Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-25004 |
Description: A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
CVSS: LOW (0.0) EPSS Score: 0.07%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-25003 |
Description: A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
CVSS: LOW (0.0) EPSS Score: 0.07%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-25002 |
Description: A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
CVSS: LOW (0.0) EPSS Score: 0.07%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-25001 |
Description: A maliciously crafted SKP file in Autodesk Navisworks 2023 and 2022 be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
CVSS: LOW (0.0) EPSS Score: 0.15%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-23539 |
Description: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution.
CVSS: LOW (0.0) EPSS Score: 0.07%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-23516 |
Description: The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to execute arbitrary code with kernel privileges.
CVSS: LOW (0.0) EPSS Score: 0.08%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-23343 |
Description: A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to use transparent or opaque layers to trick a user into clicking on a button or link on another page to perform a redirect to an attacker-controlled domain.
CVSS: LOW (2.4) EPSS Score: 0.06%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-21187 |
Description: In onCreate of UsbAccessoryUriActivity.java, there is a possible way to escape the Setup Wizard due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246542917
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-21176 |
Description: In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222287335
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-21175 |
Description: In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or disable mobile data due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262243574
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|