Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-32354 |
Description: An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-32353 |
Description: A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-32352 |
Description: A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may bypass Gatekeeper checks.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-32351 |
Description: A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-30902 |
Description: A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-30362 |
Description: Buffer Overflow vulnerability in coap_send function in libcoap library 4.3.1-103-g52cfd56 fixed in 4.3.1-120-ge242200 allows attackers to obtain sensitive information via malformed pdu.
CVSS: LOW (0.0) EPSS Score: 0.17%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-30260 |
Description: Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form.
CVSS: LOW (0.0) EPSS Score: 0.27%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-30258 |
Description: Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
CVSS: LOW (0.0) EPSS Score: 79.42%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-2996 |
Description: The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization.
CVSS: LOW (0.0) EPSS Score: 0.37%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-2989 |
Description: Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker to crash the service or bypass authentication if successfully exploited
CVSS: LOW (0.0) EPSS Score: 0.12%
December 6th, 2024 (5 months ago)
|