Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2024-23222 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2024-23222)
vulnerability in Apple multiple-products (CVE-2024-23222). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-34048 KEV [KEV] Out-of-Bounds Write in Vmware vcenter-server (CVE-2023-34048)
out-of-bounds write in Vmware vcenter-server (CVE-2023-34048). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-51946 Cross-Site Scripting (XSS) in actidata (CVE-2023-51946)
cross-site scripting in actidata (CVE-2023-51946). Risk of unauthorized operations or information disclosure.
CVE-2023-51947 Vulnerability in actidata (CVE-2023-51947)
vulnerability in actidata (CVE-2023-51947). Confidential information can be exposed externally.
CVE-2023-35082 KEV [KEV] Authentication Bypass in Ivanti endpoint-manager-mobile-epmm-and-mobileiron-core (CVE-2023-35082)
authentication bypass in Ivanti endpoint-manager-mobile-epmm-and-mobileiron-core (CVE-2023-35082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6549 KEV [KEV] Buffer Overflow in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6549)
vulnerability in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6549). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6548 KEV [KEV] Code Injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6548)
code injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6548). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-0519 KEV [KEV] Out-of-Bounds Write in Google chromium-v8 (CVE-2024-0519)
out-of-bounds write in Google chromium-v8 (CVE-2024-0519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-15133 KEV [KEV] Unsafe Deserialization in laravel (CVE-2018-15133)
vulnerability in laravel (CVE-2018-15133). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46474 Unrestricted File Upload in sigb (CVE-2023-46474)
vulnerability in sigb (CVE-2023-46474). Successful exploitation can lead to full system takeover.
CVE-2023-29357 KEV [KEV] Vulnerability in Microsoft sharepoint-server (CVE-2023-29357)
vulnerability in Microsoft sharepoint-server (CVE-2023-29357). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46805 KEV [KEV] Authentication Bypass in Ivanti connect-secure-and-policy-secure (CVE-2023-46805)
authentication bypass in Ivanti connect-secure-and-policy-secure (CVE-2023-46805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21887 KEV [KEV] Command Injection in Ivanti connect-secure-and-policy-secure (CVE-2024-21887)
command injection in Ivanti connect-secure-and-policy-secure (CVE-2024-21887). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6129 Vulnerability in dos (CVE-2023-6129)
vulnerability in dos (CVE-2023-6129). Risk of unauthorized operations or information disclosure.
CVE-2023-27098 TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.
TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.
CVE-2023-27524 KEV [KEV] Vulnerability in Apache superset (CVE-2023-27524)
vulnerability in Apache superset (CVE-2023-27524). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-20017 KEV [KEV] Command Injection in D-link dsl-2750b-devices (CVE-2016-20017)
command injection in D-link dsl-2750b-devices (CVE-2016-20017). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-23752 KEV [KEV] Vulnerability in Joomla! joomla (CVE-2023-23752)
vulnerability in Joomla! joomla (CVE-2023-23752). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-29300 KEV [KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2023-29300)
vulnerability in Adobe coldfusion (CVE-2023-29300). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-38203 KEV [KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2023-38203)
vulnerability in Adobe coldfusion (CVE-2023-38203). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41990 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2023-41990)
vulnerability in Apple multiple-products (CVE-2023-41990). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-0241 Vulnerability in rails (CVE-2024-0241)
vulnerability in rails (CVE-2024-0241). Risk of unauthorized operations or information disclosure.
CVE-2023-37607 Path Traversal in path-traversal (CVE-2023-37607)
path traversal in path-traversal (CVE-2023-37607). Confidential information can be exposed externally.
CVE-2024-0193 Use-After-Free in redhat (CVE-2024-0193)
vulnerability in redhat (CVE-2024-0193). Successful exploitation can lead to full system takeover.
CVE-2023-7024 KEV [KEV] Out-of-Bounds Write in Google chromium-webrtc (CVE-2023-7024)
out-of-bounds write in Google chromium-webrtc (CVE-2023-7024). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-7101 KEV [KEV] Vulnerability in Spreadsheet::parseexcel spreadsheetparseexcel (CVE-2023-7101)
vulnerability in Spreadsheet::parseexcel spreadsheetparseexcel (CVE-2023-7101). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-50470 Cross-Site Scripting (XSS) in seacms (CVE-2023-50470)
cross-site scripting in seacms (CVE-2023-50470). Risk of unauthorized operations or information disclosure.
CVE-2023-46987 Code Injection in seacms (CVE-2023-46987)
code injection in seacms (CVE-2023-46987). Successful exploitation can lead to full system takeover.
CVE-2023-51767 Vulnerability in openbsd (CVE-2023-51767)
vulnerability in openbsd (CVE-2023-51767). Successful exploitation can lead to full system takeover.
CVE-2023-49897 KEV [KEV] OS Command Injection in Fxc ae1021 (CVE-2023-49897)
OS command injection in Fxc ae1021 (CVE-2023-49897). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-47565 KEV [KEV] OS Command Injection in Qnap viostor-nvr (CVE-2023-47565)
OS command injection in Qnap viostor-nvr (CVE-2023-47565). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-50988 Out-of-Bounds Write in tenda (CVE-2023-50988)
out-of-bounds write in tenda (CVE-2023-50988). Successful exploitation can lead to full system takeover.
CVE-2023-50989 Command Injection in tenda (CVE-2023-50989)
command injection in tenda (CVE-2023-50989). Successful exploitation can lead to full system takeover.
CVE-2023-50990 Out-of-Bounds Write in tenda (CVE-2023-50990)
out-of-bounds write in tenda (CVE-2023-50990). Successful exploitation can lead to full system takeover.
CVE-2023-50992 Out-of-Bounds Write in tenda (CVE-2023-50992)
out-of-bounds write in tenda (CVE-2023-50992). Successful exploitation can lead to full system takeover.
CVE-2023-50983 Command Injection in tenda (CVE-2023-50983)
command injection in tenda (CVE-2023-50983). Successful exploitation can lead to full system takeover.
CVE-2023-50984 Out-of-Bounds Write in tenda (CVE-2023-50984)
out-of-bounds write in tenda (CVE-2023-50984). Successful exploitation can lead to full system takeover.
CVE-2023-50985 Out-of-Bounds Write in tenda (CVE-2023-50985)
out-of-bounds write in tenda (CVE-2023-50985). Successful exploitation can lead to full system takeover.
CVE-2023-50986 Out-of-Bounds Write in tenda (CVE-2023-50986)
out-of-bounds write in tenda (CVE-2023-50986). Successful exploitation can lead to full system takeover.
CVE-2023-50987 Out-of-Bounds Write in tenda (CVE-2023-50987)
out-of-bounds write in tenda (CVE-2023-50987). Successful exploitation can lead to full system takeover.
CVE-2023-6931 Out-of-Bounds Write in privilege-escalation (CVE-2023-6931)
out-of-bounds write in privilege-escalation (CVE-2023-6931). Successful exploitation can lead to full system takeover.
CVE-2023-6932 Use-After-Free in privilege-escalation (CVE-2023-6932)
vulnerability in privilege-escalation (CVE-2023-6932). Successful exploitation can lead to full system takeover.
CVE-2023-51385 OS Command Injection in openbsd (CVE-2023-51385)
OS command injection in openbsd (CVE-2023-51385). Risk of unauthorized operations or information disclosure.
CVE-2023-51384 Vulnerability in openbsd (CVE-2023-51384)
vulnerability in openbsd (CVE-2023-51384). Confidential information can be exposed externally.
CVE-2023-48795 Vulnerability in russh (CVE-2023-48795)
vulnerability in russh (CVE-2023-48795). Data can be tampered with by attackers. Mitigation: upgrade to `0.40.2` or later.
CVE-2023-6817 Use-After-Free in privilege-escalation (CVE-2023-6817)
vulnerability in privilege-escalation (CVE-2023-6817). Successful exploitation can lead to full system takeover.
CVE-2023-50918 app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
CVE-2023-36009 Microsoft Word Information Disclosure Vulnerability
Microsoft Word Information Disclosure Vulnerability
CVE-2023-49494 Cross-Site Scripting (XSS) in dedecms (CVE-2023-49494)
cross-site scripting in dedecms (CVE-2023-49494). Risk of unauthorized operations or information disclosure.
CVE-2023-6448 KEV [KEV] Vulnerability in Unitronics vision-plc-and-hmi (CVE-2023-6448)
vulnerability in Unitronics vision-plc-and-hmi (CVE-2023-6448). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →