Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-40224 |
Description: MISP 2.4.174 allows XSS in app/View/Events/index.ctp.
CVSS: LOW (0.0) EPSS Score: 0.07%
December 4th, 2024 (5 months ago)
|
|
CVE-2023-40093 |
Description: In multiple files, there is a possible way that trimmed content could be included in PDF output due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 4th, 2024 (5 months ago)
|
|
CVE-2023-36662 |
Description: The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for Jira 2.0.0 through 2.17.1, User Management for Confluence 2.0.0 through 2.15.24, and User Management for Bitbucket 2.2.2 through 2.15.24.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 4th, 2024 (5 months ago)
|
|
CVE-2023-36301 |
Description: Talend Data Catalog before 8.0-20230221 contain a directory traversal vulnerability in HeaderImageServlet.
CVSS: LOW (0.0) EPSS Score: 0.15%
December 4th, 2024 (5 months ago)
|
|
CVE-2023-36252 |
Description: An issue in Ateme Flamingo XL v.3.6.20 and XS v.3.6.5 allows a remote authenticated attacker to execute arbitrary code and cause a denial of service via a the session expiration function.
CVSS: LOW (0.0) EPSS Score: 0.21%
December 4th, 2024 (5 months ago)
|
|
CVE-2023-34924 |
Description: H3C Magic B1STW B1STV100R012 was discovered to contain a stack overflow via the function SetAPInfoById. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 4th, 2024 (5 months ago)
|
|
CVE-2023-34475 |
Description: A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service.
CVSS: LOW (0.0) EPSS Score: 0.08%
December 4th, 2024 (5 months ago)
|
|
CVE-2023-33899 |
Description: In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|
|
CVE-2023-33898 |
Description: In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|
|
CVE-2023-33887 |
Description: In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 4th, 2024 (5 months ago)
|