Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2023-43303 Vulnerability in linecorp (CVE-2023-43303)
vulnerability in linecorp (CVE-2023-43303). Confidential information can be exposed externally.
CVE-2023-41266 KEV [KEV] Vulnerability in Qlik sense (CVE-2023-41266)
vulnerability in Qlik sense (CVE-2023-41266). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41265 KEV [KEV] Vulnerability in Qlik sense (CVE-2023-41265)
vulnerability in Qlik sense (CVE-2023-41265). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33107 KEV [KEV] Vulnerability in Qualcomm multiple-chipsets (CVE-2023-33107)
vulnerability in Qualcomm multiple-chipsets (CVE-2023-33107). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33106 KEV [KEV] Vulnerability in Qualcomm multiple-chipsets (CVE-2023-33106)
vulnerability in Qualcomm multiple-chipsets (CVE-2023-33106). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33063 KEV [KEV] Use-After-Free in :linux_kernel:Qualcomm (CVE-2023-33063)
vulnerability in :linux_kernel:Qualcomm (CVE-2023-33063). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2023-12-05` or later.
CVE-2022-22071 KEV [KEV] Use-After-Free in Qualcomm multiple-chipsets (CVE-2022-22071)
vulnerability in Qualcomm multiple-chipsets (CVE-2022-22071). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-42917 KEV [KEV] Out-of-Bounds Write in Apple java (CVE-2023-42917)
out-of-bounds write in Apple java (CVE-2023-42917). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.8.0, 8.0.411` or later.
CVE-2023-42916 KEV [KEV] Out-of-Bounds Read in Apple multiple-products (CVE-2023-42916)
vulnerability in Apple multiple-products (CVE-2023-42916). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-5637 Unrestricted File Upload in arslansoft-education-portal-project (CVE-2023-5637)
vulnerability in arslansoft-education-portal-project (CVE-2023-5637). Confidential information can be exposed externally.
CVE-2023-5635 Vulnerability in arslansoft-education-portal-project (CVE-2023-5635)
vulnerability in arslansoft-education-portal-project (CVE-2023-5635). Confidential information can be exposed externally.
CVE-2023-49081 Vulnerability in aiohttp (CVE-2023-49081)
vulnerability in aiohttp (CVE-2023-49081). Risk of unauthorized operations or information disclosure.
CVE-2023-6345 KEV [KEV] Vulnerability in Google chromium-skia (CVE-2023-6345)
vulnerability in Google chromium-skia (CVE-2023-6345). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-49103 KEV [KEV] Vulnerability in owncloud (CVE-2023-49103)
vulnerability in owncloud (CVE-2023-49103). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-24294 Vulnerability in zumtobel (CVE-2023-24294)
vulnerability in zumtobel (CVE-2023-24294). Risk of unauthorized operations or information disclosure.
CVE-2023-6201 OS Command Injection in univera (CVE-2023-6201)
OS command injection in univera (CVE-2023-6201). Successful exploitation can lead to full system takeover.
CVE-2023-6151 Privilege Escalation in eskom (CVE-2023-6151)
vulnerability in eskom (CVE-2023-6151). Confidential information can be exposed externally.
CVE-2023-6150 Privilege Escalation in eskom (CVE-2023-6150)
vulnerability in eskom (CVE-2023-6150). Confidential information can be exposed externally.
CVE-2023-6118 Path Traversal in path-traversal (CVE-2023-6118)
path traversal in path-traversal (CVE-2023-6118). Confidential information can be exposed externally.
CVE-2023-48105 Out-of-Bounds Write in c (CVE-2023-48105)
out-of-bounds write in c (CVE-2023-48105). Risk of unauthorized operations or information disclosure.
CVE-2023-5983 Information Disclosure in botanikyazilim (CVE-2023-5983)
vulnerability in botanikyazilim (CVE-2023-5983). Confidential information can be exposed externally.
CVE-2023-5921 Vulnerability in decesoftware (CVE-2023-5921)
vulnerability in decesoftware (CVE-2023-5921). Confidential information can be exposed externally.
CVE-2023-48192 Code Injection in totolink (CVE-2023-48192)
code injection in totolink (CVE-2023-48192). Successful exploitation can lead to full system takeover.
CVE-2023-4911 KEV [KEV] Vulnerability in Gnu c (CVE-2023-4911)
vulnerability in Gnu c (CVE-2023-4911). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2023-48238 Vulnerability in json-web-token (CVE-2023-48238)
vulnerability in json-web-token (CVE-2023-48238). Data can be tampered with by attackers. Exploitable via ``decode``. Mitigation: upgrade to `4.0.0` or later.
CVE-2023-48056 Vulnerability in pypinksign (CVE-2023-48056)
vulnerability in pypinksign (CVE-2023-48056). Confidential information can be exposed externally.
CVE-2023-36584 KEV [KEV] Vulnerability in Microsoft windows (CVE-2023-36584)
vulnerability in Microsoft windows (CVE-2023-36584). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-1671 KEV [KEV] Command Injection in Sophos web-appliance (CVE-2023-1671)
command injection in Sophos web-appliance (CVE-2023-1671). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-2551 KEV [KEV] Vulnerability in Oracle fusion-middleware (CVE-2020-2551)
vulnerability in Oracle fusion-middleware (CVE-2020-2551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36033 KEV [KEV] Vulnerability in Microsoft windows (CVE-2023-36033)
vulnerability in Microsoft windows (CVE-2023-36033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36025 KEV [KEV] Vulnerability in Microsoft windows (CVE-2023-36025)
vulnerability in Microsoft windows (CVE-2023-36025). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36036 KEV [KEV] Vulnerability in Microsoft windows (CVE-2023-36036)
vulnerability in Microsoft windows (CVE-2023-36036). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-47246 KEV [KEV] Path Traversal in sysaid (CVE-2023-47246)
path traversal in sysaid (CVE-2023-47246). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36844 KEV [KEV] Vulnerability in Juniper junos-os (CVE-2023-36844)
vulnerability in Juniper junos-os (CVE-2023-36844). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36845 KEV [KEV] Vulnerability in Juniper junos-os (CVE-2023-36845)
vulnerability in Juniper junos-os (CVE-2023-36845). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36846 KEV [KEV] Vulnerability in Juniper junos-os (CVE-2023-36846)
vulnerability in Juniper junos-os (CVE-2023-36846). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36847 KEV [KEV] Vulnerability in Juniper junos-os (CVE-2023-36847)
vulnerability in Juniper junos-os (CVE-2023-36847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-36851 KEV [KEV] Vulnerability in Juniper junos-os (CVE-2023-36851)
vulnerability in Juniper junos-os (CVE-2023-36851). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-29552 KEV [KEV] Vulnerability in Ietf service-location-protocol-slp (CVE-2023-29552)
vulnerability in Ietf service-location-protocol-slp (CVE-2023-29552). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-47360 Vulnerability in videolan (CVE-2023-47360)
vulnerability in videolan (CVE-2023-47360). Risk of unauthorized operations or information disclosure.
CVE-2023-22518 KEV [KEV] Authorization Flaw in Atlassian confluence-data-center-and-server (CVE-2023-22518)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22518). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-43336 Vulnerability in sangoma (CVE-2023-43336)
vulnerability in sangoma (CVE-2023-43336). Successful exploitation can lead to full system takeover.
CVE-2023-46604 KEV [KEV] Unsafe Deserialization in Apache activemq (CVE-2023-46604)
vulnerability in Apache activemq (CVE-2023-46604). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46748 KEV [KEV] SQL Injection in F5 big-ip-configuration-utility (CVE-2023-46748)
SQL injection in F5 big-ip-configuration-utility (CVE-2023-46748). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46747 KEV [KEV] Vulnerability in F5 big-ip-configuration-utility (CVE-2023-46747)
vulnerability in F5 big-ip-configuration-utility (CVE-2023-46747). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-5443 Vulnerability in e-invoice-project (CVE-2023-5443)
vulnerability in e-invoice-project (CVE-2023-5443). Confidential information can be exposed externally.
CVE-2023-5570 Vulnerability in inohom (CVE-2023-5570)
vulnerability in inohom (CVE-2023-5570). Confidential information can be exposed externally.
CVE-2023-5631 KEV [KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2023-5631)
cross-site scripting in Roundcube webmail (CVE-2023-5631). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-5574 Use-After-Free in dos (CVE-2023-5574)
vulnerability in dos (CVE-2023-5574). Successful exploitation can lead to full system takeover.
CVE-2023-5367 Out-of-Bounds Write in c (CVE-2023-5367)
out-of-bounds write in c (CVE-2023-5367). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →