Security Vulnerabilities - Known exploited
CVE-2023-29298
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
Known exploited
CVSS Score
7.5
EPSS Score
0.943
Published
2023-07-12
CVE-2023-29300
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
Known exploited
CVSS Score
9.8
EPSS Score
0.937
Published
2023-07-12
CVE-2023-36884
Windows Search Remote Code Execution Vulnerability
Known exploited
CVSS Score
7.5
EPSS Score
0.932
Published
2023-07-11
CVE-2023-36874
Windows Error Reporting Service Elevation of Privilege Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.712
Published
2023-07-11
CVE-2023-35311
Microsoft Outlook Security Feature Bypass Vulnerability
Known exploited
CVSS Score
8.8
EPSS Score
0.005
Published
2023-07-11
CVE-2023-32046
Windows MSHTML Platform Elevation of Privilege Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.427
Published
2023-07-11
CVE-2023-32049
Windows SmartScreen Security Feature Bypass Vulnerability
Known exploited
CVSS Score
8.8
EPSS Score
0.091
Published
2023-07-11
CVE-2023-24489
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.
Known exploited
CVSS Score
9.8
EPSS Score
0.944
Published
2023-07-10
CVE-2023-34192
Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.
Known exploited
CVSS Score
9.0
EPSS Score
0.89
Published
2023-07-06
CVE-2023-21237
In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or insufficient UI. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251586912
Known exploited
CVSS Score
5.5
EPSS Score
0.007
Published
2023-06-28