Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2023-34795	xlsxio v0.1.2 to v0.2.34 was discovered to contain a free of uninitialized pointer in the xlsxioread_sheetlist_close() function. This vulnerability... Description: xlsxio v0.1.2 to v0.2.34 was discovered to contain a free of uninitialized pointer in the xlsxioread_sheetlist_close() function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XLSX file. EPSS Score: 0.1% Source: CVE December 18th, 2024 (4 months ago)
CVE-2023-34733	A lack of exception handling in the Volkswagen Discover Media Infotainment System Software Version 0876 allows attackers to cause a Denial of... Description: A lack of exception handling in the Volkswagen Discover Media Infotainment System Software Version 0876 allows attackers to cause a Denial of Service (DoS) via supplying crafted media files when connecting a device to the vehicle's USB plug and play feature. EPSS Score: 0.1% Source: CVE December 18th, 2024 (4 months ago)
CVE-2023-34660	jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface. Description: jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface. EPSS Score: 0.07% Source: CVE December 18th, 2024 (4 months ago)
CVE-2023-34659	jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface. Description: jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface. EPSS Score: 20.32% Source: CVE December 18th, 2024 (4 months ago)
CVE-2023-34645	jfinal CMS 5.1.0 has an arbitrary file read vulnerability. Description: jfinal CMS 5.1.0 has an arbitrary file read vulnerability. EPSS Score: 0.23% Source: CVE December 18th, 2024 (4 months ago)
CVE-2023-34165	Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause... Description: Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause third-party apps to forge a URI for unauthorized access with zero permissions. EPSS Score: 0.08% Source: CVE December 18th, 2024 (4 months ago)
CVE-2023-34156	Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful exploitation of this vulnerability may cause services... Description: Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful exploitation of this vulnerability may cause services to be denied. EPSS Score: 0.06% Source: CVE December 18th, 2024 (4 months ago)
CVE-2023-34155	Vulnerability of unauthorized calling on HUAWEI phones and tablets.Successful exploitation of this vulnerability may affect availability. Description: Vulnerability of unauthorized calling on HUAWEI phones and tablets.Successful exploitation of this vulnerability may affect availability. EPSS Score: 0.09% Source: CVE December 18th, 2024 (4 months ago)
CVE-2023-34154	Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to... Description: Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system resources. EPSS Score: 0.09% Source: CVE December 18th, 2024 (4 months ago)
CVE-2023-32409	The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS... Description: The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited. EPSS Score: 1.59% Source: CVE December 18th, 2024 (4 months ago)