Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2023-40547 Out-of-Bounds Write in redhat (CVE-2023-40547)
out-of-bounds write in redhat (CVE-2023-40547). Successful exploitation can lead to full system takeover.
CVE-2023-22527 KEV [KEV] Vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22527)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22527). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-23222 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2024-23222)
vulnerability in Apple multiple-products (CVE-2024-23222). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-24135 Command Injection in jensenofscandinavia (CVE-2023-24135)
command injection in jensenofscandinavia (CVE-2023-24135). Successful exploitation can lead to full system takeover.
CVE-2024-21484 Vulnerability in kjur (CVE-2024-21484)
vulnerability in kjur (CVE-2024-21484). Confidential information can be exposed externally.
CVE-2023-34048 KEV [KEV] Out-of-Bounds Write in Vmware vcenter-server (CVE-2023-34048)
out-of-bounds write in Vmware vcenter-server (CVE-2023-34048). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-23744 Vulnerability in trustedfirmware (CVE-2024-23744)
vulnerability in trustedfirmware (CVE-2024-23744). Risk of unauthorized operations or information disclosure.
CVE-2023-51926 Vulnerability in yonyou (CVE-2023-51926)
vulnerability in yonyou (CVE-2023-51926). Confidential information can be exposed externally.
CVE-2023-35082 KEV [KEV] Authentication Bypass in Ivanti endpoint-manager-mobile-epmm-and-mobileiron-core (CVE-2023-35082)
authentication bypass in Ivanti endpoint-manager-mobile-epmm-and-mobileiron-core (CVE-2023-35082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-0519 KEV [KEV] Out-of-Bounds Write in Google chromium-v8 (CVE-2024-0519)
out-of-bounds write in Google chromium-v8 (CVE-2024-0519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6549 KEV [KEV] Buffer Overflow in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6549)
vulnerability in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6549). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6548 KEV [KEV] Code Injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6548)
code injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-6548). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-51810 SQL Injection in sqli (CVE-2023-51810)
SQL injection in sqli (CVE-2023-51810). Confidential information can be exposed externally.
CVE-2018-15133 KEV [KEV] Unsafe Deserialization in laravel (CVE-2018-15133)
vulnerability in laravel (CVE-2018-15133). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46474 Unrestricted File Upload in sigb (CVE-2023-46474)
vulnerability in sigb (CVE-2023-46474). Successful exploitation can lead to full system takeover.
CVE-2023-29357 KEV [KEV] Vulnerability in Microsoft sharepoint-server (CVE-2023-29357)
vulnerability in Microsoft sharepoint-server (CVE-2023-29357). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46805 KEV [KEV] Authentication Bypass in Ivanti connect-secure-and-policy-secure (CVE-2023-46805)
authentication bypass in Ivanti connect-secure-and-policy-secure (CVE-2023-46805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21887 KEV [KEV] Command Injection in Ivanti connect-secure-and-policy-secure (CVE-2024-21887)
command injection in Ivanti connect-secure-and-policy-secure (CVE-2024-21887). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-27098 TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.
TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.
CVE-2023-47890 pyLoad 0.5.0 is vulnerable to Unrestricted File Upload.
pyLoad 0.5.0 is vulnerable to Unrestricted File Upload.
CVE-2023-23752 KEV [KEV] Vulnerability in Joomla! joomla (CVE-2023-23752)
vulnerability in Joomla! joomla (CVE-2023-23752). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-20017 KEV [KEV] Command Injection in D-link dsl-2750b-devices (CVE-2016-20017)
command injection in D-link dsl-2750b-devices (CVE-2016-20017). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41990 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2023-41990)
vulnerability in Apple multiple-products (CVE-2023-41990). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-27524 KEV [KEV] Vulnerability in Apache superset (CVE-2023-27524)
vulnerability in Apache superset (CVE-2023-27524). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-29300 KEV [KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2023-29300)
vulnerability in Adobe coldfusion (CVE-2023-29300). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-38203 KEV [KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2023-38203)
vulnerability in Adobe coldfusion (CVE-2023-38203). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-0241 Vulnerability in rails (CVE-2024-0241)
vulnerability in rails (CVE-2024-0241). Risk of unauthorized operations or information disclosure.
CVE-2023-45559 Vulnerability in linecorp (CVE-2023-45559)
vulnerability in linecorp (CVE-2023-45559). Confidential information can be exposed externally.
CVE-2023-37607 Path Traversal in path-traversal (CVE-2023-37607)
path traversal in path-traversal (CVE-2023-37607). Confidential information can be exposed externally.
CVE-2023-37608 Vulnerability in automaticsystems (CVE-2023-37608)
vulnerability in automaticsystems (CVE-2023-37608). Confidential information can be exposed externally.
CVE-2024-0193 Use-After-Free in redhat (CVE-2024-0193)
vulnerability in redhat (CVE-2024-0193). Successful exploitation can lead to full system takeover.
CVE-2023-7101 KEV [KEV] Vulnerability in Spreadsheet::parseexcel spreadsheetparseexcel (CVE-2023-7101)
vulnerability in Spreadsheet::parseexcel spreadsheetparseexcel (CVE-2023-7101). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-7024 KEV [KEV] Out-of-Bounds Write in Google chromium-webrtc (CVE-2023-7024)
out-of-bounds write in Google chromium-webrtc (CVE-2023-7024). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46987 Code Injection in seacms (CVE-2023-46987)
code injection in seacms (CVE-2023-46987). Successful exploitation can lead to full system takeover.
CVE-2023-51767 Vulnerability in openbsd (CVE-2023-51767)
vulnerability in openbsd (CVE-2023-51767). Successful exploitation can lead to full system takeover.
CVE-2023-49897 KEV [KEV] OS Command Injection in Fxc ae1021 (CVE-2023-49897)
OS command injection in Fxc ae1021 (CVE-2023-49897). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-47565 KEV [KEV] OS Command Injection in Qnap viostor-nvr (CVE-2023-47565)
OS command injection in Qnap viostor-nvr (CVE-2023-47565). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6931 Out-of-Bounds Write in privilege-escalation (CVE-2023-6931)
out-of-bounds write in privilege-escalation (CVE-2023-6931). Successful exploitation can lead to full system takeover.
CVE-2023-6932 Use-After-Free in privilege-escalation (CVE-2023-6932)
vulnerability in privilege-escalation (CVE-2023-6932). Successful exploitation can lead to full system takeover.
CVE-2023-6817 Use-After-Free in privilege-escalation (CVE-2023-6817)
vulnerability in privilege-escalation (CVE-2023-6817). Successful exploitation can lead to full system takeover.
CVE-2023-47326 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47326)
vulnerability in csrf (CVE-2023-47326). Successful exploitation can lead to full system takeover.
CVE-2023-47323 Vulnerability in silverpeas (CVE-2023-47323)
vulnerability in silverpeas (CVE-2023-47323). Confidential information can be exposed externally.
CVE-2023-47322 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47322)
vulnerability in csrf (CVE-2023-47322). Successful exploitation can lead to full system takeover.
CVE-2023-47320 Authorization Flaw in silverpeas (CVE-2023-47320)
vulnerability in silverpeas (CVE-2023-47320). Data can be tampered with by attackers.
CVE-2023-6478 Vulnerability in xorg (CVE-2023-6478)
vulnerability in xorg (CVE-2023-6478). Confidential information can be exposed externally.
CVE-2023-6377 Out-of-Bounds Read in privilege-escalation (CVE-2023-6377)
vulnerability in privilege-escalation (CVE-2023-6377). Successful exploitation can lead to full system takeover.
CVE-2023-6448 KEV [KEV] Vulnerability in Unitronics vision-plc-and-hmi (CVE-2023-6448)
vulnerability in Unitronics vision-plc-and-hmi (CVE-2023-6448). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33412 Vulnerability in supermicro (CVE-2023-33412)
vulnerability in supermicro (CVE-2023-33412). Successful exploitation can lead to full system takeover.
CVE-2023-33413 Vulnerability in supermicro (CVE-2023-33413)
vulnerability in supermicro (CVE-2023-33413). Successful exploitation can lead to full system takeover.
CVE-2023-33411 Path Traversal in path-traversal (CVE-2023-33411)
path traversal in path-traversal (CVE-2023-33411). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →