Skip to content

Commit

Permalink
Merge pull request #594 from e-m-b-a/known_exploited_update
Browse files Browse the repository at this point in the history
CISA known exploited database update
  • Loading branch information
m-1-k-3 authored Apr 23, 2023
2 parents 640a57e + b65dd37 commit 211cc45
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions config/known_exploited_vulnerabilities.csv
Original file line number Diff line number Diff line change
Expand Up @@ -915,3 +915,9 @@
"CVE-2023-28252","Microsoft","Windows","Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability","2023-04-11","Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.","Apply updates per vendor instructions.","2023-05-02","https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28252"
"CVE-2023-20963","Android","Framework","Android Framework Privilege Escalation Vulnerability","2023-04-13","Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed.","Apply updates per vendor instructions.","2023-05-04","https://source.android.com/docs/security/bulletin/2023-03-01"
"CVE-2023-29492","Novi Survey","Novi Survey","Novi Survey Insecure Deserialization Vulnerability","2023-04-13","Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.","Apply updates per vendor instructions.","2023-05-04","https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx"
"CVE-2019-8526","Apple","macOS","Apple macOS Use-After-Free Vulnerability","2023-04-17","Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.","Apply updates per vendor instructions.","2023-05-08","https://support.apple.com/en-us/HT209600"
"CVE-2023-2033","Google","Chromium V8 Engine","Google Chromium V8 Engine Type Confusion Vulnerability","2023-04-17","Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time.","Apply updates per vendor instructions.","2023-05-08","https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.html"
"CVE-2017-6742","Cisco","IOS and IOS XE Software","Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","2023-04-19","The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.","Apply updates per vendor instructions.","2023-05-10","https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
"CVE-2023-28432","MinIO","MinIO","MinIO Information Disclosure Vulnerability","2023-04-21","MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure.","Apply updates per vendor instructions.","2023-05-12","https://github.com/minio/minio/security/advisories/GHSA-6xvq-wj2x-3h3q"
"CVE-2023-27350","PaperCut","MF/NG","PaperCut MF/NG Improper Access Control Vulnerability","2023-04-21","PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system.","Apply updates per vendor instructions.","2023-05-12","https://www.papercut.com/kb/Main/PO-1216-and-PO-1219"
"CVE-2023-2136","Google","Chrome","Google Chrome Skia Integer Overflow Vulnerability","2023-04-21","Google Chrome Skia contains an integer overflow vulnerability. Specific impacts from exploitation are not available at this time. This vulnerability resides in Skia which serves as the graphics engine for Google Chrome and ChromeOS, Android, Flutter, and other products.","Apply updates per vendor instructions.","2023-05-12","https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html"

0 comments on commit 211cc45

Please sign in to comment.