Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-32522 |
Description: A path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVSS: LOW (0.0) EPSS Score: 0.2%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32449 |
Description:
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks
CVSS: HIGH (7.2) EPSS Score: 0.06%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32423 |
Description: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information.
CVSS: LOW (0.0) EPSS Score: 0.1%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32422 |
Description: This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to bypass Privacy preferences.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32420 |
Description: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to cause unexpected system termination or read kernel memory.
CVSS: LOW (0.0) EPSS Score: 0.11%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32419 |
Description: The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause arbitrary code execution.
CVSS: LOW (0.0) EPSS Score: 0.43%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32417 |
Description: This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-3114 |
Description: Terraform Enterprise since v202207-1 did not properly implement authorization rules for agent pools, allowing the workspace to be targeted by unauthorized agents. This authorization flaw could potentially allow a workspace to access resources from a separate, higher-privileged workspace in the same organization that targeted an agent pool. This vulnerability, CVE-2023-3114, is fixed in Terraform Enterprise v202306-1.
CVSS: MEDIUM (5.0) EPSS Score: 0.06%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-30942 |
Description: In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-30941 |
Description: In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 5th, 2024 (5 months ago)
|