Skip to main content
CVE-2023-23926 HIGH POC PATCH This Week

APOC (Awesome Procedures on Cypher) is an add-on library for Neo4j. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XXE Awesome Procedures On Cyper
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
CVE-2023-0568 HIGH POC This Week

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

PHP Authentication Bypass
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2023-0866 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Gpac
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-25173 HIGH POC PATCH This Week

containerd is an open source container runtime. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Containerd
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-0860 HIGH POC PATCH This Week

Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Installer
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-23781 HIGH This Week

A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Fortinet RCE Fortiweb
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-23780 HIGH This Week

A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through 6.3.19, Fortinet FortiWeb 6.4 all versions allows attacker to escalation of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Fortinet Privilege Escalation Fortiweb
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-23779 HIGH This Week

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Fortinet Command Injection Fortiweb
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-22579 HIGH PATCH This Week

Due to improper parameter filtering in the sequalize js library, can a attacker peform injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Code Injection Sequelize
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-0862 HIGH This Week

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Netmodule Router Software
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2023-0861 HIGH This Week

NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Netmodule Router Software
NVD
CVSS 3.1
8.8
EPSS
28.7%
CVE-2023-23947 HIGH PATCH This Week

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Kubernetes Authentication Bypass Argo Cd
NVD GitHub
CVSS 3.1
8.5
EPSS
0.7%
CVE-2023-25602 HIGH This Week

A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Fortinet Fortiweb
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-23783 HIGH This Week

A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Authentication Bypass Fortiweb
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-23782 HIGH This Week

A heap-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb version 6.3.0 through 6.3.19, FortiWeb 6.4 all versions, FortiWeb 6.2 all versions, FortiWeb 6.1 all versions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Fortinet Heap Overflow Fortiweb
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-24485 HIGH PATCH This Week

Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Citrix Workspace
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-24483 HIGH This Week

A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Citrix Virtual Apps And Desktops
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-25653 HIGH PATCH This Week

node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for web browsers and node.js-based servers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js Denial Of Service Node Jose
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-24807 HIGH PATCH This Week

Undici is an HTTP/1.1 client for Node.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js Denial Of Service Undici
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-22580 HIGH PATCH This Week

Due to improper input filtering in the sequalize js library, can malicious queries lead to sensitive information disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sequelize
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-0662 HIGH This Week

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service PHP
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy