Security Vulnerabilities - Known exploited
CVE-2023-37450
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Known exploited
CVSS Score
8.8
EPSS Score
0.0
Published
2023-07-27
CVE-2023-35078
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.
Known exploited
CVSS Score
10.0
EPSS Score
0.945
Published
2023-07-25
CVE-2023-38203
Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
Known exploited
CVSS Score
9.8
EPSS Score
0.943
Published
2023-07-20
CVE-2023-3519
Unauthenticated remote code execution
Known exploited
CVSS Score
9.8
EPSS Score
0.913
Published
2023-07-19
CVE-2023-29298
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
Known exploited
CVSS Score
7.5
EPSS Score
0.943
Published
2023-07-12
CVE-2023-29300
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
Known exploited
CVSS Score
9.8
EPSS Score
0.929
Published
2023-07-12
CVE-2023-36884
Windows Search Remote Code Execution Vulnerability
Known exploited
CVSS Score
7.5
EPSS Score
0.931
Published
2023-07-11
CVE-2023-36874
Windows Error Reporting Service Elevation of Privilege Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.662
Published
2023-07-11
CVE-2023-35311
Microsoft Outlook Security Feature Bypass Vulnerability
Known exploited
CVSS Score
8.8
EPSS Score
0.013
Published
2023-07-11
CVE-2023-32046
Windows MSHTML Platform Elevation of Privilege Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.797
Published
2023-07-11