Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2023-52542
Permission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect availability.
Description: Permission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect availability.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (5 months ago)

CVE-2023-5189
Hub: insecure galaxy-importer tarfile extraction
Description: A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten.

EPSS Score: 0.13%

Source: CVE
December 7th, 2024 (5 months ago)

CVE-2023-5115
Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files
Description: An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.

EPSS Score: 0.11%

Source: CVE
December 7th, 2024 (5 months ago)

CVE-2023-47717
IBM Security Guardium denial of service
Description: IBM Security Guardium 12.0 could allow a privileged user to perform unauthorized actions that could lead to a denial of service. IBM X-Force ID: 271690.

CVSS: MEDIUM (4.4)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (5 months ago)

CVE-2023-4727
Ca: token authentication bypass vulnerability
Description: A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (5 months ago)

CVE-2023-42366
A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.
Description: A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (5 months ago)

CVE-2023-40285
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue.
Description: An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (5 months ago)

CVE-2023-3758
Sssd: race condition during authorization leads to gpo policies functioning inconsistently
Description: A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (5 months ago)

CVE-2023-36371
An issue in the GDKfree component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL...
Description: An issue in the GDKfree component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVSS: LOW (0.0)

EPSS Score: 0.06%

Source: CVE
December 7th, 2024 (5 months ago)

CVE-2023-36370
An issue in the gc_col component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL...
Description: An issue in the gc_col component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVSS: LOW (0.0)

EPSS Score: 0.06%

Source: CVE
December 7th, 2024 (5 months ago)