CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-28191 |
Description: This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences.
CVSS: LOW (0.0) EPSS Score: 0.1%
December 6th, 2024 (7 months ago)
|
|
CVE-2023-28016 |
Description: Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain.
CVSS: LOW (3.1) EPSS Score: 0.06%
December 6th, 2024 (7 months ago)
|
|
CVE-2023-27964 |
Description: An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 5E133. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 6th, 2024 (7 months ago)
|
|
CVE-2023-27940 |
Description: The issue was addressed with additional permissions checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6, macOS Ventura 13.4. A sandboxed app may be able to observe system-wide network connections.
CVSS: LOW (0.0) EPSS Score: 0.07%
December 6th, 2024 (7 months ago)
|
|
CVE-2023-27930 |
Description: A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges.
CVSS: LOW (0.0) EPSS Score: 0.08%
December 6th, 2024 (7 months ago)
|
|
CVE-2023-27908 |
Description: A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 6th, 2024 (7 months ago)
|
|
CVE-2023-27197 |
Description: PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (7 months ago)
|
|
CVE-2023-25500 |
Description: Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests.
CVSS: LOW (3.5) EPSS Score: 0.07%
December 6th, 2024 (7 months ago)
|
|
CVE-2023-25004 |
Description: A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
CVSS: LOW (0.0) EPSS Score: 0.07%
December 6th, 2024 (7 months ago)
|
|
CVE-2023-25003 |
Description: A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
CVSS: LOW (0.0) EPSS Score: 0.07%
December 6th, 2024 (7 months ago)
|