Skip to main content
CVE-2023-23408 MEDIUM POC PATCH This Month

Azure Apache Ambari Spoofing Vulnerability. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Apache XSS Microsoft Azure Hdinsight
NVD Exploit-DB
CVSS 3.1
4.5
EPSS
4.0%
CVE-2023-24908 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-24869 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-23405 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-23404 HIGH PATCH This Week

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2023-27500 HIGH This Week

An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Netweaver Application Server Abap
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-27590 HIGH PATCH This Week

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Rizin
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-24930 HIGH PATCH This Week

Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Apple Microsoft Onedrive
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-24910 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft 365 Office +13
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-23423 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-23422 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-23421 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 +12
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-23420 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 +12
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-23419 HIGH PATCH This Week

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 11 22h2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-23418 HIGH PATCH This Week

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 11 22h2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-23417 HIGH PATCH This Week

Windows Partition Management Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-23416 HIGH PATCH This Week

Windows Cryptographic Services Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
7.6%
CVE-2023-23412 HIGH PATCH This Week

Windows Accounts Picture Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-23402 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-23401 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-27406 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-27405 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-27404 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2023-27403 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-27402 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-27401 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-27400 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-27399 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-27398 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-27588 HIGH PATCH This Week

Hasura is an open-source product that provides users GraphQL or REST APIs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Graphql Engine
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-27585 HIGH PATCH This Week

PJSIP is a free and open source multimedia communication library written in C. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Pjsip
NVD GitHub
CVSS 3.1
7.5
EPSS
2.3%
CVE-2023-24859 HIGH PATCH This Week

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-24858 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-24856 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-25957 HIGH This Week

A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Saml
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-27896 HIGH This Week

In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own CMS, leading to a high. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP SSRF Businessobjects Business Intelligence
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-27271 HIGH This Week

In SAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP SSRF Businessobjects Business Intelligence Platform
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-26459 HIGH This Week

Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, an attacker authenticated as a. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP SSRF Netweaver Application Server Abap
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2023-23398 HIGH PATCH This Week

Microsoft Excel Spoofing Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps Excel Office +1
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2023-23400 HIGH PATCH This Week

Windows DNS Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows Server 2012 +3
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2023-27498 HIGH This Week

SAP Host Agent (SAPOSCOL) - version 7.22, allows an unauthenticated attacker with network access to a server port assigned to the SAP Start Service to submit a crafted request which results in a. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow SAP Host Agent
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-23414 HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-23407 HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-24861 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-23393 HIGH PATCH This Week

Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2023-23385 HIGH PATCH This Week

Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-27073 MEDIUM This Month

A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafted POST request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Online Food Ordering System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-24922 MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24906 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24890 MEDIUM PATCH This Month

Microsoft OneDrive for iOS Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Apple Microsoft Onedrive
NVD
CVSS 3.1
6.5
EPSS
1.2%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy