Skip to main content
CVE-2023-29084 HIGH POC THREAT Act Now

Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Zoho Manageengine Admanager Plus
NVD GitHub
CVSS 3.1
7.2
EPSS
98.4%
CVE-2023-22951 HIGH POC This Week

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Cloud Tigergraph Enterprise
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-29597 HIGH POC This Week

bloofox v0.5.2 was discovered to contain a SQL injection vulnerability via the component /index.php?mode=content&page=pages&action=edit&eid=1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Bloofoxcms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-24509 HIGH POC This Week

On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Eos
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-30637 HIGH POC This Week

Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Braft
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-30636 HIGH POC This Week

TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error, with RpcStatus UNAVAILABLE for "not leader") upon an attempt to start a node in a situation where the context deadline is. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Tikv
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-30635 HIGH POC This Week

TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error) upon an attempt to get a timestamp from the Placement Driver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Tikv
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-27747 HIGH POC This Week

BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authentication in its web server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Dr750 2Ch Lte Firmware Dr750 2Ch Ir Lte Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-27772 HIGH POC PATCH This Week

libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Libiec61850
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-30630 HIGH POC PATCH This Week

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Dmidecode
NVD GitHub
CVSS 3.1
7.1
EPSS
0.5%
CVE-2023-1326 HIGH PATCH This Week

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Apport Ubuntu Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-26416 HIGH This Week

Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Heap Overflow Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-26415 HIGH This Week

Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Adobe RCE Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-26414 HIGH This Week

Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free Adobe RCE Memory Corruption +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-26413 HIGH This Week

Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Heap Overflow Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-26412 HIGH This Week

Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Adobe RCE Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-26411 HIGH This Week

Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-26410 HIGH This Week

Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free Adobe RCE Memory Corruption +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-26409 HIGH This Week

Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-26398 HIGH This Week

Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-21630 HIGH PATCH This Week

Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Qca6391 Firmware Qca6574 Firmware Qca6574a Firmware +39
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-20118 HIGH KEV THREAT This Week

A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Rv016 Firmware Rv042 Firmware Rv042G Firmware +3
NVD
CVSS 3.1
7.2
EPSS
54.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy