Skip to main content
CVE-2023-0247 HIGH POC PATCH This Week

Uncontrolled Search Path Element in GitHub repository bits-and-blooms/bloom prior to 3.3.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Bloom
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-22601 HIGH This Week

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Inrouter302 Firmware Inrouter615 S Firmware
NVD
CVSS 3.1
8.6
EPSS
0.6%
CVE-2023-22600 HIGH This Week

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-284: Improper Access Control. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Inrouter302 Firmware Inrouter615 S Firmware
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2023-0254 HIGH PATCH This Week

The Simple Membership WP user Import plugin for WordPress is vulnerable to SQL Injection via the ‘orderby’ parameter in versions up to, and including, 1.7 due to insufficient escaping on the user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

SQLi WordPress Simple Membership Wp User Import
NVD VulDB
CVSS 3.1
7.2
EPSS
0.7%
CVE-2023-22598 HIGH This Week

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-78: Improper Neutralization of Special Elements. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Inrouter302 Firmware Inrouter615 S Firmware
NVD
CVSS 3.1
7.2
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy