Skip to main content
CVE-2023-0227 MEDIUM POC PATCH This Month

Insufficient Session Expiration in GitHub repository pyload/pyload prior to 0.5.0b3.dev36. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Pyload
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-23457 MEDIUM POC PATCH This Month

A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Upx Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-23456 MEDIUM POC PATCH This Month

A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Denial Of Service Upx Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-0246 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in earclink ESPCMS P8.21120101. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Espcms
NVD VulDB
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-0256 MEDIUM This Month

A vulnerability was found in SourceCodester Online Food Ordering System 2.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Online Food Ordering System
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2023-0042 MEDIUM This Month

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab Open Redirect
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-22597 MEDIUM This Month

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Inrouter302 Firmware Inrouter615 S Firmware
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2023-23455 MEDIUM PATCH This Month

atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Denial Of Service Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-23454 MEDIUM PATCH This Month

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Buffer Overflow Linux Denial Of Service Linux Kernel +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-22488 MEDIUM PATCH This Month

Flarum is a forum software for building communities. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Flarum
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-0257 MEDIUM This Month

A vulnerability was found in SourceCodester Online Food Ordering System 2.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Online Food Ordering System
NVD VulDB
CVSS 3.1
4.7
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy