Skip to main content
CVE-2023-24127 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1 parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24126 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24125 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24124 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24121 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24120 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24119 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24118 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24117 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24134 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3 parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24133 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24132 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24131 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24130 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24129 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4 parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24128 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2 parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-24123 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-24122 MEDIUM POC This Month

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid_5g parameter at /goform/WifiBasicSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Eagle 1200Ac Firmware
NVD VulDB
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-24751 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-24045 MEDIUM POC This Month

In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Data Science Studio
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-0567 MEDIUM POC This Month

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP
NVD GitHub
CVSS 3.1
6.2
EPSS
0.9%
CVE-2023-24758 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24757 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24756 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24755 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24754 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24752 MEDIUM POC This Month

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libde265 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-1117 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Pimcore
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-1116 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Pimcore
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-1115 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Pimcore
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-1104 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Flatpress
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-26608 MEDIUM POC This Month

SOLDR (System of Orchestration, Lifecycle control, Detection and Response) 1.1.0 allows stored XSS via the module editor. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Soldr
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-1113 MEDIUM POC This Month

A vulnerability was found in SourceCodester Simple Payroll System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Simple Payroll System With Dynamic Tax Bracket
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-25931 MEDIUM This Month

Medtronic identified that the Pelvic Health clinician apps, which are installed on the Smart Programmer mobile device, have a password vulnerability that requires a security update to fix. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Interstim X Clinician Micro Clinician
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2023-20075 MEDIUM This Month

Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Email Security Appliance
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2023-22738 MEDIUM PATCH This Month

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Vantage6
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-25544 MEDIUM This Month

Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tomcat Apache Information Disclosure Dell Emc Networker
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-24567 MEDIUM This Month

Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Emc Networker
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-23973 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page - Contact People plugin <= 3.7.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Contact Us Page Contact People
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-22777 MEDIUM This Month

An authenticated information disclosure vulnerability exists in the ArubaOS web-based management interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sd Wan Arubaos
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-22775 MEDIUM This Month

A vulnerability exists which allows an authenticated attacker to access sensitive information on the ArubaOS command line interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sd Wan Arubaos
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-22774 MEDIUM This Month

Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Arubaos Sd Wan
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-22773 MEDIUM This Month

Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Arubaos Sd Wan
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-22772 MEDIUM This Month

An authenticated path traversal vulnerability exists in the ArubaOS web-based management interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Sd Wan Arubaos
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-0952 MEDIUM This Month

Improper access controls on entries in Devolutions Server 2022.3.12 and earlier could allow an authenticated user to access sensitive data without proper authorization. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Devolutions Server
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-1131 MEDIUM This Month

A vulnerability has been found in SourceCodester Computer Parts Sales and Inventory System 1.0 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Computer Parts Sales And Inventory System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-20085 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Identity Services Engine
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-20053 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Nexus Dashboard
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-23006 MEDIUM PATCH This Month

In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Linux Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-23005 MEDIUM PATCH This Month

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Linux Linux Kernel Linux Enterprise Server
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy