Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2023-29145
Description: The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file in a debugger.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-28869
Description: Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents of arbitrary files on the operating system by creating a symbolic link.

CVSS: LOW (0.0)

EPSS Score: 0.08%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-28461
Description: Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."

CVSS: LOW (0.0)

EPSS Score: 35.59%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-28364
Description: An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now the user must manually navigate to the URL.

CVSS: LOW (0.0)

EPSS Score: 0.08%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-23756
Extension - advcomsys.com - XSS in oneVote component for Joomla <= 1.7.0
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements.

CVSS: LOW (0.0)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-2320
CF7 Google Sheets Connector < 5.0.2 - Reflected XSS
Description: The CF7 Google Sheets Connector WordPress plugin before 5.0.2, cf7-google-sheets-connector-pro WordPress plugin through 5.0.2 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVSS: LOW (0.0)

EPSS Score: 0.07%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-20760
Description: In apu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629578; Issue ID: ALPS07629578.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (6 months ago)