Skip to main content
CVE-2023-0642 MEDIUM POC PATCH This Month

Cross-Site Request Forgery (CSRF) in GitHub repository squidex/squidex prior to 7.4.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Squidex
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-0637 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tew 811dru Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-0643 MEDIUM POC PATCH This Month

Improper Handling of Additional Special Element in GitHub repository squidex/squidex prior to 7.4.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Squidex
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-23120 MEDIUM POC This Month

The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Tv Ip651Wi Firmware
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-23119 MEDIUM POC This Month

The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes Ubiquiti airFiber AF2X Radio firmware version 3.2.2 and earlier vulnerable to firmware. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Ubiquiti Authentication Bypass Af 2X Firmware
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-0650 MEDIUM POC PATCH This Month

A vulnerability was found in YAFNET up to 3.1.11 and classified as problematic. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Yaf Net
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-25012 MEDIUM POC This Month

The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
4.6
EPSS
0.8%
CVE-2023-25015 MEDIUM PATCH This Month

Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Clockwork Web
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-0639 MEDIUM This Month

A vulnerability was found in TRENDnet TEW-652BRP 3.04b01 and classified as problematic.ccp of the component Web Management Interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Tew 652Brp Firmware
NVD VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-46842 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in JS Help Desk plugin <= 2.7.1 versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Js Help Desk
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2022-46815 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Conditional Shipping For Woocommerce
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2022-45807 MEDIUM This Month

Cross-Site Request Forgery (CSRF) in WPVibes WP Mail Log plugin <= 1.0.1 versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Wp Mail Log
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2022-40692 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WP Sunshine Sunshine Photo Cart plugin <= 2.9.13 versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Sunshine Photo Cart
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-0651 MEDIUM This Month

A vulnerability was found in FastCMS 0.1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Fastcms
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.8%
CVE-2022-45067 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in DevsCred Exclusive Addons Elementor plugin <= 2.6.1 versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Exclusive Addons For Elementor Elementor
NVD
CVSS 3.1
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy