Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-30917 |
Description: In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-30916 |
Description: In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-2990 |
Description: Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service
CVSS: LOW (0.0) EPSS Score: 0.07%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-28485 |
Description: A stored cross-site scripting (Stored XSS) vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Any user can obtain the privilege to rename within their own board (where they have BoardAdmin access), and renameAttachment does not block XSS payloads.
CVSS: LOW (0.0) EPSS Score: 0.48%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-28387 |
Description: "NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-27199 |
Description: PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a malicious shared library and use LD_PRELOAD to bypass authorization checks.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-27082 |
Description: Cross Site Scripting (XSS) vulnerability in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev4 allows remote attackers to run arbitrary code via upload of crafted html file.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-26299 |
Description: A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-25307 |
Description: nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal.
CVSS: LOW (0.0) EPSS Score: 0.11%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-25306 |
Description: MultiMC Launcher <= 0.6.16 is vulnerable to Directory Traversal.
CVSS: LOW (0.0) EPSS Score: 0.18%
December 5th, 2024 (5 months ago)
|