Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2023-36761 KEV [KEV] Vulnerability in Microsoft word (CVE-2023-36761)
vulnerability in Microsoft word (CVE-2023-36761). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36802 KEV [KEV] Use-After-Free in Microsoft streaming-service-proxy (CVE-2023-36802)
vulnerability in Microsoft streaming-service-proxy (CVE-2023-36802). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41064 KEV [KEV] Vulnerability in Apple ios (CVE-2023-41064)
vulnerability in Apple ios (CVE-2023-41064). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41061 KEV [KEV] Vulnerability in Apple ios (CVE-2023-41061)
vulnerability in Apple ios (CVE-2023-41061). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-40271 Vulnerability in trustedfirmware (CVE-2023-40271)
vulnerability in trustedfirmware (CVE-2023-40271). Data can be tampered with by attackers.
CVE-2023-33246 KEV [KEV] Code Injection in Apache rocketmq (CVE-2023-33246)
code injection in Apache rocketmq (CVE-2023-33246). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-4781 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
CVE-2023-3375 Unrestricted File Upload in bookreen (CVE-2023-3375)
vulnerability in bookreen (CVE-2023-3375). Successful exploitation can lead to full system takeover.
CVE-2023-4733 Use After Free in GitHub repository vim/vim prior to 9.0.1840.
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
CVE-2023-4750 Use After Free in GitHub repository vim/vim prior to 9.0.1857.
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
CVE-2023-4736 Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.
CVE-2023-4735 Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.
CVE-2023-4734 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.
CVE-2023-36088 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-36088)
SSRF in ssrf (CVE-2023-36088). Confidential information can be exposed externally.
CVE-2023-39810 An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.
An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.
CVE-2023-32079 Vulnerability in netmaker (CVE-2023-32079)
vulnerability in netmaker (CVE-2023-32079). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.17.1` or later.
CVE-2023-32078 Vulnerability in netmaker (CVE-2023-32078)
vulnerability in netmaker (CVE-2023-32078). Data can be tampered with by attackers. Mitigation: upgrade to `0.17.1` or later.
CVE-2023-32077 Vulnerability in github.com/gravitl/netmaker (CVE-2023-32077)
vulnerability in github.com/gravitl/netmaker (CVE-2023-32077). Confidential information can be exposed externally. Mitigation: upgrade to `0.17.1` or later.
CVE-2023-38831 KEV [KEV] Vulnerability in Rarlab winrar (CVE-2023-38831)
vulnerability in Rarlab winrar (CVE-2023-38831). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-32315 KEV [KEV] Path Traversal in Ignite realtime ignite-realtime (CVE-2023-32315)
path traversal in Ignite realtime ignite-realtime (CVE-2023-32315). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-38035 KEV [KEV] Authorization Flaw in Ivanti sentry (CVE-2023-38035)
vulnerability in Ivanti sentry (CVE-2023-38035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-27532 KEV [KEV] Vulnerability in Veeam backup-replication (CVE-2023-27532)
vulnerability in Veeam backup-replication (CVE-2023-27532). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-38836 Unrestricted File Upload in boidcms (CVE-2023-38836)
vulnerability in boidcms (CVE-2023-38836). Successful exploitation can lead to full system takeover.
CVE-2023-38899 SQL Injection in sqli (CVE-2023-38899)
SQL injection in sqli (CVE-2023-38899). Successful exploitation can lead to full system takeover.
CVE-2023-39785 Out-of-Bounds Write in tenda (CVE-2023-39785)
out-of-bounds write in tenda (CVE-2023-39785). Risk of unauthorized operations or information disclosure.
CVE-2023-39786 Out-of-Bounds Write in tenda (CVE-2023-39786)
out-of-bounds write in tenda (CVE-2023-39786). Risk of unauthorized operations or information disclosure.
CVE-2023-39784 Out-of-Bounds Write in tenda (CVE-2023-39784)
out-of-bounds write in tenda (CVE-2023-39784). Risk of unauthorized operations or information disclosure.
CVE-2023-26359 KEV [KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2023-26359)
vulnerability in Adobe coldfusion (CVE-2023-26359). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-38838 SQL Injection in sqli (CVE-2023-38838)
SQL injection in sqli (CVE-2023-38838). Confidential information can be exposed externally.
CVE-2023-24489 KEV [KEV] Vulnerability in Citrix content-collaboration (CVE-2023-24489)
vulnerability in Citrix content-collaboration (CVE-2023-24489). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-30188 Vulnerability in dos (CVE-2023-30188)
vulnerability in dos (CVE-2023-30188). Risk of unauthorized operations or information disclosure.
CVE-2023-33469 Code Injection in kramerav (CVE-2023-33469)
code injection in kramerav (CVE-2023-33469). Successful exploitation can lead to full system takeover.
CVE-2023-39003 Vulnerability in opnsense (CVE-2023-39003)
vulnerability in opnsense (CVE-2023-39003). Confidential information can be exposed externally.
CVE-2023-38180 KEV [KEV] Vulnerability in Microsoft net-core-and-visual-studio (CVE-2023-38180)
vulnerability in Microsoft net-core-and-visual-studio (CVE-2023-38180). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-39086 ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext.
ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext.
CVE-2023-36897 Visual Studio Tools for Office Runtime Spoofing Vulnerability
Visual Studio Tools for Office Runtime Spoofing Vulnerability
CVE-2023-37646 Path Traversal in path-traversal (CVE-2023-37646)
path traversal in path-traversal (CVE-2023-37646). Successful exploitation can lead to full system takeover.
CVE-2023-37687 SQL Injection in phpgurukul (CVE-2023-37687)
SQL injection in phpgurukul (CVE-2023-37687). Successful exploitation can lead to full system takeover.
CVE-2017-18368 KEV [KEV] OS Command Injection in Zyxel p660hn-t1a-routers (CVE-2017-18368)
OS command injection in Zyxel p660hn-t1a-routers (CVE-2017-18368). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-38952 Vulnerability in zkteco (CVE-2023-38952)
vulnerability in zkteco (CVE-2023-38952). Confidential information can be exposed externally.
CVE-2023-38949 Vulnerability in zkteco (CVE-2023-38949)
vulnerability in zkteco (CVE-2023-38949). Data can be tampered with by attackers.
CVE-2023-36255 Code Injection in eramba (CVE-2023-36255)
code injection in eramba (CVE-2023-36255). Successful exploitation can lead to full system takeover.
CVE-2023-38955 Vulnerability in zkteco (CVE-2023-38955)
vulnerability in zkteco (CVE-2023-38955). Confidential information can be exposed externally.
CVE-2023-38956 Path Traversal in path-traversal (CVE-2023-38956)
path traversal in path-traversal (CVE-2023-38956). Confidential information can be exposed externally.
CVE-2023-34552 Out-of-Bounds Write in c (CVE-2023-34552)
out-of-bounds write in c (CVE-2023-34552). Successful exploitation can lead to full system takeover.
CVE-2023-34551 Out-of-Bounds Write in c (CVE-2023-34551)
out-of-bounds write in c (CVE-2023-34551). Successful exploitation can lead to full system takeover.
CVE-2023-35081 KEV [KEV] Path Traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081)
path traversal in Ivanti endpoint-manager-mobile-epmm (CVE-2023-35081). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-22623 Path Traversal in path-traversal (CVE-2020-22623)
path traversal in path-traversal (CVE-2020-22623). Confidential information can be exposed externally.
CVE-2023-37580 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2023-37580)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2023-37580). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-26911 Vulnerability in asus (CVE-2023-26911)
vulnerability in asus (CVE-2023-26911). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →