Skip to main content
CVE-2023-2420 CRITICAL POC Act Now

A vulnerability was found in MLECMS 3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP SQLi Mlecms
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-2424 HIGH POC This Week

A vulnerability was found in DedeCMS 5.7.106 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Dedecms
NVD VulDB
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-31484 HIGH POC PATCH This Week

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Cpanpm Perl
NVD GitHub
CVSS 3.1
8.1
EPSS
1.5%
CVE-2023-2417 HIGH POC This Week

A vulnerability was found in ks-soft Advanced Host Monitor up to 12.56 and classified as problematic. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Advanced Host Monitor
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-2419 HIGH POC This Week

A vulnerability was found in Zhong Bang CRMEB 4.6.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Crmeb
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.8%
CVE-2023-2413 MEDIUM POC This Month

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ac Repair And Services System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-2421 MEDIUM POC This Month

A vulnerability classified as problematic has been found in Control iD RHiD 23.3.19.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Rhid
NVD VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-2426 MEDIUM POC PATCH This Month

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Vim
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-2425 MEDIUM POC This Month

A vulnerability was found in SourceCodester Simple Student Information System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Simple Student Information System
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-31486 HIGH PATCH This Week

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Perl
NVD GitHub
CVSS 3.1
8.1
EPSS
1.7%
CVE-2023-30441 HIGH This Week

IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure IBM Infosphere Information Server Websphere Application Server +1
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2412 MEDIUM This Month

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Ac Repair And Services System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-30792 MEDIUM This Month

Anchor tag hrefs in Lexical prior to v0.10.0 would render javascript: URLs, allowing for cross-site scripting on link clicks in cases where input was being parsed from untrusted sources. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Lexical
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-2418 MEDIUM This Month

A vulnerability was found in Konga 2.8.3 on Kong. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Kong
NVD VulDB GitHub
CVSS 3.1
5.9
EPSS
0.7%
CVE-2023-31485 MEDIUM PATCH This Month

GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Gitlab
NVD GitHub
CVSS 3.1
5.9
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy