Skip to main content
CVE-2023-22463 CRITICAL POC PATCH THREAT Act Now

KubePi is a k8s panel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Kubernetes Authentication Bypass Kubepi
NVD GitHub
CVSS 3.1
9.8
EPSS
69.7%
CVE-2023-22457 HIGH POC PATCH THREAT This Week

CKEditor Integration UI adds support for editing wiki pages using CKEditor. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE CSRF Ckeditor Integration
NVD GitHub
CVSS 3.1
8.8
EPSS
18.7%
CVE-2023-0048 HIGH POC PATCH THREAT This Week

Code Injection in GitHub repository lirantal/daloradius prior to master-branch. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Code Injection Daloradius
NVD GitHub
CVSS 3.1
8.8
EPSS
32.3%
CVE-2023-0054 HIGH POC PATCH This Week

Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Vim
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-0051 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-0049 HIGH POC PATCH This Week

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Vim Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-0046 HIGH POC PATCH This Week

Improper Restriction of Names for Files and Other Resources in GitHub repository lirantal/daloradius prior to master-branch. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Daloradius
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2023-22461 MEDIUM POC PATCH This Month

The `sanitize-svg` package, a small SVG sanitizer to prevent cross-site scripting attacks, uses a deny-list-pattern to sanitize SVGs to prevent XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Sanitize Svg
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-22464 MEDIUM POC This Month

ViewVC is a browser interface for CVS and Subversion version control repositories. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Viewvc
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-0055 MEDIUM POC PATCH This Month

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Pyload
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-22465 MEDIUM POC PATCH This Month

Http4s is a Scala interface for HTTP services. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Http4S
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-22467 HIGH PATCH This Week

Luxon is a library for working with dates and times in JavaScript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Luxon
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-22460 HIGH PATCH This Week

go-ipld-prime is an implementation of the InterPlanetary Linked Data (IPLD) spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Go Ipld Prime
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-22466 MEDIUM PATCH This Month

Tokio is a runtime for writing applications with Rust. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Tokio
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy