Skip to main content
CVE-2023-26602 CRITICAL POC THREAT Act Now

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Asmb8 Ikvm Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
17.4%
CVE-2023-1038 CRITICAL POC Act Now

A vulnerability classified as critical has been found in SourceCodester Online Reviewer Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Reviewer Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1037 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Dental Clinic Appointment Reservation System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-1046 HIGH POC This Week

A vulnerability classified as critical has been found in MuYuCMS 2.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF PHP Muyucms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-1044 HIGH POC This Week

A vulnerability was found in MuYuCMS 2.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Muyucms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-1039 HIGH POC This Week

A vulnerability classified as critical was found in SourceCodester Class and Exam Timetabling System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Class And Exam Timetabling System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-1045 HIGH POC This Week

A vulnerability was found in MuYuCMS 2.2. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Muyucms
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.9%
CVE-2023-26606 HIGH POC This Week

In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-26605 HIGH POC This Week

In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-1048 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5.sys. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Amd Information Disclosure Dram Calculator For Ryzen
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-48363 HIGH POC PATCH This Week

In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Music Player Daemon
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-26607 HIGH POC This Week

In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Linux Linux Kernel Hci Baseboard Management Controller
NVD
CVSS 3.1
7.1
EPSS
0.6%
CVE-2023-1042 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Online Pet Shop We App 1.0 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Pet Shop We App
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-1041 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in SourceCodester Simple Responsive Tourism Website 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Simple Responsive Tourism Website
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-1036 MEDIUM POC This Month

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Dental Clinic Appointment Reservation System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2023-1040 CRITICAL Act Now

A vulnerability, which was classified as critical, has been found in SourceCodester Online Graduate Tracer System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Graduate Tracer System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-1043 MEDIUM POC This Month

A vulnerability was found in MuYuCMS 2.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Muyucms
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-1047 HIGH This Week

A vulnerability classified as critical was found in TechPowerUp RealTemp 3.7.0.0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Realtemp
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-26091 MEDIUM PATCH This Month

The frp_form_answers (aka Forms Export) extension before 3.1.2, and 4.x before 4.0.2, for TYPO3 allows XSS via saved emails. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Forms Export
NVD
CVSS 3.1
6.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy