Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-30362 |
Description: Buffer Overflow vulnerability in coap_send function in libcoap library 4.3.1-103-g52cfd56 fixed in 4.3.1-120-ge242200 allows attackers to obtain sensitive information via malformed pdu.
CVSS: LOW (0.0) EPSS Score: 0.17%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-30260 |
Description: Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form.
CVSS: LOW (0.0) EPSS Score: 0.27%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-30258 |
Description: Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
CVSS: LOW (0.0) EPSS Score: 79.42%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-2996 |
Description: The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization.
CVSS: LOW (0.0) EPSS Score: 0.37%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-2989 |
Description: Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker to crash the service or bypass authentication if successfully exploited
CVSS: LOW (0.0) EPSS Score: 0.12%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-29860 |
Description: An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows attackers to view sensitive information via the getCookie method.
CVSS: LOW (0.0) EPSS Score: 0.19%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-29068 |
Description: A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVSS: LOW (0.0) EPSS Score: 0.07%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-28929 |
Description: Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started.
CVSS: LOW (0.0) EPSS Score: 0.07%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-28799 |
Description: A URL parameter during login flow was vulnerable to injection. An attacker could insert a malicious domain in this parameter, which would redirect the user after auth and send the authorization token to the redirected domain.
CVSS: HIGH (8.2) EPSS Score: 0.18%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-28202 |
Description: This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app firewall setting may not take effect after exiting the Settings app.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 6th, 2024 (5 months ago)
|