Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2023-21889 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerab... | 3.8 | LOW | — | 0 |
| CVE-2023-21890 Vulnerability in the Oracle Communications Converged Application Server product of Oracle Communications (component: Core). Supported versions that are affected are 7.1.0 and 8.0.0. Easily exploitab... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-21891 Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Visual Analyzer). Supported versions that are affected are 5.9.0.0.0 and 6.4.0.0.... | 5.4 | MEDIUM | — | 0 |
| CVE-2023-21892 Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Visual Analyzer). Supported versions that are affected are 5.9.0.0.0 and 6.4.0.0.... | 5.4 | MEDIUM | — | 0 |
| CVE-2022-43483 Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could all... | 9.1 | CRITICAL | — | 0 |
| CVE-2023-21894 Vulnerability in the Oracle Global Lifecycle Management NextGen OUI Framework product of Oracle Fusion Middleware (component: NextGen Installer issues). Supported versions that are affected are Prior... | 7.3 | HIGH | — | 0 |
| CVE-2023-21898 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerab... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-21899 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerab... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-21900 Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged att... | 4.0 | MEDIUM | — | 0 |
| CVE-2022-45127 Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of ... | 8.1 | HIGH | — | 0 |
| CVE-2015-10067 A vulnerability was found in oznetmaster SSharpSmartThreadPool. It has been classified as problematic. This affects an unknown part of the file SSharpSmartThreadPool/SmartThreadPool.cs. The manipulati... | 4.6 | MEDIUM | — | 0 |
| CVE-2018-25077 A vulnerability was found in melnaron mel-spintax. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/spintax.js. The manipulation of the argument t... | 3.5 | LOW | — | 0 |
| CVE-2020-36651 A vulnerability has been found in youngerheart nodeserver and classified as critical. Affected by this vulnerability is an unknown functionality of the file nodeserver.js. The manipulation leads to pa... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-41989 Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. This allows an attacker to se... | 9.0 | CRITICAL | — | 0 |
| CVE-2022-43455 Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the service_start, service_stop, and service... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-45722 ezEIP v5.3.0(0649) was discovered to contain a cross-site scripting (XSS) vulnerability. | 6.1 | MEDIUM | — | 0 |
| CVE-2023-21860 Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: Internal Operations). Supported versions that are affected are 7.4.38 and prior, 7.5.28 and prior, 7.6.24 and prior and... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-0358 Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. | 7.8 | HIGH | — | 0 |
| CVE-2010-10007 ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in lierdakil click-reminder. It has been rated as critical. This issue affects the function db_query of the file src/backend/include/BaseActio... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-32490 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRA... | 7.5 | HIGH | — | 0 |
| CVE-2022-34393 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRA... | 7.5 | HIGH | — | 0 |
| CVE-2018-9402 In multiple functions of gl_proc.c, there is a buffer overwrite due to a missing bounds check. This could lead to escalation of privileges in the kernel. | 7.8 | HIGH | — | 0 |
| CVE-2022-34401 Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a... | 7.5 | HIGH | — | 0 |
| CVE-2022-34456 Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of... | 8.8 | HIGH | — | 0 |
| CVE-2022-34460 Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code exe... | 7.5 | HIGH | — | 0 |
| CVE-2015-10068 A vulnerability classified as critical was found in danynab movify-j. This vulnerability affects the function getByMovieId of the file app/business/impl/ReviewServiceImpl.java. The manipulation of the... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-36653 A vulnerability was found in GENI Portal. It has been rated as problematic. Affected by this issue is some unknown functionality of the file portal/www/portal/error-text.php. The manipulation of the a... | 3.5 | LOW | — | 0 |
| CVE-2020-36654 A vulnerability classified as problematic has been found in GENI Portal. This affects the function no_invocation_id_error of the file portal/www/portal/sliceresource.php. The manipulation of the argum... | 3.5 | LOW | — | 0 |
| CVE-2023-0214 A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-spec... | 6.1 | MEDIUM | — | 0 |
| CVE-2022-34399 Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger th... | 5.1 | MEDIUM | — | 0 |
| CVE-2022-34435 Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit... | 2.7 | LOW | — | 0 |
| CVE-2022-34436 Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit... | 2.7 | LOW | — | 0 |
| CVE-2022-34457 Dell command configuration, version 4.8 and prior, contains improper folder permission when installed not to default path but to non-secured path which leads to privilege escalation. This is critical... | 7.3 | HIGH | — | 0 |
| CVE-2017-20172 A vulnerability was found in ridhoq soundslike. It has been classified as critical. Affected is the function get_song_relations of the file app/api/songs.py. The manipulation leads to sql injection. T... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-45103 Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exp... | 6.5 | MEDIUM | — | 0 |
| CVE-2011-10001 A vulnerability was found in iamdroppy phoenixcf. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file content/2-Community/articles.cfm. The manipul... | 5.5 | MEDIUM | — | 0 |
| CVE-2012-10006 A vulnerability classified as critical has been found in ale7714 sigeprosi. This affects an unknown part. The manipulation leads to sql injection. The identifier of the patch is 5291886f6c992316407c37... | 5.5 | MEDIUM | — | 0 |
| CVE-2017-20173 A vulnerability was found in AlexRed contentmap. It has been rated as critical. Affected by this issue is the function Load of the file contentmap.php. The manipulation of the argument contentid leads... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-21601 Adobe Dimension version 3.4.6 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mi... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-21603 Adobe Dimension version 3.4.6 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypa... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-47990 IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code ex... | 6.2 | MEDIUM | — | 0 |
| CVE-2023-21579 Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in... | 7.8 | HIGH | — | 0 |
| CVE-2023-21581 Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-21585 Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-21604 Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arb... | 7.8 | HIGH | — | 0 |
| CVE-2023-21605 Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbi... | 7.8 | HIGH | — | 0 |
| CVE-2023-22592 IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. IBM X-Force ID: 244073. | 4.0 | MEDIUM | — | 0 |
| CVE-2023-21606 Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary ... | 7.8 | HIGH | — | 0 |
| CVE-2023-21607 Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbi... | 7.8 | HIGH | — | 0 |
| CVE-2023-21609 Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary ... | 7.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.