Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-32373 KEV |
|
[KEV] Use-After-Free in Apple multiple-products (CVE-2023-32373)
vulnerability in Apple multiple-products (CVE-2023-32373). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2004-1464 KEV |
|
[KEV] Vulnerability in Cisco ios (CVE-2004-1464)
vulnerability in Cisco ios (CVE-2004-1464). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-6415 KEV |
|
[KEV] Information Disclosure in Cisco ios (CVE-2016-6415)
vulnerability in Cisco ios (CVE-2016-6415). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-21492 KEV |
|
[KEV] Vulnerability in Samsung mobile-devices (CVE-2023-21492)
vulnerability in Samsung mobile-devices (CVE-2023-21492). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-23446 |
|
Vulnerability in sick (CVE-2023-23446)
vulnerability in sick (CVE-2023-23446). Confidential information can be exposed externally.
|
| CVE-2023-23445 |
|
Vulnerability in sick (CVE-2023-23445)
vulnerability in sick (CVE-2023-23445). Confidential information can be exposed externally.
|
| CVE-2023-23447 |
|
Vulnerability in sick (CVE-2023-23447)
vulnerability in sick (CVE-2023-23447). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-47879 |
|
Code Injection in jedox (CVE-2022-47879)
code injection in jedox (CVE-2022-47879). Successful exploitation can lead to full system takeover.
|
| CVE-2023-25717 KEV |
|
[KEV] Code Injection in Ruckus wireless ruckus-wireless (CVE-2023-25717)
code injection in Ruckus wireless ruckus-wireless (CVE-2023-25717). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-3560 KEV |
|
[KEV] Authorization Flaw in Red hat red-hat (CVE-2021-3560)
vulnerability in Red hat red-hat (CVE-2021-3560). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-0196 KEV |
|
[KEV] Vulnerability in Linux kernel (CVE-2014-0196)
vulnerability in Linux kernel (CVE-2014-0196). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-3904 KEV |
|
[KEV] Vulnerability in Linux kernel (CVE-2010-3904)
vulnerability in Linux kernel (CVE-2010-3904). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-5317 KEV |
|
[KEV] Information Disclosure in jenkins (CVE-2015-5317)
vulnerability in jenkins (CVE-2015-5317). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3427 KEV |
|
[KEV] Vulnerability in Oracle java-se-and-jrockit (CVE-2016-3427)
vulnerability in Oracle java-se-and-jrockit (CVE-2016-3427). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-8735 KEV |
|
[KEV] Vulnerability in Apache tomcat (CVE-2016-8735)
vulnerability in Apache tomcat (CVE-2016-8735). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-2610 |
|
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.
|
| CVE-2023-30056 |
|
Vulnerability in fico (CVE-2023-30056)
vulnerability in fico (CVE-2023-30056). Data can be tampered with by attackers.
|
| CVE-2023-29335 |
|
Microsoft Word Security Feature Bypass Vulnerability
Microsoft Word Security Feature Bypass Vulnerability
|
| CVE-2023-30237 |
|
Vulnerability in cyberghostvpn (CVE-2023-30237)
vulnerability in cyberghostvpn (CVE-2023-30237). Successful exploitation can lead to full system takeover.
|
| CVE-2021-44283 |
|
Vulnerability in cpp (CVE-2021-44283)
vulnerability in cpp (CVE-2021-44283). Confidential information can be exposed externally.
|
| CVE-2023-29336 KEV |
|
[KEV] Use-After-Free in Microsoft win32k (CVE-2023-29336)
vulnerability in Microsoft win32k (CVE-2023-29336). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-30243 |
|
SQL Injection in sqli (CVE-2023-30243)
SQL injection in sqli (CVE-2023-30243). Confidential information can be exposed externally.
