Lucene search
K

40449 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:24 a.m.5 views

CVE-2024-33437

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules...

7.5CVSS6.5AI score0.00757EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:22 a.m.13 views

CVE-2024-34885

Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to read SMTP accounts passwords via HTTP GET request...

6.8CVSS7AI score0.00435EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:19 a.m.11 views

CVE-2024-43382

Snowflake JDBC driver versions = 3.2.6 and = 3.19.1 have an Incorrect Security Setting that can result in data being uploaded to an encrypted stage without the additional layer of protection provided by client side encryption...

5.9CVSS6.7AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:1 a.m.5 views

CVE-2023-28005

A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the...

6.8CVSS6.7AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:41 a.m.5 views

CVE-2023-0400

The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9...

8.2CVSS7.9AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:41 a.m.2 views

CVE-2023-0520

The RapidExpCart WordPress plugin through 1.0 does not sanitize and escape the url parameter in the rapidexpcart endpoint before storing it and outputting it back in the page, leading to a Stored Cross-Site Scripting vulnerability which could be used against high-privilege users such as admin,...

5.4CVSS5.2AI score0.00239EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.6 views

CVE-2023-0811

Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII...

9.1CVSS9.2AI score0.00621EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.5 views

CVE-2023-0551

The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments...

5.4CVSS6.3AI score0.0028EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.6 views

CVE-2023-0889

Themeflection Numbers WordPress plugin before 2.0.1 does not have authorisation and CSRF check in an AJAX action, and does not ensure that the options to be updated belong to the plugin. As a result, it could allow any authenticated users, such as subscriber, to update arbitrary blog options, suc...

6.5CVSS7AI score0.00301EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:31 a.m.8 views

CVE-2023-29020

@fastify/passport is a port of passport authentication library for the Fastify ecosystem. The CSRF Cross-Site Request Forger protection enforced by the @fastify/csrf-protection library, when combined with @fastify/passport in affected versions, can be bypassed by network and same-site attackers...

6.5CVSS7AI score0.00384EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:10 a.m.8 views

CVE-2023-32572

A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection...

6.5CVSS6.7AI score0.00398EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:6 a.m.13 views

CVE-2023-5770

Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the emai...

5.4CVSS6.8AI score0.0034EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:57 a.m.7 views

CVE-2023-6119

An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. This is caused by GetSusp not correctly protecting a directory that it creates during execution...

7.8CVSS7.1AI score0.00209EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.9 views

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection...

8.4CVSS7.2AI score0.00119EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.11 views

CVE-2023-33090

Transient DOS while processing channel information for speaker protection v2 module in ADSP...

5.5CVSS6.7AI score0.00099EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.5 views

CVE-2023-42860

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system...

7.7CVSS5.9AI score0.00488EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.4 views

CVE-2023-42877

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system...

7.7CVSS5.8AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.7 views

CVE-2023-42859

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system...

7.7CVSS5.8AI score0.00186EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:55 a.m.7 views

CVE-2023-42823

The issue was resolved by sanitizing logging This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data...

5.5CVSS5.8AI score0.00425EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:55 a.m.6 views

CVE-2023-24020

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection, allowing multiple attempts to force a login...

9.8CVSS6.9AI score0.00645EPSS
Exploits0References1
Rows per page
Query Builder