Security Vulnerabilities in CISA KEV Catalog

CVE-2023-41179

Known Exploited Vulnerability
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.
Max Base Score
7.2
Published 2023-09-19
Updated 2023-09-22
EPSS 0.82%
KEV Added 2023-09-21

CVE-2023-28434

Known Exploited Vulnerability
Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`.
Max Base Score
8.8
Published 2023-03-22
Updated 2023-03-28
EPSS 3.08%
KEV Added 2023-09-19

CVE-2022-31463

Known Exploited Vulnerability
Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetooth commands, because only client-side authentication is used.
Max Base Score
8.2
Published 2022-06-02
Updated 2022-07-08
EPSS 8.09%
KEV Added 2023-09-18

CVE-2022-31462

Known Exploited Vulnerability
Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password (derived from the serial number) that can be found in Bluetooth broadcast data.
Max Base Score
9.3
Published 2022-06-02
Updated 2022-07-08
EPSS 0.61%
KEV Added 2023-09-18

CVE-2022-31461

Known Exploited Vulnerability
Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism via a certain c 11 message.
Max Base Score
7.4
Published 2022-06-02
Updated 2022-08-29
EPSS 5.83%
KEV Added 2023-09-18

CVE-2022-31459

Known Exploited Vulnerability
Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the passcode hash via a certain c 10 value over Bluetooth.
Max Base Score
7.4
Published 2022-06-02
Updated 2022-07-08
EPSS 5.10%
KEV Added 2023-09-18

CVE-2022-22265

Known Exploited Vulnerability
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution.
Max Base Score
7.8
Published 2022-01-10
Updated 2023-06-27
EPSS 0.07%
KEV Added 2023-09-18

CVE-2021-3129

Public exploit exists
Known Exploited Vulnerability
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
Max Base Score
9.8
Published 2021-01-12
Updated 2022-02-22
EPSS 97.52%
KEV Added 2023-09-18

CVE-2017-6884

Known Exploited Vulnerability
A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.
Max Base Score
9.0
Published 2017-04-06
Updated 2017-04-12
EPSS 97.38%
KEV Added 2023-09-18

CVE-2014-8361

Public exploit exists
Known Exploited Vulnerability
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
Max Base Score
10.0
Published 2015-05-01
Updated 2023-09-05
EPSS 97.09%
KEV Added 2023-09-18

CVE-2023-26369

Known Exploited Vulnerability
Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Max Base Score
7.8
Published 2023-09-13
Updated 2023-09-15
EPSS 3.50%
KEV Added 2023-09-14

CVE-2023-35674

Known Exploited Vulnerability
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Max Base Score
7.8
Published 2023-09-11
Updated 2023-09-14
EPSS 0.06%
KEV Added 2023-09-13

CVE-2023-20269

Known Exploited Vulnerability
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following: Identify valid credentials that could then be used to establish an unauthorized remote access VPN session. Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier). Notes: Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured. This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured. Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability.
Max Base Score
9.1
Published 2023-09-06
Updated 2023-09-14
EPSS 2.59%
KEV Added 2023-09-13

CVE-2023-4863

Known Exploited Vulnerability
Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Max Base Score
8.8
Published 2023-09-12
Updated 2023-09-22
EPSS 31.86%
KEV Added 2023-09-13

CVE-2023-36802

Known Exploited Vulnerability
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
Max Base Score
7.8
Published 2023-09-12
Updated 2023-09-14
EPSS 0.04%
KEV Added 2023-09-12

CVE-2023-36761

Known Exploited Vulnerability
Microsoft Word Information Disclosure Vulnerability
Max Base Score
6.2
Published 2023-09-12
Updated 2023-09-14
EPSS 57.13%
KEV Added 2023-09-12

CVE-2023-41064

Known Exploited Vulnerability
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Max Base Score
7.8
Published 2023-09-07
Updated 2023-09-22
EPSS 0.33%
KEV Added 2023-09-11

CVE-2023-41061

Known Exploited Vulnerability
A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Max Base Score
7.8
Published 2023-09-07
Updated 2023-09-12
EPSS 0.07%
KEV Added 2023-09-11

CVE-2023-33246

Public exploit exists
Known Exploited Vulnerability
For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution.  Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content.  To prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x .
Max Base Score
9.8
Published 2023-05-24
Updated 2023-07-12
EPSS 97.15%
KEV Added 2023-09-06

CVE-2023-38831

Public exploit exists
Known Exploited Vulnerability
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Max Base Score
7.8
Published 2023-08-23
Updated 2023-09-08
EPSS 23.88%
KEV Added 2023-08-24

CVE-2023-32315

Public exploit exists
Known Exploited Vulnerability
Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. This permitted an unauthenticated user to use the unauthenticated Openfire Setup Environment in an already configured Openfire environment to access restricted pages in the Openfire Admin Console reserved for administrative users. This vulnerability affects all versions of Openfire that have been released since April 2015, starting with version 3.10.0. The problem has been patched in Openfire release 4.7.5 and 4.6.8, and further improvements will be included in the yet-to-be released first version on the 4.8 branch (which is expected to be version 4.8.0). Users are advised to upgrade. If an Openfire upgrade isn’t available for a specific release, or isn’t quickly actionable, users may see the linked github advisory (GHSA-gw42-f939-fhvm) for mitigation advice.
Max Base Score
8.6
Published 2023-05-26
Updated 2023-07-21
EPSS 96.08%
KEV Added 2023-08-24

CVE-2023-38035

Public exploit exists
Known Exploited Vulnerability
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
Max Base Score
0.0
Published 2023-08-21
Updated 2023-08-21
EPSS 97.01%
KEV Added 2023-08-22

CVE-2023-27532

Known Exploited Vulnerability
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
Max Base Score
7.5
Published 2023-03-10
Updated 2023-03-16
EPSS 0.67%
KEV Added 2023-08-22

CVE-2023-26359

Known Exploited Vulnerability
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.
Max Base Score
9.8
Published 2023-03-23
Updated 2023-03-28
EPSS 53.74%
KEV Added 2023-08-21

CVE-2023-24489

Known Exploited Vulnerability
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.
Max Base Score
9.8
Published 2023-07-10
Updated 2023-07-18
EPSS 96.78%
KEV Added 2023-08-16
1008 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!