|
| CVE-2023-1389 KEV |
|
[KEV] Command Injection in Tp-link archer-ax21 (CVE-2023-1389)
command injection in Tp-link archer-ax21 (CVE-2023-1389). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-45046 KEV |
|
[KEV] Vulnerability in Apache log4j2 (CVE-2021-45046)
vulnerability in Apache log4j2 (CVE-2021-45046). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-21839 KEV |
|
[KEV] Vulnerability in Oracle weblogic-server (CVE-2023-21839)
vulnerability in Oracle weblogic-server (CVE-2023-21839). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-2377 |
|
Vulnerability in ui (CVE-2023-2377)
vulnerability in ui (CVE-2023-2377). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2378 |
|
Vulnerability in ui (CVE-2023-2378)
vulnerability in ui (CVE-2023-2378). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2376 |
|
Vulnerability in ui (CVE-2023-2376)
vulnerability in ui (CVE-2023-2376). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2375 |
|
Vulnerability in ui (CVE-2023-2375)
vulnerability in ui (CVE-2023-2375). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2373 |
|
Vulnerability in ui (CVE-2023-2373)
vulnerability in ui (CVE-2023-2373). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2374 |
|
Vulnerability in ui (CVE-2023-2374)
vulnerability in ui (CVE-2023-2374). Successful exploitation can lead to full system takeover.
|
| CVE-2022-38583 |
|
Vulnerability in sage (CVE-2022-38583)
vulnerability in sage (CVE-2022-38583). Successful exploitation can lead to full system takeover.
|
| CVE-2023-26244 |
|
Privilege Escalation in hyundai (CVE-2023-26244)
vulnerability in hyundai (CVE-2023-26244). Successful exploitation can lead to full system takeover.
|
| CVE-2023-26243 |
|
Path Traversal in hyundai (CVE-2023-26243)
path traversal in hyundai (CVE-2023-26243). Successful exploitation can lead to full system takeover.
|
| CVE-2023-26245 |
|
Privilege Escalation in hyundai (CVE-2023-26245)
vulnerability in hyundai (CVE-2023-26245). Successful exploitation can lead to full system takeover.
|
| CVE-2023-26246 |
|
Privilege Escalation in hyundai (CVE-2023-26246)
vulnerability in hyundai (CVE-2023-26246). Successful exploitation can lead to full system takeover.
|
| CVE-2022-27978 |
|
Vulnerability in tooljet (CVE-2022-27978)
vulnerability in tooljet (CVE-2022-27978). Data can be tampered with by attackers.
|
| CVE-2023-26735 |
|
SSRF (Server-Side Request Forgery) in prometheus (CVE-2023-26735)
SSRF in prometheus (CVE-2023-26735). Confidential information can be exposed externally.
|
| CVE-2023-28432 KEV |
|
[KEV] Information Disclosure in minio (CVE-2023-28432)
vulnerability in minio (CVE-2023-28432). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-27350 KEV |
|
[KEV] Vulnerability in Papercut mfng (CVE-2023-27350)
vulnerability in Papercut mfng (CVE-2023-27350). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-2136 KEV |
|
[KEV] Vulnerability in Google platform/external/skia (CVE-2023-2136)
vulnerability in Google platform/external/skia (CVE-2023-2136). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `13:2023-07-01` or later.
|
| CVE-2017-6742 KEV |
|
[KEV] Buffer Overflow in Cisco ios-and-ios-xe-software (CVE-2017-6742)
vulnerability in Cisco ios-and-ios-xe-software (CVE-2017-6742). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-8526 KEV |
|
[KEV] Use-After-Free in Apple macos (CVE-2019-8526)
vulnerability in Apple macos (CVE-2019-8526). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-2033 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2023-2033)
vulnerability in Google chromium-v8 (CVE-2023-2033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-20963 KEV |
|
[KEV] Vulnerability in Android platform/frameworks/base (CVE-2023-20963)
vulnerability in Android platform/frameworks/base (CVE-2023-20963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `13:2023-03-01` or later.
|
| CVE-2023-29492 KEV |
|
[KEV] Code Injection in Novi survey novi-survey (CVE-2023-29492)
code injection in Novi survey novi-survey (CVE-2023-29492). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-27216 |
|
OS Command Injection in dlink (CVE-2023-27216)
OS command injection in dlink (CVE-2023-27216). Successful exploitation can lead to full system takeover.
|
| CVE-2023-28252 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2023-28252)
vulnerability in Microsoft windows (CVE-2023-28252). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28205 KEV |
|
[KEV] Use-After-Free in Apple multiple-products (CVE-2023-28205)
vulnerability in Apple multiple-products (CVE-2023-28205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-28206 KEV |
|
[KEV] Out-of-Bounds Write in Apple ios (CVE-2023-28206)
out-of-bounds write in Apple ios (CVE-2023-28206). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|