CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2023-5900	Cross-Site Request Forgery in pkp/pkp-lib Description: Cross-Site Request Forgery in GitHub repository pkp/pkp-lib prior to 3.3.0-16. CVSS: LOW (3.5) EPSS Score: 0.06% Source: CVE December 4th, 2024 (7 months ago)
CVE-2023-52727	Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in parseAlignBits. Description: Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in parseAlignBits. CVSS: LOW (0.0) EPSS Score: 0.04% Source: CVE December 4th, 2024 (7 months ago)
CVE-2023-52345	In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System... Description: In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed CVSS: LOW (0.0) EPSS Score: 0.04% Source: CVE December 4th, 2024 (7 months ago)
CVE-2023-51796	Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the... Description: Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame. CVSS: LOW (0.0) EPSS Score: 0.05% Source: CVE December 4th, 2024 (7 months ago)
CVE-2023-5084	Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp Description: Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.8.8. CVSS: LOW (3.9) EPSS Score: 0.06% Source: CVE December 4th, 2024 (7 months ago)
CVE-2023-49559	An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the... Description: An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives function. CVSS: LOW (0.0) EPSS Score: 0.04% Source: CVE December 4th, 2024 (7 months ago)
CVE-2023-44854	Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted... Description: Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the c_set_rslog_decode function in the acu_web file. CVSS: LOW (0.0) EPSS Score: 0.04% Source: CVE December 4th, 2024 (7 months ago)
CVE-2023-40224	MISP 2.4.174 allows XSS in app/View/Events/index.ctp. Description: MISP 2.4.174 allows XSS in app/View/Events/index.ctp. CVSS: LOW (0.0) EPSS Score: 0.07% Source: CVE December 4th, 2024 (7 months ago)
CVE-2023-40093	In multiple files, there is a possible way that trimmed content could be included in PDF output due to a logic error in the code. This could lead... Description: In multiple files, there is a possible way that trimmed content could be included in PDF output due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. CVSS: LOW (0.0) EPSS Score: 0.05% Source: CVE December 4th, 2024 (7 months ago)
CVE-2023-36662	The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for... Description: The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for Jira 2.0.0 through 2.17.1, User Management for Confluence 2.0.0 through 2.15.24, and User Management for Bitbucket 2.2.2 through 2.15.24. CVSS: LOW (0.0) EPSS Score: 0.05% Source: CVE December 4th, 2024 (7 months ago)