Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2023-44487 KEV [KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.
CVE-2023-21608 KEV [KEV] Use-After-Free in Adobe acrobat-and-reader (CVE-2023-21608)
vulnerability in Adobe acrobat-and-reader (CVE-2023-21608). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41763 KEV [KEV] SSRF (Server-Side Request Forgery) in Microsoft skype-for-business (CVE-2023-41763)
SSRF in Microsoft skype-for-business (CVE-2023-41763). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36563 KEV [KEV] Vulnerability in Microsoft wordpad (CVE-2023-36563)
vulnerability in Microsoft wordpad (CVE-2023-36563). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-43615 Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
CVE-2023-40044 KEV [KEV] Unsafe Deserialization in Progress ws-ftp-server (CVE-2023-40044)
vulnerability in Progress ws-ftp-server (CVE-2023-40044). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-22515 KEV [KEV] Vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22515)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22515). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-42824 KEV [KEV] Vulnerability in Apple ios-and-ipados (CVE-2023-42824)
vulnerability in Apple ios-and-ipados (CVE-2023-42824). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-28229 KEV [KEV] Vulnerability in Microsoft windows-cng-key-isolation-service (CVE-2023-28229)
vulnerability in Microsoft windows-cng-key-isolation-service (CVE-2023-28229). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-42793 KEV [KEV] Vulnerability in Jetbrains teamcity (CVE-2023-42793)
vulnerability in Jetbrains teamcity (CVE-2023-42793). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-4211 KEV [KEV] Use-After-Free in Arm :unknown: (CVE-2023-4211)
vulnerability in Arm :unknown: (CVE-2023-4211). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2023-10-05` or later.
CVE-2023-5217 KEV [KEV] Out-of-Bounds Write in Google chromium-libvpx (CVE-2023-5217)
out-of-bounds write in Google chromium-libvpx (CVE-2023-5217). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41446 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41446)
cross-site scripting in phpkobo (CVE-2023-41446). Risk of unauthorized operations or information disclosure.
CVE-2023-41447 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41447)
cross-site scripting in phpkobo (CVE-2023-41447). Risk of unauthorized operations or information disclosure.
CVE-2018-14667 KEV [KEV] Code Injection in Red hat red-hat (CVE-2018-14667)
code injection in Red hat red-hat (CVE-2018-14667). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41448 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41448)
cross-site scripting in phpkobo (CVE-2023-41448). Risk of unauthorized operations or information disclosure.
CVE-2023-41451 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41451)
cross-site scripting in phpkobo (CVE-2023-41451). Risk of unauthorized operations or information disclosure.
CVE-2023-41452 Cross-Site Request Forgery (CSRF) in phpkobo (CVE-2023-41452)
vulnerability in phpkobo (CVE-2023-41452). Successful exploitation can lead to full system takeover.
CVE-2023-41453 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41453)
cross-site scripting in phpkobo (CVE-2023-41453). Risk of unauthorized operations or information disclosure.
CVE-2023-41445 Cross-Site Scripting (XSS) in phpkobo (CVE-2023-41445)
cross-site scripting in phpkobo (CVE-2023-41445). Risk of unauthorized operations or information disclosure.
CVE-2023-43856 Vulnerability in iteachyou (CVE-2023-43856)
vulnerability in iteachyou (CVE-2023-43856). Confidential information can be exposed externally.
CVE-2023-43234 Code Injection in dedebiz (CVE-2023-43234)
code injection in dedebiz (CVE-2023-43234). Successful exploitation can lead to full system takeover.
CVE-2023-43278 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-43278)
vulnerability in csrf (CVE-2023-43278). Successful exploitation can lead to full system takeover.
CVE-2023-41993 KEV [KEV] Vulnerability in Apple java (CVE-2023-41993)
vulnerability in Apple java (CVE-2023-41993). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
CVE-2023-41991 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2023-41991)
vulnerability in Apple multiple-products (CVE-2023-41991). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41992 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2023-41992)
vulnerability in Apple multiple-products (CVE-2023-41992). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-34576 SQL Injection in sqli (CVE-2023-34576)
SQL injection in sqli (CVE-2023-34576). Successful exploitation can lead to full system takeover.
CVE-2023-42456 Path Traversal in sudo-rs (CVE-2023-42456)
path traversal in sudo-rs (CVE-2023-42456). Risk of unauthorized operations or information disclosure. Exploitable via ``useradd``. Mitigation: upgrade to `0.2.1` or later.
CVE-2023-41179 KEV [KEV] Vulnerability in Trend micro trend-micro (CVE-2023-41179)
vulnerability in Trend micro trend-micro (CVE-2023-41179). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-40932 Cross-Site Scripting (XSS) in nagios (CVE-2023-40932)
cross-site scripting in nagios (CVE-2023-40932). Risk of unauthorized operations or information disclosure.
CVE-2023-40933 SQL Injection in sqli (CVE-2023-40933)
SQL injection in sqli (CVE-2023-40933). Successful exploitation can lead to full system takeover.
CVE-2023-40934 SQL Injection in sqli (CVE-2023-40934)
SQL injection in sqli (CVE-2023-40934). Successful exploitation can lead to full system takeover.
CVE-2023-40931 SQL Injection in sqli (CVE-2023-40931)
SQL injection in sqli (CVE-2023-40931). Confidential information can be exposed externally.
CVE-2023-28434 KEV [KEV] Privilege Escalation in minio (CVE-2023-28434)
vulnerability in minio (CVE-2023-28434). Risk of unauthorized operations or information disclosure. Exploitable via ``PostPolicyBucket``. Listed in CISA KEV — actively exploited.
CVE-2023-4527 Vulnerability in gnu (CVE-2023-4527)
vulnerability in gnu (CVE-2023-4527). Risk of unauthorized operations or information disclosure.
CVE-2023-4806 Use-After-Free in gnu (CVE-2023-4806)
vulnerability in gnu (CVE-2023-4806). Risk of unauthorized operations or information disclosure.
CVE-2022-22265 KEV [KEV] Vulnerability in Samsung mobile-devices (CVE-2022-22265)
vulnerability in Samsung mobile-devices (CVE-2022-22265). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-6884 KEV [KEV] OS Command Injection in Zyxel emg2926-routers (CVE-2017-6884)
OS command injection in Zyxel emg2926-routers (CVE-2017-6884). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2014-8361 KEV [KEV] Vulnerability in Realtek sdk (CVE-2014-8361)
vulnerability in Realtek sdk (CVE-2014-8361). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-3129 KEV [KEV] Vulnerability in Laravel ignition (CVE-2021-3129)
vulnerability in Laravel ignition (CVE-2021-3129). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-4662 Vulnerability in adobe (CVE-2023-4662)
vulnerability in adobe (CVE-2023-4662). Successful exploitation can lead to full system takeover.
CVE-2023-4663 Cross-Site Scripting (XSS) in adobe (CVE-2023-4663)
cross-site scripting in adobe (CVE-2023-4663). Risk of unauthorized operations or information disclosure.
CVE-2023-4664 Incorrect Default Permissions vulnerability in Saphira Saphira Connect allows Privilege...
Incorrect Default Permissions vulnerability in Saphira Saphira Connect allows Privilege...
CVE-2023-4665 Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows...
Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows...
CVE-2023-4661 SQL Injection in sqli (CVE-2023-4661)
SQL injection in sqli (CVE-2023-4661). Successful exploitation can lead to full system takeover.
CVE-2023-40983 Cross-Site Scripting (XSS) in webmin (CVE-2023-40983)
cross-site scripting in webmin (CVE-2023-40983). Risk of unauthorized operations or information disclosure.
CVE-2023-40982 Cross-Site Scripting (XSS) in webmin (CVE-2023-40982)
cross-site scripting in webmin (CVE-2023-40982). Risk of unauthorized operations or information disclosure.
CVE-2023-40984 Cross-Site Scripting (XSS) in webmin (CVE-2023-40984)
cross-site scripting in webmin (CVE-2023-40984). Risk of unauthorized operations or information disclosure.
CVE-2023-40985 Cross-Site Scripting (XSS) in webmin (CVE-2023-40985)
cross-site scripting in webmin (CVE-2023-40985). Risk of unauthorized operations or information disclosure.
CVE-2023-40986 Cross-Site Scripting (XSS) in webmin (CVE-2023-40986)
cross-site scripting in webmin (CVE-2023-40986). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →