ALERTS

Alertas de Vulnerabilidades

Saiba quais foram as últimas Notícias e Falhas de Segurança

ALERTS

Alertas de Vulnerabilidades e Exposições Comuns

última atualização desta página a 2024-01-16 @ 16:42:46

Estes alertas, são fornecidas pela Base de Dados de Vulnerabilidades do National Institute of Standards and Technology | NIST

O QUE É UMA VULNERABILIDADE ?

CVE significa Common Vulnerabilities and Exposures, que em português pode ser traduzido como "Vulnerabilidades e Exposições Comuns". O CVE é um dicionário de identificadores exclusivos para vulnerabilidades de segurança em software e hardware. Cada identificador CVE é único e é usado para acompanhar e fornecer informações sobre vulnerabilidades específicas. Esses identificadores ajudam a facilitar a comunicação e o compartilhamento de informações entre pesquisadores, empresas de segurança e usuários finais, permitindo uma melhor compreensão e mitigação de riscos de segurança.


  • 8.1 HIGH CVE-2023-35628 Windows MSHTML Platform Remote Code Execution Vulnerability
  • 8.8 HIGH CVE-2023-35630 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
  • 6.5 MEDIUM CVE-2023-35636 Microsoft Outlook Information Disclosure Vulnerability
  • 8.8 HIGHL CVE-2023-35639 Microsoft ODBC Driver Remote Code Execution Vulnerability
  • 8.8 HIGH CVE-2023-35641 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
  • 6.5 MEDIUM CVE-2023-35642 Internet Connection Sharing (ICS) Denial-of-Service Vulnerability
  • 9.6 CRITICAL CVE-2023-36019 Microsoft Power Platform Connector Spoofing Vulnerability
  • 7.5 HIGH CVE-2023-35638 DHCP Server Service Denial-of-Service Vulnerability
  • 7.5 HIGH CVE-2023-35643 DHCP Server Service Information Disclosure Vulnerability
  • 5.3 MEDIUM CVE-2023-36012 DHCP Server Service Information Disclosure Vulnerability

  • 9.8 CRITICAL CVE-2023-47246 SysAid Server Path Traversal Vulnerability
  • 5.3 MEDIUM CVE-2023-36844 Juniper Junos OS EX Series PHP External Variable Modification Vulnerability
  • N/A CVE-2023-36845 Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability
  • 5.3 MEDIUM CVE-2023-36846 Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability
  • 5.3 MEDIUM CVE-2023-36851 Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability
  • 7.5 HIGH CVE-2023-29552 Service Location Protocol (SLP) Denial-of-Service Vulnerability
  • 10.0 CRITICAL CVE-2023-22518 Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
  • 10.0 CRITICAL CVE-2023-46604 Apache ActiveMQ Deserialization of Untrusted Data Vulnerability
  • 9.8 CRITICAL CVE-2023-46747 F5 BIG-IP Authentication Bypass Vulnerability
  • 8.8 HIGH CVE-2023-46748 F5 BIG-IP SQL Injection Vulnerability
  • 5.5 MEDIUM CVE-2023-4211 Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
  • 10.0 CRITICAL CVE-2023-20198 Cisco IOS XE Web UI Privilege Escalation Vulnerability
  • 10.0 CRITICAL CVE-2023-41721 UniFi Network Application
  • 7.8 HIGH CVE-2023-21608 Adobe Acrobat and Reader Use-After-Free Vulnerability
  • 6.6 MEDIUM CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
  • 5.3 MEDIUM CVE-2023-41763 Microsoft Skype for Business Privilege Escalation Vulnerability
  • 6.5 MEDIUM CVE-2023-36563 Microsoft WordPad Information Disclosure Vulnerability
  • 7.5 HIGH CVE-2023-44487 HTTP/2 Rapid Reset Attack Vulnerability
  • 8.8 HIGH CVE-2023-5217 Google Chrome libvpx Heap Buffer Overflow Vulnerability
  • 5.5 MEDIUM CVE-2023-41991 Apple Multiple Products Improper Certificate Validation Vulnerability
  • 7.8 HIGH CVE-2023-41992 Apple Multiple Products Kernel Privilege Escalation Vulnerability
  • 9.8 CRITICAL CVE-2023-41993 Apple Multiple Products WebKit Code Execution Vulnerability
  • 7.8 HIGH CVE-2023-38831 RARLAB WinRAR Code Execution Vulnerability
  • 9.8 CRITICAL CVE-2023-38035 Ivanti Sentry Authentication Bypass Vulnerability
  • 8.8 HIGH CVE-2023-36884 Microsoft Office and Windows HTML Remote Code Execution Vulnerability
  • 7.8 HIGH CVE-2023-36874 Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability
  • 7.8 HIGH CVE-2023-36802 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
  • 6.2 MEDIUM CVE-2023-36761 Microsoft Word Information Disclosure Vulnerability
  • 7.8 HIGH CVE-2023-36631 Lack of access control in wfc.exe in Malwarebytes Binisoft
  • 8.8 HIGH CVE-2023-35311 Microsoft Outlook Security Feature Bypass Vulnerability
  • 10.0 CRITICAL CVE-2023-35078 Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability
  • 5.4 MEDIUM CVE-2023-34830 i-doit Open v24 was discovered to contain a reflected cross-site scripting (XSS) vulnerability
  • 5.3 MEDIUM CVE-2023-34099 Shopware is an open source e-commerce software.
  • 9.8 CRITICAL CVE-2023-33246 Apache RocketMQ Command Execution Vulnerability
  • 8.8 HIGH CVE-2023-32049 Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability
  • 7.8 HIGH CVE-2023-32046 Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability
  • 8.8 HIGH CVE-2023-3079 Google Chromium V8 Type Confusion Vulnerability
  • 8.8 HIGH CVE-2023-28434 MinIO Security Feature Bypass Vulnerability
  • 9.8 CRITICAL CVE-2023-27997 Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
  • 7.5 HIGH CVE-2023-27532 Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability
  • 7.5 HIGH CVE-2023-27532 Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability
  • 7.8 HIGH CVE-2023-26369 Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability
  • 9.8 CRITICAL CVE-2023-24489 Citrix Content Collaboration ShareFile Improper Access Control Vulnerability
  • 9.8 CRITICAL CVE-2023-20887 VMware Aria Operations for Networks Command Injection Vulnerability
  • Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
  • 9.8 CRITICAL CVE-2022-31199 Netwrix Auditor Insecure Object Deserialization Vulnerability
  • 9.8 CRITICAL CVE-2022-29303 SolarView Compact Command Injection Vulnerability
  • 9.8 CRITICAL CVE-2021-44026 Roundcube Webmail SQL Injection Vulnerability
  • 5.5 MEDIUM CVE-2021-25489 Samsung Mobile Devices Improper Input Validation Vulnerability
  • 7.8 HIGH CVE-2021-25487 Samsung Mobile Devices Out-of-Bounds Read Vulnerability
  • 6.4 MEDIUM CVE-2021-25395 Samsung Mobile Devices Race Condition Vulnerability
  • 6.4 MEDIUM CVE-2021-25394 Samsung Mobile Devices Race Condition Vulnerability
  • 6.7 MEDIUM CVE-2021-25372 Samsung Mobile Devices Improper Boundary Check Vulnerability
  • 6.7 MEDIUM CVE-2021-25371 Samsung Mobile Devices Unspecified Vulnerability
  • 6.1 MEDIUM CVE-2020-35730 Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability
  • 9.8 CRITICAL CVE-2020-12641 Roundcube Webmail Remote Code Execution Vulnerability
  • 7.8 HIGH CVE-2019-20500 D-Link DWL-2600AP Access Point Command Injection Vulnerability
  • 9.8 CRITICA CVE-2019-17621 D-Link DIR-859 Router Command Execution Vulnerability