Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-29963 1 S-cms 1 S-cms 2025-01-29 7.2 High
S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php.
CVE-2023-27933 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-01-29 6.7 Medium
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app with root privileges may be able to execute arbitrary code with kernel privileges.
CVE-2023-27932 3 Apple, Debian, Redhat 9 Ipados, Iphone Os, Macos and 6 more 2025-01-29 5.5 Medium
This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy.
CVE-2023-27931 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-01-29 5.5 Medium
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.3, tvOS 16.4, watchOS 9.4. An app may be able to access user-sensitive data.
CVE-2024-47978 1 Dell 1 Nativeedge Orchestrator 2025-01-29 7.8 High
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2024-53291 1 Dell 1 Nativeedge Orchestrator 2025-01-29 7.5 High
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2023-31099 1 Zohocorp 1 Manageengine Opmanager 2025-01-29 8.8 High
Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers.
CVE-2023-27963 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2025-01-29 7.5 High
The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A shortcut may be able to use sensitive data with certain actions without prompting the user.
CVE-2023-27962 1 Apple 1 Macos 2025-01-29 5.5 Medium
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to modify protected parts of the file system.
CVE-2023-27959 1 Apple 2 Ipados, Iphone Os 2025-01-29 7.8 High
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges.
CVE-2023-27944 1 Apple 1 Macos 2025-01-29 8.6 High
This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to break out of its sandbox.
CVE-2023-27941 1 Apple 3 Ipados, Iphone Os, Macos 2025-01-29 5.5 Medium
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory.
CVE-2023-29944 1 Metersphere 1 Metersphere 2025-01-29 9.8 Critical
Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench
CVE-2023-28201 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2025-01-29 9.8 Critical
This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution.
CVE-2023-30065 1 Mitrastar 2 Gpt-2741gnac-n2, Gpt-2741gnac-n2 Firmware 2025-01-29 8.8 High
MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was discovered to contain a remote code execution (RCE) vulnerability in the ping function.
CVE-2023-24958 1 Ibm 6 3948-ved, 3948-ved Firmware, 3957-vec and 3 more 2025-01-29 8.8 High
A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320.
CVE-2024-37965 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-01-29 8.8 High
Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2023-28194 1 Apple 2 Ipados, Iphone Os 2025-01-29 3.3 Low
The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen.
CVE-2023-28189 1 Apple 1 Macos 2025-01-29 5.5 Medium
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to view sensitive information.
CVE-2023-28181 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-01-29 7.8 High
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.4, macOS Big Sur 11.7.7, tvOS 16.4, watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges.