Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-36025 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-36025)
vulnerability in Microsoft windows (CVE-2023-36025). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36033 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-36033)
vulnerability in Microsoft windows (CVE-2023-36033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36851 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2023-36851)
vulnerability in Juniper junos-os (CVE-2023-36851). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36847 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2023-36847)
vulnerability in Juniper junos-os (CVE-2023-36847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36846 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2023-36846)
vulnerability in Juniper junos-os (CVE-2023-36846). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36845 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2023-36845)
vulnerability in Juniper junos-os (CVE-2023-36845). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36844 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2023-36844)
vulnerability in Juniper junos-os (CVE-2023-36844). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-47246 KEV |
|
[KEV] Path Traversal in sysaid (CVE-2023-47246)
path traversal in sysaid (CVE-2023-47246). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-29552 KEV |
|
[KEV] Vulnerability in Ietf service-location-protocol-slp (CVE-2023-29552)
vulnerability in Ietf service-location-protocol-slp (CVE-2023-29552). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-22518 KEV |
|
[KEV] Authorization Flaw in Atlassian confluence-data-center-and-server (CVE-2023-22518)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22518). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-46604 KEV |
|
[KEV] Unsafe Deserialization in Apache activemq (CVE-2023-46604)
vulnerability in Apache activemq (CVE-2023-46604). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-46747 KEV |
|
[KEV] Vulnerability in F5 big-ip-configuration-utility (CVE-2023-46747)
vulnerability in F5 big-ip-configuration-utility (CVE-2023-46747). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-46748 KEV |
|
[KEV] SQL Injection in F5 big-ip-configuration-utility (CVE-2023-46748)
SQL injection in F5 big-ip-configuration-utility (CVE-2023-46748). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-5631 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2023-5631)
cross-site scripting in Roundcube webmail (CVE-2023-5631). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-20273 KEV |
|
[KEV] OS Command Injection in cisco (CVE-2023-20273)
OS command injection in cisco (CVE-2023-20273). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-4966 KEV |
|
[KEV] Buffer Overflow in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-4966)
vulnerability in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-4966). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-20198 KEV |
|
[KEV] Vulnerability in Cisco ios-xe-web-ui (CVE-2023-20198)
vulnerability in Cisco ios-xe-web-ui (CVE-2023-20198). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41763 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Microsoft skype-for-business (CVE-2023-41763)
SSRF in Microsoft skype-for-business (CVE-2023-41763). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-21608 KEV |
|
[KEV] Use-After-Free in Adobe acrobat-and-reader (CVE-2023-21608)
vulnerability in Adobe acrobat-and-reader (CVE-2023-21608). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36563 KEV |
|
[KEV] Vulnerability in Microsoft wordpad (CVE-2023-36563)
vulnerability in Microsoft wordpad (CVE-2023-36563). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-44487 KEV |
|
[KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.
|
| CVE-2023-20109 KEV |
|
[KEV] Out-of-Bounds Write in Cisco ios-and-ios-xe (CVE-2023-20109)
out-of-bounds write in Cisco ios-and-ios-xe (CVE-2023-20109). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-42824 KEV |
|
[KEV] Vulnerability in Apple ios-and-ipados (CVE-2023-42824)
vulnerability in Apple ios-and-ipados (CVE-2023-42824). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-40044 KEV |
|
[KEV] Unsafe Deserialization in Progress ws-ftp-server (CVE-2023-40044)
vulnerability in Progress ws-ftp-server (CVE-2023-40044). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-22515 KEV |
|
[KEV] Vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22515)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22515). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28229 KEV |
|
[KEV] Vulnerability in Microsoft windows-cng-key-isolation-service (CVE-2023-28229)
vulnerability in Microsoft windows-cng-key-isolation-service (CVE-2023-28229). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-42793 KEV |
|
[KEV] Vulnerability in Jetbrains teamcity (CVE-2023-42793)
vulnerability in Jetbrains teamcity (CVE-2023-42793). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-4211 KEV |
|
[KEV] Use-After-Free in Arm :unknown: (CVE-2023-4211)
vulnerability in Arm :unknown: (CVE-2023-4211). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2023-10-05` or later.
|
| CVE-2023-5217 KEV |
|
[KEV] Out-of-Bounds Write in Google chromium-libvpx (CVE-2023-5217)
out-of-bounds write in Google chromium-libvpx (CVE-2023-5217). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-14667 KEV |
|
[KEV] Code Injection in Red hat red-hat (CVE-2018-14667)
code injection in Red hat red-hat (CVE-2018-14667). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41992 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2023-41992)
vulnerability in Apple multiple-products (CVE-2023-41992). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41991 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2023-41991)
vulnerability in Apple multiple-products (CVE-2023-41991). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41993 KEV |
|
[KEV] Vulnerability in Apple java (CVE-2023-41993)
vulnerability in Apple java (CVE-2023-41993). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
|
| CVE-2023-41179 KEV |
|
[KEV] Vulnerability in Trend micro trend-micro (CVE-2023-41179)
vulnerability in Trend micro trend-micro (CVE-2023-41179). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28434 KEV |
|
[KEV] Privilege Escalation in minio (CVE-2023-28434)
vulnerability in minio (CVE-2023-28434). Risk of unauthorized operations or information disclosure. Exploitable via ``PostPolicyBucket``. Listed in CISA KEV — actively exploited.
|
| CVE-2021-3129 KEV |
|
[KEV] Vulnerability in Laravel ignition (CVE-2021-3129)
vulnerability in Laravel ignition (CVE-2021-3129). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-6884 KEV |
|
[KEV] OS Command Injection in Zyxel emg2926-routers (CVE-2017-6884)
OS command injection in Zyxel emg2926-routers (CVE-2017-6884). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-8361 KEV |
|
[KEV] Vulnerability in Realtek sdk (CVE-2014-8361)
vulnerability in Realtek sdk (CVE-2014-8361). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-22265 KEV |
|
[KEV] Vulnerability in Samsung mobile-devices (CVE-2022-22265)
vulnerability in Samsung mobile-devices (CVE-2022-22265). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-26369 KEV |
|
[KEV] Out-of-Bounds Write in Adobe acrobat-and-reader (CVE-2023-26369)
out-of-bounds write in Adobe acrobat-and-reader (CVE-2023-26369). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-20269 KEV |
|
[KEV] Vulnerability in Cisco adaptive-security-appliance-and-firepower-threat-defense (CVE-2023-20269)
vulnerability in Cisco adaptive-security-appliance-and-firepower-threat-defense (CVE-2023-20269). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-4863 KEV |
|
[KEV] Out-of-Bounds Write in Google chromium-webp (CVE-2023-4863)
out-of-bounds write in Google chromium-webp (CVE-2023-4863). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2023-35674 KEV |
|
[KEV] Vulnerability in Android platform/frameworks/base (CVE-2023-35674)
vulnerability in Android platform/frameworks/base (CVE-2023-35674). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `13:2023-09-01` or later.
|
| CVE-2023-36802 KEV |
|
[KEV] Use-After-Free in Microsoft streaming-service-proxy (CVE-2023-36802)
vulnerability in Microsoft streaming-service-proxy (CVE-2023-36802). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36761 KEV |
|
[KEV] Vulnerability in Microsoft word (CVE-2023-36761)
vulnerability in Microsoft word (CVE-2023-36761). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41061 KEV |
|
[KEV] Vulnerability in Apple ios (CVE-2023-41061)
vulnerability in Apple ios (CVE-2023-41061). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41064 KEV |
|
[KEV] Vulnerability in Apple ios (CVE-2023-41064)
vulnerability in Apple ios (CVE-2023-41064). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33246 KEV |
|
[KEV] Code Injection in Apache rocketmq (CVE-2023-33246)
code injection in Apache rocketmq (CVE-2023-33246). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-38831 KEV |
|
[KEV] Vulnerability in Rarlab winrar (CVE-2023-38831)
vulnerability in Rarlab winrar (CVE-2023-38831). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-32315 KEV |
|
[KEV] Path Traversal in Ignite realtime ignite-realtime (CVE-2023-32315)
path traversal in Ignite realtime ignite-realtime (CVE-2023-32315). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|