Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-34154 |
Description: Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system resources.
EPSS Score: 0.09%
December 18th, 2024 (6 months ago)
|
|
CVE-2023-32409 |
Description: The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.
EPSS Score: 1.59%
December 18th, 2024 (6 months ago)
|
|
CVE-2023-30905 |
Description: The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege.
EPSS Score: 0.04%
December 18th, 2024 (6 months ago)
|
|
CVE-2023-30904 |
Description: A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information.
EPSS Score: 0.04%
December 18th, 2024 (6 months ago)
|
|
CVE-2023-30903 |
Description: HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
EPSS Score: 0.04%
December 18th, 2024 (6 months ago)
|
|
CVE-2023-21141 |
Description: In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-262244249
EPSS Score: 0.04%
December 18th, 2024 (6 months ago)
|
|
CVE-2023-21139 |
Description: In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-271845008
EPSS Score: 0.04%
December 18th, 2024 (6 months ago)
|
|
CVE-2023-21138 |
Description: In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-273260090
EPSS Score: 0.04%
December 18th, 2024 (6 months ago)
|
|
CVE-2024-5660 |
Description: Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1, Cortex-X1C, Cortex-X2, Cortex-X3, Cortex-X4, Cortex-X925, Neoverse V1, Neoverse V2, Neoverse V3, Neoverse V3AE, Neoverse N2 may permit bypass of Stage-2 translation and/or GPT protection.
EPSS Score: 0.04%
December 17th, 2024 (6 months ago)
|
|
CVE-2024-56112 |
Description: CyberPanel (aka Cyber Panel) before f0cf648 allows XSS via token or username to plogical/phpmyadminsignin.php.
EPSS Score: 0.04%
December 17th, 2024 (6 months ago)
|