Skip to main content
CVE-2023-27253 HIGH POC PATCH THREAT Act Now

A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Pfsense
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
90.7%
CVE-2023-1440 HIGH POC This Week

A vulnerability, which was classified as critical, was found in SourceCodester Automatic Question Paper Generator System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Automatic Question Paper Generator System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-1452 HIGH POC This Week

A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Gpac
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-1449 HIGH POC This Week

A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gpac
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-1448 HIGH POC This Week

A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Gpac
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-1443 HIGH POC This Week

A vulnerability was found in Filseclab Twister Antivirus 8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Twister Antivirus
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-1442 HIGH POC This Week

A vulnerability was found in Meizhou Qingyunke QYKCMS 4.3.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Qykcms
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-1453 HIGH POC This Week

A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Anti Virus
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.3%
CVE-2023-1471 HIGH This Week

The WP Popup Banners plugin for WordPress is vulnerable to SQL Injection via the 'banner_id' parameter in versions up to, and including, 1.2.5 due to insufficient escaping on the user supplied. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi WordPress Wp Popup Banners
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-28112 HIGH PATCH This Week

Discourse is an open-source discussion platform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Discourse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.6%
CVE-2023-1455 HIGH This Week

A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

PHP SQLi Online Pizza Ordering System
NVD VulDB
CVSS 3.1
8.1
EPSS
0.6%
CVE-2023-24678 HIGH This Week

A vulnerability in Centralite Pearl Thermostat 0x04075010 allows attackers to cause a Denial of Service (DoS) via a crafted Zigbee message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pearl Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-27591 HIGH PATCH This Week

Miniflux is a feed reader. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Miniflux
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-28111 HIGH PATCH This Week

Discourse is an open-source discussion platform. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Discourse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-27594 HIGH PATCH This Week

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cilium
NVD GitHub
CVSS 3.1
7.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy