Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2023-21237 KEV [KEV] Information Disclosure in Android pixel (CVE-2023-21237)
vulnerability in Android pixel (CVE-2023-21237). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21338 KEV [KEV] Vulnerability in Microsoft windows (CVE-2024-21338)
vulnerability in Microsoft windows (CVE-2024-21338). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-29360 KEV [KEV] Vulnerability in Microsoft streaming-service (CVE-2023-29360)
vulnerability in Microsoft streaming-service (CVE-2023-29360). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-1709 KEV [KEV] Vulnerability in Connectwise screenconnect (CVE-2024-1709)
vulnerability in Connectwise screenconnect (CVE-2024-1709). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21410 KEV [KEV] Authentication Bypass in Microsoft exchange-server (CVE-2024-21410)
authentication bypass in Microsoft exchange-server (CVE-2024-21410). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-3259 KEV [KEV] Information Disclosure in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3259)
vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3259). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21351 KEV [KEV] Code Injection in Microsoft windows (CVE-2024-21351)
code injection in Microsoft windows (CVE-2024-21351). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21412 KEV [KEV] Vulnerability in Microsoft windows (CVE-2024-21412)
vulnerability in Microsoft windows (CVE-2024-21412). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-43770 KEV [KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2023-43770)
cross-site scripting in Roundcube webmail (CVE-2023-43770). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21762 KEV [KEV] Out-of-Bounds Write in Fortinet fortios (CVE-2024-21762)
out-of-bounds write in Fortinet fortios (CVE-2024-21762). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-4762 KEV [KEV] Vulnerability in Google chromium-v8 (CVE-2023-4762)
vulnerability in Google chromium-v8 (CVE-2023-4762). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21893 KEV [KEV] SSRF (Server-Side Request Forgery) in Ivanti connect-secure (CVE-2024-21893)
SSRF in Ivanti connect-secure (CVE-2024-21893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-48618 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2022-48618)
vulnerability in Apple multiple-products (CVE-2022-48618). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-22527 KEV [KEV] Vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22527)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22527). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-23222 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2024-23222)
vulnerability in Apple multiple-products (CVE-2024-23222). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-34048 KEV [KEV] Out-of-Bounds Write in Vmware vcenter-server (CVE-2023-34048)
out-of-bounds write in Vmware vcenter-server (CVE-2023-34048). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-35082 KEV [KEV] Authentication Bypass in Ivanti endpoint-manager-mobile-epmm-and-mobileiron-core (CVE-2023-35082)
authentication bypass in Ivanti endpoint-manager-mobile-epmm-and-mobileiron-core (CVE-2023-35082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6548 KEV [KEV] Code Injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6548)
code injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6548). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6549 KEV [KEV] Buffer Overflow in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6549)
vulnerability in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6549). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-0519 KEV [KEV] Out-of-Bounds Write in Google chromium-v8 (CVE-2024-0519)
out-of-bounds write in Google chromium-v8 (CVE-2024-0519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-15133 KEV [KEV] Unsafe Deserialization in laravel (CVE-2018-15133)
vulnerability in laravel (CVE-2018-15133). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21887 KEV [KEV] Command Injection in Ivanti connect-secure-and-policy-secure (CVE-2024-21887)
command injection in Ivanti connect-secure-and-policy-secure (CVE-2024-21887). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-29357 KEV [KEV] Vulnerability in Microsoft sharepoint-server (CVE-2023-29357)
vulnerability in Microsoft sharepoint-server (CVE-2023-29357). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46805 KEV [KEV] Authentication Bypass in Ivanti connect-secure-and-policy-secure (CVE-2023-46805)
authentication bypass in Ivanti connect-secure-and-policy-secure (CVE-2023-46805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-38203 KEV [KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2023-38203)
vulnerability in Adobe coldfusion (CVE-2023-38203). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-29300 KEV [KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2023-29300)
vulnerability in Adobe coldfusion (CVE-2023-29300). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-27524 KEV [KEV] Vulnerability in Apache superset (CVE-2023-27524)
vulnerability in Apache superset (CVE-2023-27524). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41990 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2023-41990)
vulnerability in Apple multiple-products (CVE-2023-41990). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-20017 KEV [KEV] Command Injection in D-link dsl-2750b-devices (CVE-2016-20017)
command injection in D-link dsl-2750b-devices (CVE-2016-20017). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-23752 KEV [KEV] Vulnerability in Joomla! joomla (CVE-2023-23752)
vulnerability in Joomla! joomla (CVE-2023-23752). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-7024 KEV [KEV] Out-of-Bounds Write in Google chromium-webrtc (CVE-2023-7024)
out-of-bounds write in Google chromium-webrtc (CVE-2023-7024). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-7101 KEV [KEV] Vulnerability in Spreadsheet::parseexcel spreadsheetparseexcel (CVE-2023-7101)
vulnerability in Spreadsheet::parseexcel spreadsheetparseexcel (CVE-2023-7101). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-47565 KEV [KEV] OS Command Injection in Qnap viostor-nvr (CVE-2023-47565)
OS command injection in Qnap viostor-nvr (CVE-2023-47565). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-49897 KEV [KEV] OS Command Injection in Fxc ae1021 (CVE-2023-49897)
OS command injection in Fxc ae1021 (CVE-2023-49897). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6448 KEV [KEV] Vulnerability in Unitronics vision-plc-and-hmi (CVE-2023-6448)
vulnerability in Unitronics vision-plc-and-hmi (CVE-2023-6448). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41265 KEV [KEV] Vulnerability in Qlik sense (CVE-2023-41265)
vulnerability in Qlik sense (CVE-2023-41265). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41266 KEV [KEV] Vulnerability in Qlik sense (CVE-2023-41266)
vulnerability in Qlik sense (CVE-2023-41266). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-22071 KEV [KEV] Use-After-Free in Qualcomm multiple-chipsets (CVE-2022-22071)
vulnerability in Qualcomm multiple-chipsets (CVE-2022-22071). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33106 KEV [KEV] Vulnerability in Qualcomm multiple-chipsets (CVE-2023-33106)
vulnerability in Qualcomm multiple-chipsets (CVE-2023-33106). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33107 KEV [KEV] Vulnerability in Qualcomm multiple-chipsets (CVE-2023-33107)
vulnerability in Qualcomm multiple-chipsets (CVE-2023-33107). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33063 KEV [KEV] Use-After-Free in :linux_kernel:Qualcomm (CVE-2023-33063)
vulnerability in :linux_kernel:Qualcomm (CVE-2023-33063). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2023-12-05` or later.
CVE-2023-42916 KEV [KEV] Out-of-Bounds Read in Apple multiple-products (CVE-2023-42916)
vulnerability in Apple multiple-products (CVE-2023-42916). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-42917 KEV [KEV] Out-of-Bounds Write in Apple java (CVE-2023-42917)
out-of-bounds write in Apple java (CVE-2023-42917). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
CVE-2023-49103 KEV [KEV] Vulnerability in owncloud (CVE-2023-49103)
vulnerability in owncloud (CVE-2023-49103). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6345 KEV [KEV] Vulnerability in Google chromium-skia (CVE-2023-6345)
vulnerability in Google chromium-skia (CVE-2023-6345). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-4911 KEV [KEV] Vulnerability in Gnu c (CVE-2023-4911)
vulnerability in Gnu c (CVE-2023-4911). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2023-1671 KEV [KEV] Command Injection in Sophos web-appliance (CVE-2023-1671)
command injection in Sophos web-appliance (CVE-2023-1671). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-2551 KEV [KEV] Vulnerability in Oracle fusion-middleware (CVE-2020-2551)
vulnerability in Oracle fusion-middleware (CVE-2020-2551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36584 KEV [KEV] Vulnerability in Microsoft windows (CVE-2023-36584)
vulnerability in Microsoft windows (CVE-2023-36584). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36036 KEV [KEV] Vulnerability in Microsoft windows (CVE-2023-36036)
vulnerability in Microsoft windows (CVE-2023-36036). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →