Skip to main content
CVE-2023-22855 CRITICAL POC THREAT Act Now

Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Kardex Control Center
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
14.8%
CVE-2023-25765 CRITICAL PATCH Act Now

In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Jenkins Email Extension
NVD
CVSS 3.1
9.9
EPSS
1.1%
CVE-2023-0849 CRITICAL Act Now

A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Wndr3700 Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
2.8%
CVE-2023-23462 CRITICAL Act Now

Libpeconv - integer overflow, before commit 75b1565 (30/11/2022). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Libpeconv
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-23461 CRITICAL Act Now

Libpeconv - access violation, before commit b076013 (30/11/2022). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Libpeconv
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-23460 CRITICAL Act Now

Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Priority
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-23459 CRITICAL Act Now

Priority Windows may allow Command Execution via SQL Injection using an unspecified method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft SQLi Priority
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-22807 CRITICAL Act Now

LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-22804 CRITICAL Act Now

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-25156 CRITICAL PATCH Act Now

Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Kiwi Tcms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-0102 CRITICAL Act Now

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its deletion command. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xbc Dn32U Firmware
NVD
CVSS 3.1
9.1
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy