|
CVE-2023-32434
|
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS... |
Apple |
macOS, iOS and iPadOS, watchOS |
2023-06-23 00:00:00 UTC |
CISA |
|
CVE-2023-27992
|
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions... |
Zyxel |
NAS326 firmware, NAS540 firmware, NAS542 firmware |
2023-06-23 00:00:00 UTC |
CISA |
|
CVE-2023-20887
|
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for... |
n/a |
Aria Operations for Networks (Formerly vRealize Network Insight) |
2023-06-22 00:00:00 UTC |
CISA |
|
CVE-2016-0165
|
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and... |
n/a |
n/a |
2023-06-22 00:00:00 UTC |
CISA |
|
CVE-2016-9079
|
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild... |
Mozilla |
Firefox, Firefox ESR, Thunderbird |
2023-06-22 00:00:00 UTC |
CISA |
|
CVE-2021-44026
|
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params. |
n/a |
n/a |
2023-06-22 00:00:00 UTC |
CISA |
|
CVE-2020-12641
|
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting... |
n/a |
n/a |
2023-06-22 00:00:00 UTC |
CISA |
|
CVE-2020-35730
|
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text... |
n/a |
n/a |
2023-06-22 00:00:00 UTC |
CISA |
|
CVE-2023-27997
|
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below,... |
Fortinet |
FortiOS-6K7K, FortiProxy, FortiOS |
2023-06-13 00:00:00 UTC |
CISA |
|
CVE-2023-3079
|
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... |
Google |
Chrome |
2023-06-07 00:00:00 UTC |
CISA |
|
CVE-2023-33009
|
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series... |
Zyxel |
ATP series firmware, USG FLEX series firmware, USG FLEX 50(W) firmware, USG20(W)-VPN firmware, VPN series firmware, ZyWALL/USG series firmware |
2023-06-05 00:00:00 UTC |
CISA |
|
CVE-2023-33010
|
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series... |
Zyxel |
ATP series firmware, USG FLEX series firmware, USG FLEX 50(W) firmware, USG20(W)-VPN firmware, VPN series firmware, ZyWALL/USG series firmware |
2023-06-05 00:00:00 UTC |
CISA |
|
CVE-2023-34362
|
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL... |
n/a |
n/a |
2023-06-02 00:00:00 UTC |
CISA |
|
CVE-2023-28771
|
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG... |
Zyxel |
ZyWALL/USG series firmware, VPN series firmware, USG FLEX series firmware, ATP series firmware |
2023-05-31 00:00:00 UTC |
CISA |
|
CVE-2023-2868
|
Remote Code injection in Barracuda Email Security Gateway |
Barracuda |
Barracuda Email Security Gateway |
2023-05-26 00:00:00 UTC |
CISA |
|
CVE-2023-32373
|
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6... |
Apple |
macOS, Safari, watchOS, iOS and iPadOS, tvOS |
2023-05-22 00:00:00 UTC |
CISA |
|
CVE-2023-28204
|
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6... |
Apple |
macOS, Safari, watchOS, iOS and iPadOS, tvOS |
2023-05-22 00:00:00 UTC |
CISA |
|
CVE-2023-32409
|
The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS... |
Apple |
macOS, Safari, watchOS, iOS and iPadOS, tvOS |
2023-05-22 00:00:00 UTC |
CISA |
|
CVE-2004-1464
|
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP... |
n/a |
n/a |
2023-05-19 00:00:00 UTC |
CISA |
|
CVE-2023-21492
|
Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. |
Samsung Mobile |
Samsung Mobile Devices |
2023-05-19 00:00:00 UTC |
CISA |
|
CVE-2016-6415
|
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x,... |
n/a |
n/a |
2023-05-19 00:00:00 UTC |
CISA |
|
CVE-2023-25717
|
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a... |
n/a |
n/a |
2023-05-12 00:00:00 UTC |
CISA |
|
CVE-2015-5317
|
The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name... |
n/a |
n/a |
2023-05-12 00:00:00 UTC |
CISA |
|
CVE-2010-3904
|
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36... |
n/a |
n/a |
2023-05-12 00:00:00 UTC |
CISA |
|
CVE-2016-3427
|
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect... |
n/a |
n/a |
2023-05-12 00:00:00 UTC |
CISA |