CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2023-2021 Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-26397 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attack... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-26405 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the ... | 7.8 | HIGH | — | 0 |
| CVE-2023-26406 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the co... | 7.8 | HIGH | — | 0 |
| CVE-2023-26407 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the ... | 7.8 | HIGH | — | 0 |
| CVE-2023-26408 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the co... | 7.8 | HIGH | — | 0 |
| CVE-2023-26417 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of t... | 7.8 | HIGH | — | 0 |
| CVE-2023-26418 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of t... | 7.8 | HIGH | — | 0 |
| CVE-2023-26419 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of t... | 7.8 | HIGH | — | 0 |
| CVE-2023-26420 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of t... | 7.8 | HIGH | — | 0 |
| CVE-2023-26421 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Integer Underflow or Wraparound vulnerability that could result in arbitrary code execution i... | 7.8 | HIGH | — | 0 |
| CVE-2023-26422 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of t... | 7.8 | HIGH | — | 0 |
| CVE-2023-26423 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of t... | 7.8 | HIGH | — | 0 |
| CVE-2023-26424 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of t... | 7.8 | HIGH | — | 0 |
| CVE-2023-26425 Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read pa... | 7.8 | HIGH | — | 0 |
| CVE-2023-26385 Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-28121 An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a re... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-21582 Adobe Digital Editions version 4.5.11.187303 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploit... | 7.8 | HIGH | — | 0 |
| CVE-2023-22235 InCopy versions 18.1 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of ... | 7.8 | HIGH | — | 0 |
| CVE-2023-26383 Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Explo... | 7.8 | HIGH | — | 0 |
| CVE-2023-26384 Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of th... | 7.8 | HIGH | — | 0 |
| CVE-2022-25740 Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface | 9.8 | CRITICAL | — | 0 |
| CVE-2023-29519 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A registered user can perform remote code execution leading to privilege escalation by injectin... | 9.0 | CRITICAL | — | 0 |
| CVE-2023-29520 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to break many translations coming from wiki pages by creating a corrupted documen... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-29521 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leadin... | 8.4 | HIGH | — | 0 |
| CVE-2023-29522 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary script macros including Groovy and Python macro... | 9.9 | CRITICAL | — | 0 |
| CVE-2023-22309 Reflective Cross-Site-Scripting in Webconf in Tribe29 Checkmk Appliance before 1.6.4. | 6.1 | MEDIUM | — | 0 |
| CVE-2023-29523 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can edit their own user profile can execute arbitrary script macros including Groo... | 9.9 | CRITICAL | — | 0 |
| CVE-2023-29524 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute anything with the right of the Scheduler Application sheet page. A use... | 9.9 | CRITICAL | — | 0 |
| CVE-2023-29525 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Affected versions of xwiki are subject to code injection in the `since` parameter of the `/xwik... | 9.9 | CRITICAL | — | 0 |
| CVE-2023-29526 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to display or interact with any page a user cannot access th... | 9.9 | CRITICAL | — | 0 |
| CVE-2023-36742 Visual Studio Code Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-30552 Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are su... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-30553 Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are su... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-30554 Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are su... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-30555 Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases.Affected versions are sub... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-30556 Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are su... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-25792 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XiaoMac WP Open Social plugin <= 5.0 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-30557 Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are su... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-30558 Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. User input coming from t... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-30605 Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. User input coming from t... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-2133 Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security ... | 8.8 | HIGH | — | 0 |
| CVE-2022-36788 A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially-crafted STL file can lead to a heap buffer ov... | 8.1 | HIGH | — | 0 |
| CVE-2023-2134 Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security ... | 8.8 | HIGH | — | 0 |
| CVE-2023-2135 Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted... | 7.5 | HIGH | — | 0 |
| CVE-2023-2137 Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | 8.8 | HIGH | — | 0 |
| CVE-2023-25620 A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when a malicious project file is loaded onto the controller... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-22295 Datakit CrossCadWare_x64.dll contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose se... | 3.3 | LOW | — | 0 |
| CVE-2023-30612 Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. This vulnerability allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP r... | 4.0 | MEDIUM | — | 0 |
| CVE-2023-2169 The TaxoPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Related Posts functionality in versions up to, and including, 3.6.4 due to insufficient input sanitization and o... | 5.5 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.