| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-6345 | 0.12 | — | 0.20 | KEV | Nov 29, 2023 | Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) | ||
| CVE-2023-49103 | 0.23 | — | 0.78 | KEV | Nov 21, 2023 | An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo).… | ||
| CVE-2023-48365 | 0.22 | — | 0.25 | KEV | Nov 15, 2023 | Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests, allowing them to execute HTTP… | ||
| CVE-2023-36424 | Hig | 0.63 | 7.8 | 0.12 | KEV | Nov 14, 2023 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | |
| CVE-2023-36025 | 0.19 | — | 0.88 | KEV | Nov 14, 2023 | Windows SmartScreen Security Feature Bypass Vulnerability | ||
| CVE-2023-36033 | 0.12 | — | 0.12 | KEV | Nov 14, 2023 | Windows DWM Core Library Elevation of Privilege Vulnerability | ||
| CVE-2023-36036 | 0.12 | — | 0.17 | KEV | Nov 14, 2023 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||
| CVE-2023-47246 | 0.26 | — | 0.99 | KEV | Nov 10, 2023 | In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. | ||
| CVE-2023-22518 | 0.29 | — | 1.00 | KEV | Oct 31, 2023 | All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an… | ||
| CVE-2023-46604 | 0.22 | — | 1.00 | KEV | Oct 27, 2023 | The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the… | ||
| CVE-2023-46748 | 0.12 | — | 0.04 | KEV | Oct 26, 2023 | An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands. … | ||
| CVE-2023-46747 | 0.29 | — | 0.97 | KEV | Oct 26, 2023 | Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of… | ||
| CVE-2023-43208 | 0.29 | — | 0.83 | KEV | Oct 26, 2023 | NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679. | ||
| CVE-2023-34048 | 0.19 | — | 0.99 | KEV | Oct 25, 2023 | vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. | ||
| CVE-2023-20273 | 0.22 | — | 0.90 | KEV | Oct 24, 2023 | A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending… | ||
| CVE-2023-5631 | 0.18 | — | 0.73 | KEV | Oct 18, 2023 | Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code. | ||
| CVE-2023-45727 | 0.14 | — | 0.04 | KEV | Oct 18, 2023 | Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity (XXE) attacks. By processing a specially crafted… | ||
| CVE-2023-20198 | 0.23 | — | 1.00 | KEV | Oct 16, 2023 | Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two… | ||
| CVE-2023-36563 | 0.12 | — | 0.21 | KEV | Oct 10, 2023 | Microsoft WordPad Information Disclosure Vulnerability | ||
| CVE-2023-36584 | 0.13 | — | 0.03 | KEV | Oct 10, 2023 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2023-41763 | 0.13 | — | 0.90 | KEV | Oct 10, 2023 | Skype for Business Elevation of Privilege Vulnerability | ||
| CVE-2023-44487 | Hig | 0.65 | 7.5 | 1.00 | KEV | Oct 10, 2023 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | |
| CVE-2023-4966 | 0.29 | — | 1.00 | KEV | Oct 10, 2023 | Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. | ||
| CVE-2023-42824 | 0.12 | — | 0.01 | KEV | Oct 4, 2023 | The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6. | ||
| CVE-2023-22515 | 0.29 | — | 0.99 | KEV | Oct 4, 2023 | Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts… | ||
| CVE-2023-4911 | Hig | 0.71 | 7.8 | 0.81 | KEV | Oct 3, 2023 | A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID… | |
| CVE-2023-4211 | 0.12 | — | 0.01 | KEV | Oct 1, 2023 | A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | ||
| CVE-2023-5217 | 0.08 | — | 0.34 | KEV | Sep 28, 2023 | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-20109 | 0.12 | — | 0.02 | KEV | Sep 27, 2023 | A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an… | ||
| CVE-2023-40044 | 0.29 | — | 0.90 | KEV | Sep 27, 2023 | In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system. | ||
| CVE-2023-36851 | 0.13 | — | 0.01 | KEV | Sep 26, 2023 | A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't… | ||
| CVE-2023-43770 | 0.17 | — | 0.58 | KEV | Sep 22, 2023 | Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior. | ||
| CVE-2023-41993 | 0.14 | — | 0.29 | KEV | Sep 21, 2023 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. | ||
| CVE-2023-41992 | 0.12 | — | 0.03 | KEV | Sep 21, 2023 | The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against… | ||
| CVE-2023-41991 | 0.12 | — | 0.05 | KEV | Sep 21, 2023 | A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS… | ||
| CVE-2023-42793 | 0.28 | — | 1.00 | KEV | Sep 19, 2023 | In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | ||
| CVE-2023-41179 | 0.12 | — | 0.05 | KEV | Sep 19, 2023 | A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected… | ||
| CVE-2023-38205 | 0.20 | — | 1.00 | KEV | Sep 14, 2023 | Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM… | ||
| CVE-2023-26369 | 0.12 | — | 0.07 | KEV | Sep 13, 2023 | Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue… | ||
| CVE-2023-36761 | 0.12 | — | 0.19 | KEV | Sep 12, 2023 | Microsoft Word Information Disclosure Vulnerability | ||
| CVE-2023-36802 | 0.18 | — | 0.26 | KEV | Sep 12, 2023 | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability | ||
| CVE-2023-4863 | 0.13 | — | 1.00 | KEV | Sep 12, 2023 | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2023-41990 | 0.12 | — | 0.01 | KEV | Sep 11, 2023 | The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code… | ||
| CVE-2023-35674 | 0.12 | — | 0.02 | KEV | Sep 11, 2023 | In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2023-39780 | 0.16 | — | 0.32 | KEV | Sep 11, 2023 | On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist parameter. NOTE: for the similar "token-generated module" issue, see CVE-2023-41345; for the similar "token-refresh module" issue, see… | ||
| CVE-2023-41064 | 0.19 | — | 0.15 | KEV | Sep 7, 2023 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to… | ||
| CVE-2023-41061 | 0.12 | — | 0.03 | KEV | Sep 7, 2023 | A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | ||
| CVE-2023-20269 | 0.18 | — | 0.22 | KEV | Sep 6, 2023 | A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and… | ||
| CVE-2023-4762 | 0.16 | — | 0.38 | KEV | Sep 5, 2023 | Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-41265 | 0.25 | — | 0.85 | KEV | Aug 29, 2023 | An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their… |
- risk 0.12cvss —epss 0.20
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
- risk 0.23cvss —epss 0.78
An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo).…
- risk 0.22cvss —epss 0.25
Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests, allowing them to execute HTTP…
- risk 0.63cvss 7.8epss 0.12
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.88
Windows SmartScreen Security Feature Bypass Vulnerability
- risk 0.12cvss —epss 0.12
Windows DWM Core Library Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.17
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
- risk 0.26cvss —epss 0.99
In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
- risk 0.29cvss —epss 1.00
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an…
- risk 0.22cvss —epss 1.00
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the…
- risk 0.12cvss —epss 0.04
An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands. …
- risk 0.29cvss —epss 0.97
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of…
- risk 0.29cvss —epss 0.83
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679.
- risk 0.19cvss —epss 0.99
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.
- risk 0.22cvss —epss 0.90
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending…
- risk 0.18cvss —epss 0.73
Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code.
- risk 0.14cvss —epss 0.04
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity (XXE) attacks. By processing a specially crafted…
- risk 0.23cvss —epss 1.00
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two…
- risk 0.12cvss —epss 0.21
Microsoft WordPad Information Disclosure Vulnerability
- risk 0.13cvss —epss 0.03
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.13cvss —epss 0.90
Skype for Business Elevation of Privilege Vulnerability
- risk 0.65cvss 7.5epss 1.00
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
- risk 0.29cvss —epss 1.00
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
- risk 0.12cvss —epss 0.01
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.
- risk 0.29cvss —epss 0.99
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts…
- risk 0.71cvss 7.8epss 0.81
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID…
- risk 0.12cvss —epss 0.01
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
- risk 0.08cvss —epss 0.34
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.12cvss —epss 0.02
A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an…
- risk 0.29cvss —epss 0.90
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
- risk 0.13cvss —epss 0.01
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't…
- risk 0.17cvss —epss 0.58
Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.
- risk 0.14cvss —epss 0.29
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
- risk 0.12cvss —epss 0.03
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against…
- risk 0.12cvss —epss 0.05
A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS…
- risk 0.28cvss —epss 1.00
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
- risk 0.12cvss —epss 0.05
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected…
- risk 0.20cvss —epss 1.00
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM…
- risk 0.12cvss —epss 0.07
Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue…
- risk 0.12cvss —epss 0.19
Microsoft Word Information Disclosure Vulnerability
- risk 0.18cvss —epss 0.26
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 1.00
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.12cvss —epss 0.01
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code…
- risk 0.12cvss —epss 0.02
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.16cvss —epss 0.32
On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist parameter. NOTE: for the similar "token-generated module" issue, see CVE-2023-41345; for the similar "token-refresh module" issue, see…
- risk 0.19cvss —epss 0.15
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to…
- risk 0.12cvss —epss 0.03
A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- risk 0.18cvss —epss 0.22
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and…
- risk 0.16cvss —epss 0.38
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.25cvss —epss 0.85
An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their…