Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-33532 |
|
Command Injection in netgear (CVE-2023-33532)
command injection in netgear (CVE-2023-33532). Successful exploitation can lead to full system takeover.
|
| CVE-2023-33530 |
|
Command Injection in tenda (CVE-2023-33530)
command injection in tenda (CVE-2023-33530). Successful exploitation can lead to full system takeover.
|
| CVE-2023-33009 KEV |
|
[KEV] Vulnerability in Zyxel multiple-firewalls (CVE-2023-33009)
vulnerability in Zyxel multiple-firewalls (CVE-2023-33009). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33010 KEV |
|
[KEV] Vulnerability in Zyxel multiple-firewalls (CVE-2023-33010)
vulnerability in Zyxel multiple-firewalls (CVE-2023-33010). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-34362 KEV |
|
[KEV] SQL Injection in Progress moveit-transfer (CVE-2023-34362)
SQL injection in Progress moveit-transfer (CVE-2023-34362). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28771 KEV |
|
[KEV] OS Command Injection in Zyxel multiple-firewalls (CVE-2023-28771)
OS command injection in Zyxel multiple-firewalls (CVE-2023-28771). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33234 |
|
Vulnerability in apache (CVE-2023-33234)
vulnerability in apache (CVE-2023-33234). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2868 KEV |
|
[KEV] Vulnerability in Barracuda networks barracuda-networks (CVE-2023-2868)
vulnerability in Barracuda networks barracuda-networks (CVE-2023-2868). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-32409 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2023-32409)
vulnerability in Apple multiple-products (CVE-2023-32409). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28204 KEV |
|
[KEV] Out-of-Bounds Read in Apple multiple-products (CVE-2023-28204)
vulnerability in Apple multiple-products (CVE-2023-28204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-32373 KEV |
|
[KEV] Use-After-Free in Apple multiple-products (CVE-2023-32373)
vulnerability in Apple multiple-products (CVE-2023-32373). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-21492 KEV |
|
[KEV] Vulnerability in Samsung mobile-devices (CVE-2023-21492)
vulnerability in Samsung mobile-devices (CVE-2023-21492). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2004-1464 KEV |
|
[KEV] Vulnerability in Cisco ios (CVE-2004-1464)
vulnerability in Cisco ios (CVE-2004-1464). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-6415 KEV |
|
[KEV] Information Disclosure in Cisco ios (CVE-2016-6415)
vulnerability in Cisco ios (CVE-2016-6415). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-47879 |
|
Code Injection in jedox (CVE-2022-47879)
code injection in jedox (CVE-2022-47879). Successful exploitation can lead to full system takeover.
|
| CVE-2022-47880 |
|
Vulnerability in jedox (CVE-2022-47880)
vulnerability in jedox (CVE-2022-47880). Confidential information can be exposed externally.
|
| CVE-2014-0196 KEV |
|
[KEV] Vulnerability in Linux kernel (CVE-2014-0196)
vulnerability in Linux kernel (CVE-2014-0196). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-3904 KEV |
|
[KEV] Vulnerability in Linux kernel (CVE-2010-3904)
vulnerability in Linux kernel (CVE-2010-3904). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-5317 KEV |
|
[KEV] Information Disclosure in jenkins (CVE-2015-5317)
vulnerability in jenkins (CVE-2015-5317). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-8735 KEV |
|
[KEV] Vulnerability in Apache tomcat (CVE-2016-8735)
vulnerability in Apache tomcat (CVE-2016-8735). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3427 KEV |
|
[KEV] Vulnerability in Oracle java-se-and-jrockit (CVE-2016-3427)
vulnerability in Oracle java-se-and-jrockit (CVE-2016-3427). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-3560 KEV |
|
[KEV] Authorization Flaw in Red hat red-hat (CVE-2021-3560)
vulnerability in Red hat red-hat (CVE-2021-3560). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-25717 KEV |
|
[KEV] Code Injection in Ruckus wireless ruckus-wireless (CVE-2023-25717)
code injection in Ruckus wireless ruckus-wireless (CVE-2023-25717). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-29333 |
|
Microsoft Access Denial of Service Vulnerability
Microsoft Access Denial of Service Vulnerability
|
| CVE-2023-29335 |
|
Microsoft Word Security Feature Bypass Vulnerability
Microsoft Word Security Feature Bypass Vulnerability
|
| CVE-2023-29336 KEV |
|
[KEV] Use-After-Free in Microsoft win32k (CVE-2023-29336)
vulnerability in Microsoft win32k (CVE-2023-29336). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-30185 |
|
Unrestricted File Upload in crmeb (CVE-2023-30185)
vulnerability in crmeb (CVE-2023-30185). Successful exploitation can lead to full system takeover.
|
| CVE-2023-30242 |
|
SQL Injection in sqli (CVE-2023-30242)
SQL injection in sqli (CVE-2023-30242). Successful exploitation can lead to full system takeover.
|
| CVE-2023-23059 |
|
Vulnerability in geovision (CVE-2023-23059)
vulnerability in geovision (CVE-2023-23059). Successful exploitation can lead to full system takeover.
|
| CVE-2021-45046 KEV |
|
[KEV] Vulnerability in Apache log4j2 (CVE-2021-45046)
vulnerability in Apache log4j2 (CVE-2021-45046). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-21839 KEV |
|
[KEV] Vulnerability in Oracle weblogic-server (CVE-2023-21839)
vulnerability in Oracle weblogic-server (CVE-2023-21839). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-1389 KEV |
|
[KEV] Command Injection in Tp-link archer-ax21 (CVE-2023-1389)
command injection in Tp-link archer-ax21 (CVE-2023-1389). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-27350 KEV |
|
[KEV] Vulnerability in Papercut mfng (CVE-2023-27350)
vulnerability in Papercut mfng (CVE-2023-27350). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28432 KEV |
|
[KEV] Information Disclosure in minio (CVE-2023-28432)
vulnerability in minio (CVE-2023-28432). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-2136 KEV |
|
[KEV] Vulnerability in Google platform/external/skia (CVE-2023-2136)
vulnerability in Google platform/external/skia (CVE-2023-2136). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `13:2023-07-01` or later.
|
| CVE-2017-6742 KEV |
|
[KEV] Buffer Overflow in Cisco ios-and-ios-xe-software (CVE-2017-6742)
vulnerability in Cisco ios-and-ios-xe-software (CVE-2017-6742). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-2033 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2023-2033)
vulnerability in Google chromium-v8 (CVE-2023-2033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-8526 KEV |
|
[KEV] Use-After-Free in Apple macos (CVE-2019-8526)
vulnerability in Apple macos (CVE-2019-8526). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-27666 |
|
Cross-Site Scripting (XSS) in auto-dealer-management-system-project (CVE-2023-27666)
cross-site scripting in auto-dealer-management-system-project (CVE-2023-27666). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-20963 KEV |
|
[KEV] Vulnerability in Android platform/frameworks/base (CVE-2023-20963)
vulnerability in Android platform/frameworks/base (CVE-2023-20963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `13:2023-03-01` or later.
|
| CVE-2023-29492 KEV |
|
[KEV] Code Injection in Novi survey novi-survey (CVE-2023-29492)
code injection in Novi survey novi-survey (CVE-2023-29492). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28252 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-28252)
vulnerability in Microsoft windows (CVE-2023-28252). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28205 KEV |
|
[KEV] Use-After-Free in Apple multiple-products (CVE-2023-28205)
vulnerability in Apple multiple-products (CVE-2023-28205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28206 KEV |
|
[KEV] Out-of-Bounds Write in Apple ios (CVE-2023-28206)
out-of-bounds write in Apple ios (CVE-2023-28206). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1388 KEV |
|
[KEV] Privilege Escalation in Microsoft windows (CVE-2019-1388)
vulnerability in Microsoft windows (CVE-2019-1388). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-26083 KEV |
|
[KEV] Vulnerability in Arm mali-graphics-processing-unit-gpu (CVE-2023-26083)
vulnerability in Arm mali-graphics-processing-unit-gpu (CVE-2023-26083). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27876 KEV |
|
[KEV] Authentication Bypass in Veritas backup-exec-agent (CVE-2021-27876)
authentication bypass in Veritas backup-exec-agent (CVE-2021-27876). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27877 KEV |
|
[KEV] Authentication Bypass in Veritas backup-exec-agent (CVE-2021-27877)
authentication bypass in Veritas backup-exec-agent (CVE-2021-27877). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27878 KEV |
|
[KEV] Authentication Bypass in Veritas backup-exec-agent (CVE-2021-27878)
authentication bypass in Veritas backup-exec-agent (CVE-2021-27878). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-27926 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27926)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27926). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|