Skip to main content
CVE-2023-22952 HIGH POC KEV THREAT Act Now

In SugarCRM before 12.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP Sugarcrm
NVD
CVSS 3.1
8.8
EPSS
80.3%
CVE-2023-22959 HIGH POC THREAT This Week

WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php (txtFirstName, txtLastName). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Webchess
NVD GitHub
CVSS 3.1
8.8
EPSS
13.7%
CVE-2023-22947 HIGH POC This Week

Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Service Provider
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2023-20531 HIGH This Week

Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Epyc 7H12 Firmware Epyc 7F72 Firmware Epyc 7F52 Firmware +47
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-20530 HIGH This Week

Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Epyc 7003 Firmware Epyc 72F3 Firmware Epyc 7313 Firmware Epyc 7313P Firmware +20
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-20529 HIGH This Week

Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Epyc 7H12 Firmware Epyc 7F72 Firmware Epyc 7F52 Firmware +47
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-20522 HIGH This Week

Insufficient input validation in ASP may allow an attacker with a malicious BIOS to potentially cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Milanpi Firmware Romepi Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy