Skip to main content
CVE-2023-26035 CRITICAL POC PATCH THREAT Act Now

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Authentication Bypass Zoneminder
NVD GitHub
CVSS 3.1
9.8
EPSS
80.5%
CVE-2023-26550 CRITICAL POC Act Now

A SQL injection vulnerability in BMC Control-M before 9.0.20.214 allows attackers to execute arbitrary SQL commands via the memname JSON field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Control M
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-26036 CRITICAL POC Act Now

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Zoneminder
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-1035 HIGH POC This Week

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Clinic S Patient Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-1034 HIGH POC PATCH THREAT This Week

Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Suitecrm
NVD GitHub
CVSS 3.1
8.8
EPSS
28.1%
CVE-2023-26034 HIGH POC This Week

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP SQLi Zoneminder
NVD GitHub
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-1033 HIGH POC PATCH This Week

Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Froxlor
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-26544 HIGH POC This Week

In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-26104 HIGH POC This Week

All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Lite Web Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-26103 HIGH POC PATCH This Week

Versions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the upgradeWebSocket function, which contains regexes in the form of /s*,s*/, used for. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Deno
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-25821 HIGH POC PATCH This Week

Nextcloud is an Open Source private cloud software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-26038 MEDIUM POC This Month

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Zoneminder
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-25816 MEDIUM POC PATCH This Month

Nextcloud is an Open Source private cloud software. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2023-25825 MEDIUM POC PATCH This Month

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Zoneminder
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-26037 CRITICAL PATCH Act Now

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Zoneminder
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-26033 CRITICAL PATCH Act Now

Gentoo soko is the code that powers packages.gentoo.org. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

Denial Of Service SQLi Soko
NVD GitHub
CVSS 3.1
9.1
EPSS
0.6%
CVE-2023-26039 HIGH PATCH This Week

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

PHP Command Injection Zoneminder
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-26032 HIGH PATCH This Week

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Zoneminder
NVD GitHub
CVSS 3.1
8.1
EPSS
0.6%
CVE-2023-26545 MEDIUM PATCH This Month

In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. Rated medium severity (CVSS 4.7).

Information Disclosure Linux Debian Linux Linux Kernel H300s Firmware +4
NVD GitHub
CVSS 3.1
4.7
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy