CVE Database

4411+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2023-51550
3.3 LOW

Foxit PDF Reader combobox Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. …

May 3, 2024
CVE-2023-42119
3.1 LOW

Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required …

May 3, 2024
CVE-2023-42098
3.3 LOW

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User …

May 3, 2024
CVE-2023-42095
3.3 LOW

Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. …

May 3, 2024
CVE-2023-42093
3.3 LOW

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User …

May 3, 2024
CVE-2023-38116
3.3 LOW

Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF …

May 3, 2024
CVE-2023-38115
3.3 LOW

Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. …

May 3, 2024
CVE-2023-38113
3.3 LOW

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User …

May 3, 2024
CVE-2023-38110
3.3 LOW

Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit …

May 3, 2024
CVE-2023-38109
3.3 LOW

Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF …

May 3, 2024
CVE-2023-38108
3.3 LOW

Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit …

May 3, 2024
CVE-2023-38106
3.3 LOW

Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit …

May 3, 2024
CVE-2023-38105
3.3 LOW

Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit …

May 3, 2024
CVE-2024-4128
2.6 LOW

This vulnerability was a potential CSRF attack. When running the Firebase emulator suite, there is an export endpoint that is used normally to export data …

May 2, 2024
CVE-2024-23462
3.3 LOW

An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS allows a denial of service of the Client Connector binary and …

May 2, 2024
CVE-2024-32882
2.7 LOW

Wagtail is an open source content management system built on Django. In affected versions if a model has been made available for editing through the …

May 2, 2024
CVE-2024-3471
3.4 LOW

The Button Generator WordPress plugin before 3.0 does not have CSRF check in place when bulk deleting, which could allow attackers to make a logged …

May 2, 2024
CVE-2023-46294
3.4 LOW

An issue was discovered in Teledyne FLIR M300 2.00-19. User account passwords are encrypted locally, and can be decrypted to cleartext passwords using the utility …

May 1, 2024
CVE-2024-26992
3.3 LOW

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Drop support for virtualizing adaptive PEBS, as KVM's …

May 1, 2024
CVE-2024-4226
3.5 LOW

It was identified that in certain versions of Octopus Server, that a user created with no permissions could view all users, user roles and permissions. …

Apr 30, 2024
CVE-2024-4327
3.5 LOW

A vulnerability was found in Apryse WebViewer up to 10.8.0. It has been classified as problematic. This affects an unknown part of the component PDF …

Apr 30, 2024
CVE-2024-31747
2.1 LOW

An issue in Yealink VP59 Microsoft Teams Phone firmware 91.15.0.118 (fixed in 122.15.0.142) allows a physically proximate attacker to disable the phone lock via the …

Apr 29, 2024
CVE-2024-32268
3.3 LOW

An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network …

Apr 29, 2024
CVE-2023-46270
3.3 LOW

MacPaw The Unarchiver before 4.3.6 contains vulnerability related to missing quarantine attributes for extracted items.

Apr 29, 2024
CVE-2022-48668
3.3 LOW

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in collapse range collapse range doesn't discard the affected cached …

Apr 28, 2024
CVE-2022-48667
3.3 LOW

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached …

Apr 28, 2024
CVE-2024-4293
3.5 LOW

A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file …

Apr 27, 2024
CVE-2024-4256
2.4 LOW

A vulnerability was found in Techkshetra Info Solutions Savsoft Quiz 6.0 and classified as problematic. Affected by this issue is some unknown functionality of the …

Apr 27, 2024
CVE-2024-3034
2.7 LOW

The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkp_directory_browse parameter. This makes it …

Apr 27, 2024
CVE-2024-4235
2.7 LOW

A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads …

Apr 26, 2024
CVE-2024-3076
3.8 LOW

The MM-email2image WordPress plugin through 0.2.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow …

Apr 26, 2024
CVE-2024-4198
2.7 LOW

Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes which allows an attacker authenticated as team admin to …

Apr 26, 2024
CVE-2024-4195
2.7 LOW

Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows an attacker authenticated as a team admin …

Apr 26, 2024
CVE-2024-22091
3.1 LOW

Mattermost versions 8.1.x <= 8.1.10, 9.6.x <= 9.6.0, 9.5.x <= 9.5.2 and 8.1.x <= 8.1.11 fail to limit the size of a request path that …

Apr 26, 2024
CVE-2024-32236
3.5 LOW

An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component.

Apr 25, 2024
CVE-2024-4141
2.9 LOW

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds …

Apr 24, 2024
CVE-2024-23228
3.3 LOW

This issue was addressed through improved state management. This issue is fixed in iOS 17.3 and iPadOS 17.3. Locked Notes content may have been unexpectedly …

Apr 24, 2024
CVE-2023-23985
3.7 LOW

Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4.

Apr 24, 2024
CVE-2024-28977
3.3 LOW

Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability …

Apr 24, 2024
CVE-2024-2972
3.8 LOW

The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button WordPress plugin before 3.1.9 does not sanitise and …

Apr 24, 2024
CVE-2024-4075
3.5 LOW

A vulnerability classified as problematic has been found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. This affects an unknown part of the file login.php. …

Apr 23, 2024
CVE-2024-4074
3.5 LOW

A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. It has been rated as problematic. Affected by this issue is some unknown …

Apr 23, 2024
CVE-2024-4073
3.5 LOW

A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown …

Apr 23, 2024
CVE-2024-4072
3.5 LOW

A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. It has been classified as problematic. Affected is an unknown function of the …

Apr 23, 2024
CVE-2024-4063
3.7 LOW

A vulnerability was found in EZVIZ CS-C6-21WFR-8 5.2.7 Build 170628. It has been classified as problematic. This affects an unknown part of the component Davinci …

Apr 23, 2024
CVE-2024-4062
3.7 LOW

A vulnerability was found in Hualai Xiaofang iSC5 3.2.2_112 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to …

Apr 23, 2024
CVE-2024-32482
2.2 LOW

The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the …

Apr 23, 2024
CVE-2023-48184
3.9 LOW

QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage collection of async functions with closures.

Apr 23, 2024
CVE-2024-3177
2.7 LOW

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount …

Apr 22, 2024
CVE-2024-32405
2.6 LOW

Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of …

Apr 22, 2024

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.