Skip to main content
CVE-2023-22477 HIGH POC PATCH This Week

Mercurius is a GraphQL adapter for Fastify. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Mercurius
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-22472 HIGH PATCH This Week

Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

Microsoft CSRF Nextcloud Desktop
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2023-0036 HIGH This Week

platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Openharmony
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-0035 HIGH This Week

softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Openharmony
NVD
CVSS 3.1
7.8
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy