Skip to main content
CVE-2023-26482 HIGH POC PATCH Act Now

Nextcloud server is an open source home cloud implementation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
8.8
EPSS
4.2%
CVE-2023-1744 HIGH POC This Week

A vulnerability classified as critical was found in IBOS 4.5.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Ibos
NVD VulDB
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-1742 HIGH POC This Week

A vulnerability was found in IBOS 4.5.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ibos
NVD VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-27534 HIGH POC This Week

A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal Curl Fedora Active Iq Unified Manager +6
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2023-27533 HIGH POC This Week

A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Curl Fedora Active Iq Unified Manager Clustered Data Ontap +5
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2023-28643 HIGH POC PATCH This Week

Nextcloud server is an open source home cloud implementation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-1745 HIGH POC This Week

A vulnerability, which was classified as problematic, has been found in KMPlayer 4.2.2.73.dll. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kmplayer
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-29059 HIGH POC This Week

3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Apple Microsoft 3Cx
NVD
CVSS 3.1
7.8
EPSS
4.4%
CVE-2023-24473 HIGH POC This Week

An information disclosure vulnerability exists in the TGAInput::read_tga2_header functionality of OpenImageIO Project OpenImageIO v2.4.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openimageio
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-24472 HIGH POC This Week

A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Openimageio
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-22845 HIGH POC This Week

An out-of-bounds read vulnerability exists in the TGAInput::decode_pixel() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openimageio
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-1736 HIGH This Week

A vulnerability, which was classified as critical, has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Young Entrepreneur E Negosyo System
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-28833 HIGH PATCH This Week

Nextcloud server is an open source home cloud implementation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-28935 HIGH This Week

** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache UIMA DUCC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Command Injection Unstructured Information Management Architecture
NVD
CVSS 3.1
8.8
EPSS
3.0%
CVE-2023-1670 HIGH This Week

A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-1393 HIGH PATCH This Week

A flaw was found in X.Org Server Overlay Window. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Memory Corruption X Server Fedora
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-1014 HIGH This Week

Improper Protection for Outbound Error Messages and Alert Signals vulnerability in Virames Vira-Investing allows Account Footprinting.0.84.86. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Vira Investing
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28846 HIGH PATCH This Week

Unpoly is a JavaScript framework for server-side web applications. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Unpoly Rails
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-28835 HIGH PATCH This Week

Nextcloud server is an open source home cloud implementation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-28644 HIGH PATCH This Week

Nextcloud server is an open source home cloud implementation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-28732 HIGH This Week

Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Microsoft Acymailing
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy