Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2023-41993 KEV [KEV] Vulnerability in Apple java (CVE-2023-41993)
vulnerability in Apple java (CVE-2023-41993). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
CVE-2023-34576 SQL Injection in sqli (CVE-2023-34576)
SQL injection in sqli (CVE-2023-34576). Successful exploitation can lead to full system takeover.
CVE-2023-40932 Cross-Site Scripting (XSS) in nagios (CVE-2023-40932)
cross-site scripting in nagios (CVE-2023-40932). Risk of unauthorized operations or information disclosure.
CVE-2023-40931 SQL Injection in sqli (CVE-2023-40931)
SQL injection in sqli (CVE-2023-40931). Confidential information can be exposed externally.
CVE-2023-42399 Cross-Site Scripting (XSS) in csharp (CVE-2023-42399)
cross-site scripting in csharp (CVE-2023-42399). Risk of unauthorized operations or information disclosure.
CVE-2021-45811 SQL Injection in sqli (CVE-2021-45811)
SQL injection in sqli (CVE-2021-45811). Confidential information can be exposed externally.
CVE-2023-41098 Cross-Site Scripting (XSS) in misp-project (CVE-2023-41098)
cross-site scripting in misp-project (CVE-2023-41098). Risk of unauthorized operations or information disclosure.
CVE-2023-39807 SQL Injection in sqli (CVE-2023-39807)
SQL injection in sqli (CVE-2023-39807). Successful exploitation can lead to full system takeover.
CVE-2023-39809 Command Injection in nvki (CVE-2023-39809)
command injection in nvki (CVE-2023-39809). Successful exploitation can lead to full system takeover.
CVE-2023-38838 SQL Injection in sqli (CVE-2023-38838)
SQL injection in sqli (CVE-2023-38838). Confidential information can be exposed externally.
CVE-2023-30186 Use-After-Free in onlyoffice (CVE-2023-30186)
vulnerability in onlyoffice (CVE-2023-30186). Successful exploitation can lead to full system takeover.
CVE-2023-30187 Out-of-Bounds Write in onlyoffice (CVE-2023-30187)
out-of-bounds write in onlyoffice (CVE-2023-30187). Successful exploitation can lead to full system takeover.
CVE-2023-30188 Vulnerability in dos (CVE-2023-30188)
vulnerability in dos (CVE-2023-30188). Risk of unauthorized operations or information disclosure.
CVE-2023-39805 SQL Injection in sqli (CVE-2023-39805)
SQL injection in sqli (CVE-2023-39805). Successful exploitation can lead to full system takeover.
CVE-2023-26961 Cross-Site Scripting (XSS) in alteryx (CVE-2023-26961)
cross-site scripting in alteryx (CVE-2023-26961). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /gallery/api/media`.
CVE-2023-36095 Code Injection in langchain (CVE-2023-36095)
code injection in langchain (CVE-2023-36095). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.0.236` or later.
CVE-2023-34552 Out-of-Bounds Write in c (CVE-2023-34552)
out-of-bounds write in c (CVE-2023-34552). Successful exploitation can lead to full system takeover.
CVE-2023-34551 Out-of-Bounds Write in c (CVE-2023-34551)
out-of-bounds write in c (CVE-2023-34551). Successful exploitation can lead to full system takeover.
CVE-2023-38559 Out-of-Bounds Read in c (CVE-2023-38559)
vulnerability in c (CVE-2023-38559). Risk of unauthorized operations or information disclosure.
CVE-2023-34842 Code Injection in dedecms (CVE-2023-34842)
code injection in dedecms (CVE-2023-34842). Successful exploitation can lead to full system takeover.
CVE-2023-37647 SQL Injection in sqli (CVE-2023-37647)
SQL injection in sqli (CVE-2023-37647). Successful exploitation can lead to full system takeover.
CVE-2023-3640 Vulnerability in c (CVE-2023-3640)
vulnerability in c (CVE-2023-3640). Successful exploitation can lead to full system takeover.
CVE-2023-34673 Vulnerability in c (CVE-2023-34673)
vulnerability in c (CVE-2023-34673). Confidential information can be exposed externally.
CVE-2023-31868 Cross-Site Scripting (XSS) in sage (CVE-2023-31868)
cross-site scripting in sage (CVE-2023-31868). Risk of unauthorized operations or information disclosure.
CVE-2023-34752 SQL Injection in sqli (CVE-2023-34752)
SQL injection in sqli (CVE-2023-34752). Successful exploitation can lead to full system takeover.
CVE-2023-34944 Unrestricted File Upload in chamilo (CVE-2023-34944)
vulnerability in chamilo (CVE-2023-34944). Successful exploitation can lead to full system takeover.
CVE-2022-47879 Code Injection in jedox (CVE-2022-47879)
code injection in jedox (CVE-2022-47879). Successful exploitation can lead to full system takeover.
CVE-2022-47880 Vulnerability in jedox (CVE-2022-47880)
vulnerability in jedox (CVE-2022-47880). Confidential information can be exposed externally.
CVE-2023-30086 Out-of-Bounds Write in c (CVE-2023-30086)
out-of-bounds write in c (CVE-2023-30086). Risk of unauthorized operations or information disclosure.
CVE-2021-44283 Vulnerability in cpp (CVE-2021-44283)
vulnerability in cpp (CVE-2021-44283). Confidential information can be exposed externally.
CVE-2023-30185 Unrestricted File Upload in crmeb (CVE-2023-30185)
vulnerability in crmeb (CVE-2023-30185). Successful exploitation can lead to full system takeover.
CVE-2023-30242 SQL Injection in sqli (CVE-2023-30242)
SQL injection in sqli (CVE-2023-30242). Successful exploitation can lead to full system takeover.
CVE-2023-27043 Vulnerability in libpython (CVE-2023-27043)
vulnerability in libpython (CVE-2023-27043). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.8.20, 3.10.15, 3.11.10, 3.12.6, 3.9.20` or later.
CVE-2023-27666 Cross-Site Scripting (XSS) in auto-dealer-management-system-project (CVE-2023-27666)
cross-site scripting in auto-dealer-management-system-project (CVE-2023-27666). Risk of unauthorized operations or information disclosure.
CVE-2023-1652 Use-After-Free in c (CVE-2023-1652)
vulnerability in c (CVE-2023-1652). Confidential information can be exposed externally.
CVE-2023-28884 In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
CVE-2023-27249 Out-of-Bounds Write in c (CVE-2023-27249)
out-of-bounds write in c (CVE-2023-27249). Risk of unauthorized operations or information disclosure.
CVE-2023-28606 js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.
js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.
CVE-2023-28607 js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.
CVE-2023-26769 Vulnerability in c (CVE-2023-26769)
vulnerability in c (CVE-2023-26769). Risk of unauthorized operations or information disclosure.
CVE-2023-23328 Unrestricted File Upload in avantfax (CVE-2023-23328)
vulnerability in avantfax (CVE-2023-23328). Successful exploitation can lead to full system takeover.
CVE-2023-23326 Cross-Site Scripting (XSS) in avantfax (CVE-2023-23326)
cross-site scripting in avantfax (CVE-2023-23326). Risk of unauthorized operations or information disclosure.
CVE-2021-35377 Cross-Site Scripting (XSS) in vicidial (CVE-2021-35377)
cross-site scripting in vicidial (CVE-2021-35377). Risk of unauthorized operations or information disclosure.
CVE-2023-24317 Unrestricted File Upload in judging-management-system-project (CVE-2023-24317)
vulnerability in judging-management-system-project (CVE-2023-24317). Confidential information can be exposed externally.
CVE-2022-48328 Vulnerability in misp-project (CVE-2022-48328)
vulnerability in misp-project (CVE-2022-48328). Successful exploitation can lead to full system takeover.
CVE-2022-48329 Vulnerability in misp-project (CVE-2022-48329)
vulnerability in misp-project (CVE-2022-48329). Successful exploitation can lead to full system takeover.
CVE-2022-45088 Vulnerability in gruparge (CVE-2022-45088)
vulnerability in gruparge (CVE-2022-45088). Successful exploitation can lead to full system takeover.
CVE-2021-37492 Vulnerability in cpp (CVE-2021-37492)
vulnerability in cpp (CVE-2021-37492). Confidential information can be exposed externally.
CVE-2021-37491 Vulnerability in cpp (CVE-2021-37491)
vulnerability in cpp (CVE-2021-37491). Confidential information can be exposed externally.
CVE-2020-22452 SQL Injection in sqli (CVE-2020-22452)
SQL injection in sqli (CVE-2020-22452). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →