Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-42790 |
|
Vulnerability in fortinet (CVE-2023-42790)
vulnerability in fortinet (CVE-2023-42790). Successful exploitation can lead to full system takeover.
|
| CVE-2024-26566 |
|
Vulnerability in iscute (CVE-2024-26566)
vulnerability in iscute (CVE-2024-26566). Data can be tampered with by attackers.
|
| CVE-2023-47415 |
|
OS Command Injection in cypress (CVE-2023-47415)
OS command injection in cypress (CVE-2023-47415). Data can be tampered with by attackers.
|
| CVE-2024-27198 KEV |
|
[KEV] Vulnerability in Jetbrains teamcity (CVE-2024-27198)
vulnerability in Jetbrains teamcity (CVE-2024-27198). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-27289 |
|
pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for...
pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a s...
|
| CVE-2023-33677 |
|
SQL Injection in sqli (CVE-2023-33677)
SQL injection in sqli (CVE-2023-33677). Confidential information can be exposed externally.
|
| CVE-2024-23225 KEV |
|
[KEV] Out-of-Bounds Write in Apple multiple-products (CVE-2024-23225)
out-of-bounds write in Apple multiple-products (CVE-2024-23225). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-23296 KEV |
|
[KEV] Out-of-Bounds Write in Apple multiple-products (CVE-2024-23296)
out-of-bounds write in Apple multiple-products (CVE-2024-23296). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-21237 KEV |
|
[KEV] Information Disclosure in Android pixel (CVE-2023-21237)
vulnerability in Android pixel (CVE-2023-21237). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-36380 KEV |
|
[KEV] OS Command Injection in Sunhillo sureline (CVE-2021-36380)
OS command injection in Sunhillo sureline (CVE-2021-36380). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-47107 |
|
Vulnerability in c (CVE-2021-47107)
vulnerability in c (CVE-2021-47107). Successful exploitation can lead to full system takeover.
|
| CVE-2024-21338 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2024-21338)
vulnerability in Microsoft windows (CVE-2024-21338). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-29360 KEV |
|
[KEV] Vulnerability in Microsoft streaming-service (CVE-2023-29360)
vulnerability in Microsoft streaming-service (CVE-2023-29360). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-22983 |
|
SQL Injection in sqli (CVE-2024-22983)
SQL injection in sqli (CVE-2024-22983). Confidential information can be exposed externally.
|
| CVE-2020-36785 |
|
Vulnerability in linux (CVE-2020-36785)
vulnerability in linux (CVE-2020-36785). Successful exploitation can lead to full system takeover.
|
| CVE-2024-22873 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2024-22873)
SSRF in ssrf (CVE-2024-22873). Confidential information can be exposed externally.
|
| CVE-2024-25423 |
|
Out-of-Bounds Write in nemetschek (CVE-2024-25423)
out-of-bounds write in nemetschek (CVE-2024-25423). Successful exploitation can lead to full system takeover.
|
| CVE-2024-1709 KEV |
|
[KEV] Vulnerability in Connectwise screenconnect (CVE-2024-1709)
vulnerability in Connectwise screenconnect (CVE-2024-1709). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-6255 |
|
Vulnerability in utarit (CVE-2023-6255)
vulnerability in utarit (CVE-2023-6255). Confidential information can be exposed externally.
|
| CVE-2023-4993 |
|
Vulnerability in utarit (CVE-2023-4993)
vulnerability in utarit (CVE-2023-4993). Confidential information can be exposed externally.
|
| CVE-2020-3259 KEV |
|
[KEV] Information Disclosure in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3259)
vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3259). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-21410 KEV |
|
[KEV] Authentication Bypass in Microsoft exchange-server (CVE-2024-21410)
authentication bypass in Microsoft exchange-server (CVE-2024-21410). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-20673 |
|
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
|
| CVE-2024-21412 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2024-21412)
vulnerability in Microsoft windows (CVE-2024-21412). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-21351 KEV |
|
[KEV] Code Injection in Microsoft windows (CVE-2024-21351)
code injection in Microsoft windows (CVE-2024-21351). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-43770 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2023-43770)
cross-site scripting in Roundcube webmail (CVE-2023-43770). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-21490 |
|
Vulnerability in angular (CVE-2024-21490)
vulnerability in angular (CVE-2024-21490). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-6724 |
|
Vulnerability in simgesel (CVE-2023-6724)
vulnerability in simgesel (CVE-2023-6724). Successful exploitation can lead to full system takeover.
|
| CVE-2024-21762 KEV |
|
[KEV] Out-of-Bounds Write in Fortinet fortios (CVE-2024-21762)
out-of-bounds write in Fortinet fortios (CVE-2024-21762). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-6519 |
|
Vulnerability in miateknoloji (CVE-2023-6519)
vulnerability in miateknoloji (CVE-2023-6519). Confidential information can be exposed externally.
|
| CVE-2023-6518 |
|
Vulnerability in miateknoloji (CVE-2023-6518)
vulnerability in miateknoloji (CVE-2023-6518). Confidential information can be exposed externally.
|
| CVE-2023-6517 |
|
Vulnerability in miateknoloji (CVE-2023-6517)
vulnerability in miateknoloji (CVE-2023-6517). Confidential information can be exposed externally.
|
| CVE-2023-6515 |
|
Vulnerability in miateknoloji (CVE-2023-6515)
vulnerability in miateknoloji (CVE-2023-6515). Successful exploitation can lead to full system takeover.
|
| CVE-2023-46360 |
|
Vulnerability in hardy-barth (CVE-2023-46360)
vulnerability in hardy-barth (CVE-2023-46360). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4762 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2023-4762)
vulnerability in Google chromium-v8 (CVE-2023-4762). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-50781 |
|
Vulnerability in redhat (CVE-2023-50781)
vulnerability in redhat (CVE-2023-50781). Confidential information can be exposed externally.
|
| CVE-2023-6676 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-6676)
vulnerability in csrf (CVE-2023-6676). Successful exploitation can lead to full system takeover.
|
| CVE-2024-22903 |
|
Command Injection in vinchin (CVE-2024-22903)
command injection in vinchin (CVE-2024-22903). Successful exploitation can lead to full system takeover.
|
| CVE-2024-22900 |
|
Command Injection in vinchin (CVE-2024-22900)
command injection in vinchin (CVE-2024-22900). Successful exploitation can lead to full system takeover.
|
| CVE-2024-22899 |
|
Code Injection in vinchin (CVE-2024-22899)
code injection in vinchin (CVE-2024-22899). Successful exploitation can lead to full system takeover.
|
| CVE-2024-21626 |
|
Vulnerability in linuxfoundation (CVE-2024-21626)
vulnerability in linuxfoundation (CVE-2024-21626). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6246 |
|
Vulnerability in privilege-escalation (CVE-2023-6246)
vulnerability in privilege-escalation (CVE-2023-6246). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6779 |
|
Vulnerability in gnu (CVE-2023-6779)
vulnerability in gnu (CVE-2023-6779). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-23775 |
|
Vulnerability in dos (CVE-2024-23775)
vulnerability in dos (CVE-2024-23775). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-48618 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2022-48618)
vulnerability in Apple multiple-products (CVE-2022-48618). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-21893 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Ivanti connect-secure (CVE-2024-21893)
SSRF in Ivanti connect-secure (CVE-2024-21893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-21488 |
|
Command Injection in forkhq (CVE-2024-21488)
command injection in forkhq (CVE-2024-21488). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-40548 |
|
Vulnerability in redhat (CVE-2023-40548)
vulnerability in redhat (CVE-2023-40548). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6919 |
|
Vulnerability in c (CVE-2023-6919)
vulnerability in c (CVE-2023-6919). Confidential information can be exposed externally.
|
| CVE-2023-52356 |
|
Vulnerability in dos (CVE-2023-52356)
vulnerability in dos (CVE-2023-52356). Risk of unauthorized operations or information disclosure.
|