cve.circl.lu
Open in
urlscan Pro
2a00:5980:93::128
Public Scan
Submitted URL: http://cve.circl.lu/
Effective URL: https://cve.circl.lu/
Submission: On October 15 via api from NL — Scanned from NL
Effective URL: https://cve.circl.lu/
Submission: On October 15 via api from NL — Scanned from NL
Form analysis 2 forms found in the DOM
GET
<form id="tfnewsearch" method="get" class="input-group navbar-form" onsubmit="redirect(); return false;">
<input type="text" class="form-control input-sm" id="search" placeholder="Search CVE">
<span class="input-group-btn">
<input type="submit" class="btn btn-default input-sm" value="search">
</span>
</form>POST /r/0
<form method="POST" action="/r/0" id="filter" class="nav form-search">
<table class="searchTable">
<tbody>
<tr>
<td class="text">Time</td>
<td colspan="5">
<select onchange="timeSelectDisable()" name="timeSelect" id="timeSelect">
<option value="all">All</option>
<option value="from">From</option>
<option value="until">Until</option>
<option value="between">Between</option>
<option value="outside">Not During</option>
</select>
<input type="date" placeholder="Start date" name="startDate" id="startDate" readonly="" title="Date in dd/mm/yyyy or dd/mm/yy format, using / or -"
pattern="^(?:(?:31(-|\/)(?:0?[13578]|1[02]))\1|(?:(?:29|30)(-|\/)(?:0?[1,3-9]|1[0-2])\2))(?:(?:1[6-9]|[2-9]\d)?\d{2})$|^(?:29(-|\/)0?2\3(?:(?:(?:1[6-9]|[2-9]\d)?(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])00))))$|^(?:0?[1-9]|1\d|2[0-8])(-|\/)(?:(?:0?[1-9])|(?:1[0-2]))\4(?:(?:1[6-9]|[2-9]\d)?\d{2})$">
<input type="date" placeholder="End date" name="endDate" id="endDate" readonly="" title="Date in dd/mm/yyyy or dd/mm/yy format, using / or -"
pattern="^(?:(?:31(-|\/)(?:0?[13578]|1[02]))\1|(?:(?:29|30)(-|\/)(?:0?[1,3-9]|1[0-2])\2))(?:(?:1[6-9]|[2-9]\d)?\d{2})$|^(?:29(-|\/)0?2\3(?:(?:(?:1[6-9]|[2-9]\d)?(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])00))))$|^(?:0?[1-9]|1\d|2[0-8])(-|\/)(?:(?:0?[1-9])|(?:1[0-2]))\4(?:(?:1[6-9]|[2-9]\d)?\d{2})$">
<select name="timeTypeSelect" id="timeTypeSelect" readonly="">
<option value="Modified">Last Major Update</option>
<option value="Published">Published</option>
<option value="last-modified">Last Update</option>
</select>
</td>
</tr>
<tr>
<td class="text">CVSS</td>
<td>
<select name="cvssSelect" id="cvssSelect" onchange="cvssSelectDisable()">
<option value="all">All</option>
<option value="above">Above</option>
<option value="equals">Equals</option>
<option value="below">Below</option>
</select>
<input name="cvss" id="cvss" type="number" readonly="" min="0" max="10" step="0.5" value="0">
</td>
<td>Rejected</td>
<td>
<select name="rejectedSelect" id="rejectedSelect">
<option value="hide">Hide</option>
<option value="show">Show</option>
</select>
</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
<input type="submit" value="Search">
</form>Text Content
* Recent CVE
* Browse CVE per vendor
* Browse CWEs
*
* About
Hide/Show filter
Time All From Until Between Not During Last Major Update Published Last Update
CVSS All Above Equals Below Rejected Hide Show
* «
* 1
* 2
* 3
* 4
* 5
* 6
* 7
* 8
* 9
* ..
* 4353
* 4354
* »
IDCVSSSummaryLast (major) updatePublished CVE-2023-44487 None
The HTTP/2 protocol allows a denial of service (server resource consumption)
because request cancellation can reset many streams quickly, as exploited in the
wild in August through October 2023.
15-10-2023 - 04:15 10-10-2023 - 14:15 CVE-2023-43788 None
A vulnerability was found in libXpm due to a boundary condition within the
XpmCreateXpmImageFromBuffer() function. This flaw allows a local to trigger an
out-of-bounds read error and read the contents of memory on the system.
15-10-2023 - 04:15 10-10-2023 - 13:15 CVE-2023-43655 None
Composer is a dependency manager for PHP. Users publishing a composer.phar to a
public web-accessible server where the composer.phar can be executed as a php
file may be subject to a remote code execution vulnerability if PHP also has
`register_argc_
15-10-2023 - 04:15 29-09-2023 - 20:15 CVE-2023-43115 None
In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote
code execution via crafted PostScript documents because they can switch to the
IJS device, or change the IjsServer parameter, after SAFER has been activated.
NOTE: it is
15-10-2023 - 04:15 18-09-2023 - 08:15 CVE-2023-36053 None
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3,
EmailValidator and URLValidator are subject to a potential ReDoS (regular
expression denial of service) attack via a very large number of domain name
labels of emails and URLs.
15-10-2023 - 04:15 03-07-2023 - 13:15 CVE-2023-40378 None
IBM Directory Server for IBM i contains a local privilege escalation
vulnerability. A malicious actor with command line access to the host operating
system can elevate privileges to gain component access to the host operating
system. IBM X-Force ID
15-10-2023 - 02:15 15-10-2023 - 02:15 CVE-2022-34674 None
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode
layer handler, where a helper function maps more physical pages than were
requested, which may lead to undefined behavior or an information leak.
15-10-2023 - 02:12 30-12-2022 - 23:15 CVE-2022-34673 None
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode
layer (nvidia.ko), where an out-of-bounds array access may lead to denial of
service, information disclosure, or data tampering.
15-10-2023 - 02:10 30-12-2022 - 23:15 CVE-2022-28183 3.6
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the
kernel mode layer, where an unprivileged regular user can cause an out-of-bounds
read, which may lead to denial of service and information disclosure.
15-10-2023 - 02:08 17-05-2022 - 20:15 CVE-2023-28198 None
A use-after-free issue was addressed with improved memory management. This issue
is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content
may lead to arbitrary code execution.
15-10-2023 - 02:06 14-08-2023 - 23:15 CVE-2022-34670 None
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode
layer handler, where an unprivileged regular user can cause truncation errors
when casting a primitive to a primitive of smaller size causes data to be lost
in the conver
15-10-2023 - 02:06 30-12-2022 - 23:15 CVE-2022-34665 None
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the
kernel mode layer, where a local user with basic capabilities can cause a
null-pointer dereference, which may lead to denial of service.
15-10-2023 - 02:05 19-11-2022 - 00:15 CVE-2022-31615 None
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode
layer, where a local user with basic capabilities can cause a null-pointer
dereference, which may lead to denial of service.
15-10-2023 - 02:04 19-11-2022 - 00:15 CVE-2022-31608 None
NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional
D-Bus configuration file, where a local user with basic capabilities can impact
protected D-Bus endpoints, which may lead to code execution, denial of service,
escalation of
15-10-2023 - 02:03 19-11-2022 - 00:15 CVE-2023-30058 None
novel-plus 3.6.2 is vulnerable to SQL Injection.
15-10-2023 - 02:01 11-09-2023 - 16:15 CVE-2023-40397 None
The issue was addressed with improved checks. This issue is fixed in macOS
Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code
execution.
15-10-2023 - 02:01 06-09-2023 - 21:15 CVE-2023-32370 None
A logic issue was addressed with improved validation. This issue is fixed in
macOS Ventura 13.3. Content Security Policy to block domains with wildcards may
fail.
15-10-2023 - 02:01 06-09-2023 - 02:15 CVE-2022-31607 None
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode
layer (nvidia.ko), where a local user with basic capabilities can cause improper
input validation, which may lead to denial of service, escalation of privileges,
data tam
15-10-2023 - 02:00 19-11-2022 - 00:15 CVE-2022-34666 None
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the
kernel mode layer, where a local user with basic capabilities can cause a
null-pointer dereference, which may lead to denial of service.
15-10-2023 - 01:59 10-11-2022 - 16:15 CVE-2022-28185 3.6
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the
ECC layer, where an unprivileged regular user can cause an out-of-bounds write,
which may lead to denial of service and data tampering.
15-10-2023 - 01:58 17-05-2022 - 20:15 CVE-2023-0199 None
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the
kernel mode layer handler, where an out-of-bounds write can lead to denial of
service and data tampering.
15-10-2023 - 01:57 22-04-2023 - 03:15 CVE-2023-4875 None
Null pointer dereference when composing from a specially crafted draft message
in Mutt >1.5.2 <2.2.12
15-10-2023 - 01:55 09-09-2023 - 15:15 CVE-2022-28184 4.6
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the
kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an
unprivileged regular user can access administrator- privileged registers, which
may lead to denial of
15-10-2023 - 01:55 17-05-2022 - 20:15 CVE-2023-4874 None
Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2
<2.2.12
15-10-2023 - 01:54 09-09-2023 - 15:15 CVE-2023-44119 None
Vulnerability of mutual exclusion management in the kernel module.Successful
exploitation of this vulnerability will affect availability.
15-10-2023 - 01:51 11-10-2023 - 13:15 CVE-2023-44118 None
Vulnerability of undefined permissions in the MeeTime module.Successful
exploitation of this vulnerability will affect availability and confidentiality.
15-10-2023 - 01:50 11-10-2023 - 13:15 CVE-2023-44116 None
Vulnerability of access permissions not being strictly verified in the APPWidget
module.Successful exploitation of this vulnerability may cause some apps to run
without being authorized.
15-10-2023 - 01:49 11-10-2023 - 13:15 CVE-2023-44106 None
API permission management vulnerability in the Fwk-Display module.Successful
exploitation of this vulnerability may cause features to perform abnormally.
15-10-2023 - 01:47 11-10-2023 - 12:15 CVE-2023-44108 None
Type confusion vulnerability in the distributed file module.Successful
exploitation of this vulnerability may cause the device to restart.
15-10-2023 - 01:44 11-10-2023 - 13:15 CVE-2023-44107 None
Vulnerability of defects introduced in the design process in the screen
projection module.Successful exploitation of this vulnerability may affect
service availability and integrity.
15-10-2023 - 01:38 11-10-2023 - 13:15 CVE-2023-45871 None
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB
driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for
frames larger than the MTU.
15-10-2023 - 01:15 15-10-2023 - 01:15 CVE-2023-5586 None
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV.
15-10-2023 - 01:15 15-10-2023 - 01:15 CVE-2023-5585 None
A vulnerability was found in SourceCodester Online Motorcycle Rental System 1.0.
It has been declared as problematic. This vulnerability affects unknown code of
the file /admin/?page=bike of the component Bike List. The manipulation of the
argument M
15-10-2023 - 00:15 15-10-2023 - 00:15 CVE-2022-44729 None
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation
Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On
version 1.16, a malicious SVG could trigger loading external resources by
default, causin
15-10-2023 - 00:15 22-08-2023 - 19:16 CVE-2022-44730 None
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation
Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A
malicious SVG can probe user profile / data and send it directly as parameter to
a URL.
15-10-2023 - 00:15 22-08-2023 - 19:16 CVE-2022-38398 None
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics
allows an attacker to load a url thru the jar protocol. This issue affects
Apache XML Graphics Batik 1.14.
15-10-2023 - 00:15 22-09-2022 - 15:15 CVE-2022-38648 None
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics
allows an attacker to fetch external resources. This issue affects Apache XML
Graphics Batik 1.14.
15-10-2023 - 00:15 22-09-2022 - 15:15 CVE-2022-40146 None
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics
allows an attacker to access files using a Jar url. This issue affects Apache
XML Graphics Batik 1.14.
15-10-2023 - 00:15 22-09-2022 - 15:15 CVE-2020-11987 6.4
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by
improper input validation by the NodePickerPanel. By using a specially-crafted
argument, an attacker could exploit this vulnerability to cause the underlying
server to make arb
15-10-2023 - 00:15 24-02-2021 - 18:15 CVE-2023-45862 None
An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250
reader driver in the Linux kernel before 6.2.5. An object could potentially
extend beyond the end of an allocation.
14-10-2023 - 21:15 14-10-2023 - 21:15 CVE-2023-45863 None
An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With
root access, an attacker can trigger a race condition that results in a
fill_kobj_path out-of-bounds write.
14-10-2023 - 21:15 14-10-2023 - 21:15 CVE-2023-4911 None
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so
while processing the GLIBC_TUNABLES environment variable. This issue could allow
a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables
when launch
14-10-2023 - 21:15 03-10-2023 - 18:15 CVE-2022-43740 None
IBM Security Verify Access OIDC Provider could allow a remote user to cause a
denial of service due to uncontrolled resource consumption. IBM X-Force ID:
238921.
14-10-2023 - 17:32 14-10-2023 - 16:15 CVE-2022-43868 None
IBM Security Verify Access OIDC Provider could disclose directory information
that could aid attackers in further attacks against the system. IBM X-Force ID:
239445.
14-10-2023 - 17:32 14-10-2023 - 16:15 CVE-2023-35024 None
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2,
19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is
vulnerable to cross-site scripting. This vulnerability allows users to embed
arbitrary JavaScr
14-10-2023 - 17:32 14-10-2023 - 16:15 CVE-2023-45176 None
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through
12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 are vulnerable to a
denial of service for integration nodes on Windows. IBM X-Force ID: 247998.
14-10-2023 - 17:32 14-10-2023 - 16:15 CVE-2023-30994 None
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that
could allow an attacker to decrypt highly sensitive information. IBM X-Force ID:
254138
14-10-2023 - 17:32 14-10-2023 - 17:15 CVE-2023-40367 None
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability
allows users to embed arbitrary JavaScript code in the Web UI thus altering the
intended functionality potentially leading to credentials disclosure within a
trusted sess
14-10-2023 - 17:32 14-10-2023 - 17:15 CVE-2023-5582 None
A vulnerability, which was classified as problematic, has been found in ZZZCMS
2.2.0. This issue affects some unknown processing of the component Personal
Profile Page. The manipulation leads to basic cross site scripting. The attack
may be initiated
14-10-2023 - 17:32 14-10-2023 - 14:15 CVE-2022-32755 None
IBM Security Directory Server 6.4.0 is vulnerable to an XML External Entity
Injection (XXE) attack when processing XML data. A remote attacker could exploit
this vulnerability to expose sensitive information or consume memory resources.
IBM X-Force
14-10-2023 - 17:32 14-10-2023 - 15:15
Back to Top Mark selected
* «
* 1
* 2
* 3
* 4
* 5
* 6
* 7
* 8
* 9
* ..
* 4353
* 4354
* »
Back to Top