Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
Use After Free in GitHub repository mruby/mruby prior to 3.2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
Vapor is an HTTP web framework for Swift. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Waitress is a Web Server Gateway Interface server for Python 2 and 3. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.
SSH.NET is a Secure Shell (SSH) library for .NET. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.
Chat Server is the chat server for Vartalap, an open-source messaging application. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function isFileOutsideDir fails to sanitize the user input which may lead to path traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
eLabFTW is an electronic lab notebook manager for research teams. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
github-action-merge-dependabot is an action that automatically approves and merges dependabot pull requests (PRs). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19.0.0.1 through 19.0.0.3, 18.0.0.0 through 18.0.0.1, IBM Business Automation Workflow containers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
XWiki Platform Filter UI provides a generic user interface to convert from a XWiki Filter input stream to an output stream with settings for each stream. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.