Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-43303 |
|
Vulnerability in linecorp (CVE-2023-43303)
vulnerability in linecorp (CVE-2023-43303). Confidential information can be exposed externally.
|
| CVE-2023-41266 KEV |
|
[KEV] Vulnerability in Qlik sense (CVE-2023-41266)
vulnerability in Qlik sense (CVE-2023-41266). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41265 KEV |
|
[KEV] Vulnerability in Qlik sense (CVE-2023-41265)
vulnerability in Qlik sense (CVE-2023-41265). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33063 KEV |
|
[KEV] Use-After-Free in :linux_kernel:Qualcomm (CVE-2023-33063)
vulnerability in :linux_kernel:Qualcomm (CVE-2023-33063). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2023-12-05` or later.
|
| CVE-2023-33107 KEV |
|
[KEV] Vulnerability in Qualcomm multiple-chipsets (CVE-2023-33107)
vulnerability in Qualcomm multiple-chipsets (CVE-2023-33107). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33106 KEV |
|
[KEV] Vulnerability in Qualcomm multiple-chipsets (CVE-2023-33106)
vulnerability in Qualcomm multiple-chipsets (CVE-2023-33106). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-22071 KEV |
|
[KEV] Use-After-Free in Qualcomm multiple-chipsets (CVE-2022-22071)
vulnerability in Qualcomm multiple-chipsets (CVE-2022-22071). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-42917 KEV |
|
[KEV] Out-of-Bounds Write in Apple java (CVE-2023-42917)
out-of-bounds write in Apple java (CVE-2023-42917). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
|
| CVE-2023-42916 KEV |
|
[KEV] Out-of-Bounds Read in Apple multiple-products (CVE-2023-42916)
vulnerability in Apple multiple-products (CVE-2023-42916). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-5637 |
|
Unrestricted File Upload in arslansoft-education-portal-project (CVE-2023-5637)
vulnerability in arslansoft-education-portal-project (CVE-2023-5637). Confidential information can be exposed externally.
|
| CVE-2023-5635 |
|
Vulnerability in arslansoft-education-portal-project (CVE-2023-5635)
vulnerability in arslansoft-education-portal-project (CVE-2023-5635). Confidential information can be exposed externally.
|
| CVE-2023-49081 |
|
Vulnerability in aiohttp (CVE-2023-49081)
vulnerability in aiohttp (CVE-2023-49081). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-6345 KEV |
|
[KEV] Vulnerability in Google chromium-skia (CVE-2023-6345)
vulnerability in Google chromium-skia (CVE-2023-6345). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-49103 KEV |
|
[KEV] Vulnerability in owncloud (CVE-2023-49103)
vulnerability in owncloud (CVE-2023-49103). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-24294 |
|
Vulnerability in zumtobel (CVE-2023-24294)
vulnerability in zumtobel (CVE-2023-24294). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-6201 |
|
OS Command Injection in univera (CVE-2023-6201)
OS command injection in univera (CVE-2023-6201). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6150 |
|
Privilege Escalation in eskom (CVE-2023-6150)
vulnerability in eskom (CVE-2023-6150). Confidential information can be exposed externally.
|
| CVE-2023-6151 |
|
Privilege Escalation in eskom (CVE-2023-6151)
vulnerability in eskom (CVE-2023-6151). Confidential information can be exposed externally.
|
| CVE-2023-6118 |
|
Path Traversal in path-traversal (CVE-2023-6118)
path traversal in path-traversal (CVE-2023-6118). Confidential information can be exposed externally.
|
| CVE-2023-48105 |
|
Out-of-Bounds Write in c (CVE-2023-48105)
out-of-bounds write in c (CVE-2023-48105). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-5983 |
|
Information Disclosure in botanikyazilim (CVE-2023-5983)
vulnerability in botanikyazilim (CVE-2023-5983). Confidential information can be exposed externally.
|
| CVE-2023-5921 |
|
Vulnerability in decesoftware (CVE-2023-5921)
vulnerability in decesoftware (CVE-2023-5921). Confidential information can be exposed externally.
|
| CVE-2023-48192 |
|
Code Injection in totolink (CVE-2023-48192)
code injection in totolink (CVE-2023-48192). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4911 KEV |
|
[KEV] Vulnerability in Gnu c (CVE-2023-4911)
vulnerability in Gnu c (CVE-2023-4911). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2023-48238 |
|
Vulnerability in json-web-token (CVE-2023-48238)
vulnerability in json-web-token (CVE-2023-48238). Data can be tampered with by attackers. Exploitable via ``decode``. Mitigation: upgrade to `4.0.0` or later.
|
| CVE-2023-48056 |
|
Vulnerability in pypinksign (CVE-2023-48056)
vulnerability in pypinksign (CVE-2023-48056). Confidential information can be exposed externally.
|
| CVE-2023-36584 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-36584)
vulnerability in Microsoft windows (CVE-2023-36584). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-1671 KEV |
|
[KEV] Command Injection in Sophos web-appliance (CVE-2023-1671)
command injection in Sophos web-appliance (CVE-2023-1671). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-2551 KEV |
|
[KEV] Vulnerability in Oracle fusion-middleware (CVE-2020-2551)
vulnerability in Oracle fusion-middleware (CVE-2020-2551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36033 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-36033)
vulnerability in Microsoft windows (CVE-2023-36033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36025 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-36025)
vulnerability in Microsoft windows (CVE-2023-36025). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36036 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-36036)
vulnerability in Microsoft windows (CVE-2023-36036). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-47246 KEV |
|
[KEV] Path Traversal in sysaid (CVE-2023-47246)
path traversal in sysaid (CVE-2023-47246). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36844 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2023-36844)
vulnerability in Juniper junos-os (CVE-2023-36844). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36845 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2023-36845)
vulnerability in Juniper junos-os (CVE-2023-36845). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36846 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2023-36846)
vulnerability in Juniper junos-os (CVE-2023-36846). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36847 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2023-36847)
vulnerability in Juniper junos-os (CVE-2023-36847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36851 KEV |
|
[KEV] Vulnerability in Juniper junos-os (CVE-2023-36851)
vulnerability in Juniper junos-os (CVE-2023-36851). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-29552 KEV |
|
[KEV] Vulnerability in Ietf service-location-protocol-slp (CVE-2023-29552)
vulnerability in Ietf service-location-protocol-slp (CVE-2023-29552). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-47360 |
|
Vulnerability in videolan (CVE-2023-47360)
vulnerability in videolan (CVE-2023-47360). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-22518 KEV |
|
[KEV] Authorization Flaw in Atlassian confluence-data-center-and-server (CVE-2023-22518)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22518). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-43336 |
|
Vulnerability in sangoma (CVE-2023-43336)
vulnerability in sangoma (CVE-2023-43336). Successful exploitation can lead to full system takeover.
|
| CVE-2023-46604 KEV |
|
[KEV] Unsafe Deserialization in Apache activemq (CVE-2023-46604)
vulnerability in Apache activemq (CVE-2023-46604). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-46748 KEV |
|
[KEV] SQL Injection in F5 big-ip-configuration-utility (CVE-2023-46748)
SQL injection in F5 big-ip-configuration-utility (CVE-2023-46748). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-46747 KEV |
|
[KEV] Vulnerability in F5 big-ip-configuration-utility (CVE-2023-46747)
vulnerability in F5 big-ip-configuration-utility (CVE-2023-46747). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-5443 |
|
Vulnerability in e-invoice-project (CVE-2023-5443)
vulnerability in e-invoice-project (CVE-2023-5443). Confidential information can be exposed externally.
|
| CVE-2023-5570 |
|
Vulnerability in inohom (CVE-2023-5570)
vulnerability in inohom (CVE-2023-5570). Confidential information can be exposed externally.
|
| CVE-2023-5631 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2023-5631)
cross-site scripting in Roundcube webmail (CVE-2023-5631). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-5367 |
|
Out-of-Bounds Write in c (CVE-2023-5367)
out-of-bounds write in c (CVE-2023-5367). Successful exploitation can lead to full system takeover.
|
| CVE-2023-5574 |
|
Use-After-Free in dos (CVE-2023-5574)
vulnerability in dos (CVE-2023-5574). Successful exploitation can lead to full system takeover.
|