CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2023-35862	libcoap 4.3.1 contains a buffer over-read via the function coap_parse_oscore_conf_mem at coap_oscore.c. Description: libcoap 4.3.1 contains a buffer over-read via the function coap_parse_oscore_conf_mem at coap_oscore.c. CVSS: LOW (0.0) EPSS Score: 0.17% Source: CVE December 12th, 2024 (6 months ago)
CVE-2023-35857	In Siren Investigate before 13.2.2, session keys remain active even after logging out. Description: In Siren Investigate before 13.2.2, session keys remain active even after logging out. CVSS: LOW (0.0) EPSS Score: 0.32% Source: CVE December 12th, 2024 (6 months ago)
CVE-2023-35856	A buffer overflow in Nintendo Mario Kart Wii RMCP01, RMCE01, RMCJ01, and RMCK01 can be exploited by a game client to execute arbitrary code on a... Description: A buffer overflow in Nintendo Mario Kart Wii RMCP01, RMCE01, RMCJ01, and RMCK01 can be exploited by a game client to execute arbitrary code on a client's machine via a crafted packet. CVSS: LOW (0.0) EPSS Score: 0.43% Source: CVE December 12th, 2024 (6 months ago)
CVE-2023-35855	A buffer overflow in Counter-Strike through 8684 allows a game server to execute arbitrary code on a remote client's machine by modifying the... Description: A buffer overflow in Counter-Strike through 8684 allows a game server to execute arbitrary code on a remote client's machine by modifying the lservercfgfile console variable. CVSS: LOW (0.0) EPSS Score: 0.23% Source: CVE December 12th, 2024 (6 months ago)
CVE-2023-35853	In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13... Description: In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section. CVSS: LOW (0.0) EPSS Score: 0.22% Source: CVE December 12th, 2024 (6 months ago)
CVE-2023-35852	In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may... Description: In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring allow-absolute-filenames and allow-write (in the datasets rules configuration section) if an installation requires traversal/writing in this situation. CVSS: LOW (0.0) EPSS Score: 0.11% Source: CVE December 12th, 2024 (6 months ago)
CVE-2023-35849	VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet. Description: VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet. CVSS: LOW (0.0) EPSS Score: 0.12% Source: CVE December 12th, 2024 (6 months ago)
CVE-2023-35848	VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member. Description: VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member. CVSS: LOW (0.0) EPSS Score: 0.09% Source: CVE December 12th, 2024 (6 months ago)
CVE-2023-35847	VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero). Description: VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero). CVSS: LOW (0.0) EPSS Score: 0.09% Source: CVE December 12th, 2024 (6 months ago)
CVE-2023-35846	VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering. Description: VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering. CVSS: LOW (0.0) EPSS Score: 0.09% Source: CVE December 12th, 2024 (6 months ago)