Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-5115 |
Description: An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.
EPSS Score: 0.11%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-47717 |
Description: IBM Security Guardium 12.0 could allow a privileged user to perform unauthorized actions that could lead to a denial of service. IBM X-Force ID: 271690.
CVSS: MEDIUM (4.4) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-4727 |
Description: A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.
EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-42366 |
Description: A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-40285 |
Description: An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-3758 |
Description: A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-36371 |
Description: An issue in the GDKfree component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-36370 |
Description: An issue in the gc_col component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-36369 |
Description: An issue in the list_append component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-35174 |
Description: Livebook is a web application for writing interactive and collaborative code notebooks. On Windows, it is possible to open a `livebook://` link from a browser which opens Livebook Desktop and triggers arbitrary code execution on victim's machine. Any user using Livebook Desktop on Windows is potentially vulnerable to arbitrary code execution when they expect Livebook to be opened from browser. This vulnerability has been fixed in version 0.8.2 and 0.9.3.
CVSS: HIGH (8.6) EPSS Score: 0.45%
December 7th, 2024 (5 months ago)
|