Skip to main content
CVE-2023-23315 CRITICAL POC Act Now

The PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Stripe Payment Pro
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-1112 CRITICAL POC Act Now

A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 on WordPress. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal WordPress PHP File Upload Drag And Drop Multiple File Upload Contact Form 7
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
3.0%
CVE-2023-25222 HIGH POC This Week

A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libredwg
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-1105 HIGH POC PATCH This Week

External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Flatpress
NVD GitHub
CVSS 3.1
8.1
EPSS
0.7%
CVE-2023-1127 HIGH POC PATCH This Week

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Vim Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-25221 HIGH POC This Week

Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libde265 Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-24127 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1 parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24126 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24125 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24124 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24121 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24120 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24119 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24118 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24117 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24134 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3 parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24133 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24132 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24131 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24130 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24129 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4 parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24128 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2 parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24123 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-24122 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-24751 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-24045 MEDIUM POC This Month

In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Data Science Studio
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-0567 MEDIUM POC This Month

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP
NVD GitHub
CVSS 3.1
6.2
EPSS
0.9%
CVE-2023-1064 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Uzay Baskul Weighbridge Automation Software allows SQL Injection.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Weighbridge Automation Software
NVD VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2023-1114 CRITICAL Act Now

Missing Authorization vulnerability in Eskom e-Belediye allows Information Elicitation.0.0.95 before 1.0.0.100. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass E Belediye
NVD VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2023-1130 CRITICAL Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Computer Parts Sales And Inventory System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-1097 CRITICAL Act Now

Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vulnerable to improper code exploitation via HTTP GET command injections. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Eg7035 M11 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-22757 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-22756 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-22755 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-22754 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-22753 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-22752 CRITICAL Act Now

There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Aruba Sd Wan +1
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-22751 CRITICAL Act Now

There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Aruba Sd Wan +1
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-22750 CRITICAL Act Now

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Aruba Command Injection Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-22749 CRITICAL Act Now

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Aruba Command Injection Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-22748 CRITICAL Act Now

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Aruba Command Injection Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-22747 CRITICAL Act Now

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Aruba Command Injection Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-20032 CRITICAL Act Now

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Secure Endpoint Secure Endpoint Private Cloud +3
NVD
CVSS 3.1
9.8
EPSS
29.3%
CVE-2021-3855 HIGH This Week

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Liman Central Management System Liman MYS (HTTP/Controllers, CronMail, Jobs modules) allows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Port Mys
NVD VulDB
CVSS 3.1
8.8
EPSS
5.0%
CVE-2023-24758 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24757 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24756 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24755 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24754 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24752 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy