Skip to main content
CVE-2023-0844 MEDIUM POC This Month

The Namaste!. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Namaste Lms
NVD WPScan
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-25973 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3.0.2 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Auto Affiliate Links
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2023-25991 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic plugin <= 5.1.9.2 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Registrationmagic
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2023-1374 MEDIUM POC This Month

The Solidres plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'currency_name' parameter in versions up to, and including, 0.9.4 due to insufficient input sanitization and. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress Solidres
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2023-0628 HIGH This Week

Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Docker Docker Desktop
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-1367 LOW POC PATCH Monitor

Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Code Injection Easyappointments
NVD GitHub
CVSS 3.1
3.8
EPSS
0.4%
CVE-2023-0348 HIGH This Week

Akuvox E11 allows direct SIP calls. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure E11 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-0346 HIGH This Week

Akuvox E11 cloud login is performed through an unencrypted HTTP connection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure E11 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-0355 HIGH This Week

Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure E11 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-38074 HIGH This Week

SQL Injection vulnerability in VeronaLabs WP Statistics plugin <= 13.2.10 versions. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Wp Statistics
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2023-0888 HIGH This Week

An improper neutralization of directives in dynamically evaluated code vulnerability in the WiFi Battery embedded web server in versions L90/U70 and L92/U92 can be used to gain administrative access. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Code Injection Battery Pack Sp With Wifi Firmware
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2023-0629 HIGH This Week

Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to docker.raw.sock, or. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Docker Docker Desktop
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-0978 MEDIUM This Month

A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Advanced Threat Defense Intelligent Sandbox
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2023-0350 MEDIUM This Month

Akuvox E11 does not ensure that a file extension is associated with the file provided. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure E11 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-27580 MEDIUM PATCH This Month

CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure PHP Shield
NVD GitHub
CVSS 3.1
5.9
EPSS
0.5%
CVE-2023-0973 MEDIUM This Month

STEPTools v18SP1 ifcmesh library (v18.1) is affected due to a null pointer dereference, which could allow an attacker to deny application usage when reading a specially constructed file, resulting in. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Ifcmesh Library
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-24579 MEDIUM This Month

McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Total Protection
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-24578 MEDIUM This Month

McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Total Protection
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-24577 MEDIUM This Month

McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Total Protection
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-1369 MEDIUM This Month

A vulnerability was found in TG Soft Vir.IT eXplorer 9.4.86.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Vir It Explorer Viragtlt Sys
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-0347 MEDIUM This Month

The Akuvox E11 Media Access Control (MAC) address, a primary identifier, combined with the Akuvox E11 IP address, could allow an attacker to identify the device on the Akuvox cloud. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure E11 Firmware
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-23711 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in A2 Hosting A2 Optimized WP plugin <= 3.0.4 versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF A2 Optimized
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-22700 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite - Your smart PIXEL (TAG) Manager plugin <= 9.3.0 versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Pixelyoursite
NVD
CVSS 3.1
4.3
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy