Security Vulnerabilities - Known exploited
CVE-2023-23752
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
Known exploited
CVSS Score
5.3
EPSS Score
0.945
Published
2023-02-16
CVE-2023-21823
Windows Graphics Component Remote Code Execution Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.052
Published
2023-02-14
CVE-2023-23376
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.211
Published
2023-02-14
CVE-2023-21715
Microsoft Publisher Security Feature Bypass Vulnerability
Known exploited
CVSS Score
7.3
EPSS Score
0.007
Published
2023-02-14
CVE-2023-21529
Microsoft Exchange Server Remote Code Execution Vulnerability
Known exploited
CVSS Score
8.8
EPSS Score
0.289
Published
2023-02-14
CVE-2023-25717
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.
Known exploited
CVSS Score
9.8
EPSS Score
0.942
Published
2023-02-13
CVE-2022-24990
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response.
Known exploited
CVSS Score
7.5
EPSS Score
0.944
Published
2023-02-07
CVE-2023-0669
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
Known exploited
CVSS Score
7.2
EPSS Score
0.944
Published
2023-02-06
CVE-2023-0266
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e
Known exploited
CVSS Score
7.9
EPSS Score
0.002
Published
2023-01-30
CVE-2023-21608
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Known exploited
CVSS Score
7.8
EPSS Score
0.791
Published
2023-01-18