Skip to main content
CVE-2022-45701 HIGH POC THREAT Act Now

Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 45.3%.

Command Injection RCE Arris Tg2482A Firmware Arris Tg2492 Firmware Arris Sbg10 Firmware
NVD GitHub Exploit-DB VulDB
CVSS 3.1
8.8
EPSS
45.3%
Threat
4.6
CVE-2023-24078 HIGH POC THREAT This Week

Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Fuguhub
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
53.2%
CVE-2023-0877 HIGH POC PATCH This Week

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Code Injection Froxlor
NVD GitHub
CVSS 3.1
8.8
EPSS
3.9%
CVE-2023-24329 HIGH POC PATCH THREAT This Week

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Python Authentication Bypass Fedora Active Iq Unified Manager Management Services For Element Software +2
NVD GitHub
CVSS 3.1
7.5
EPSS
20.5%
CVE-2023-23007 HIGH POC This Week

An issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are added. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Espcms
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2023-0882 HIGH PATCH This Week

Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse.16. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Single Connect
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2023-0822 HIGH This Week

The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization, which could allow an unauthorized user to bypass authorization and access privileged functionality. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Diaenergie
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-23923 HIGH PATCH This Week

The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Moodle
NVD
CVSS 3.1
8.2
EPSS
1.0%
CVE-2023-22246 HIGH This Week

Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free Adobe RCE Memory Corruption +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-22244 HIGH This Week

Adobe Premiere Rush version 2.6 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free Adobe RCE Memory Corruption +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-22243 HIGH This Week

Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Adobe RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-22239 HIGH This Week

After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE After Effects
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-22238 HIGH This Week

After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE After Effects
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-22237 HIGH This Week

After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE After Effects
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-22236 HIGH This Week

Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Heap Overflow Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-22234 HIGH This Week

Adobe Premiere Rush version 2.6 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Adobe RCE Premiere Rush
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-22230 HIGH This Week

Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Adobe RCE Bridge
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-22229 HIGH This Week

Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Adobe RCE Bridge
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-22228 HIGH This Week

Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-22227 HIGH This Week

Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Adobe RCE Bridge
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-22226 HIGH This Week

Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Adobe RCE Bridge
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-21622 HIGH This Week

FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-21621 HIGH This Week

FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-21619 HIGH This Week

FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-21576 HIGH This Week

Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Photoshop
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-21575 HIGH This Week

Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Photoshop
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-21574 HIGH This Week

Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Photoshop
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-0887 HIGH This Week

A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical.exe. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Tftpd64
NVD VulDB
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-24960 HIGH PATCH This Week

IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal IBM Infosphere Information Server
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-0895 HIGH PATCH This Week

The WP Coder - add custom html, css and js code plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in versions up to, and including, 2.5.3 due to insufficient. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

SQLi WordPress Wp Coder
NVD VulDB
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-26020 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.0 from 4.0.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Apple SQLi Crafter Cms
NVD
CVSS 3.1
7.2
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy