in Apple multiple-products (CVE-2023-28205)
vulnerability in Apple multiple-products (CVE-2023-28205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-28206 KEV [KEV] Out-of-Bounds Write in Apple ios (CVE-2023-28206)
out-of-bounds write in Apple ios (CVE-2023-28206). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-43309 Vulnerability in supermicro (CVE-2022-43309)
vulnerability in supermicro (CVE-2022-43309). Data can be tampered with by attackers.
CVE-2023-1726 Cross-Site Scripting (XSS) in prolizyazilim (CVE-2023-1726)
cross-site scripting in prolizyazilim (CVE-2023-1726). Risk of unauthorized operations or information disclosure.
CVE-2023-26083 KEV [KEV] Vulnerability in Arm mali-graphics-processing-unit-gpu (CVE-2023-26083)
vulnerability in Arm mali-graphics-processing-unit-gpu (CVE-2023-26083). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-27876 KEV [KEV] Authentication Bypass in Veritas backup-exec-agent (CVE-2021-27876)
authentication bypass in Veritas backup-exec-agent (CVE-2021-27876). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-27877 KEV [KEV] Authentication Bypass in Veritas backup-exec-agent (CVE-2021-27877)
authentication bypass in Veritas backup-exec-agent (CVE-2021-27877). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-27878 KEV [KEV] Authentication Bypass in Veritas backup-exec-agent (CVE-2021-27878)
authentication bypass in Veritas backup-exec-agent (CVE-2021-27878). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-1388 KEV [KEV] Privilege Escalation in Microsoft windows (CVE-2019-1388)
vulnerability in Microsoft windows (CVE-2019-1388). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-22985 Cross-Site Scripting (XSS) in simple-guestbook-management-system-project (CVE-2023-22985)
cross-site scripting in simple-guestbook-management-system-project (CVE-2023-22985). Risk of unauthorized operations or information disclosure.
CVE-2020-29312 Unsafe Deserialization in zend (CVE-2020-29312)
vulnerability in zend (CVE-2020-29312). Successful exploitation can lead to full system takeover.
CVE-2021-28235 Authentication Bypass in etcd (CVE-2021-28235)
authentication bypass in etcd (CVE-2021-28235). Successful exploitation can lead to full system takeover.
CVE-2023-1728 Unrestricted File Upload in fernus (CVE-2023-1728)
vulnerability in fernus (CVE-2023-1728). Successful exploitation can lead to full system takeover.
CVE-2023-1765 SQL Injection in sqli (CVE-2023-1765)
SQL injection in sqli (CVE-2023-1765). Successful exploitation can lead to full system takeover.
CVE-2023-1766 Cross-Site Scripting (XSS) in akbim (CVE-2023-1766)
cross-site scripting in akbim (CVE-2023-1766). Risk of unauthorized operations or information disclosure.
CVE-2022-27926 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27926)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27926). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-27162 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27162)
SSRF in ssrf (CVE-2023-27162). Confidential information can be exposed externally.
CVE-2023-27163 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27163)
SSRF in ssrf (CVE-2023-27163). Confidential information can be exposed externally.
CVE-2023-27159 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27159)
SSRF in ssrf (CVE-2023-27159). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →