Skip to main content
CVE-2023-2775 HIGH POC This Week

A vulnerability was found in code-projects Bus Dispatch and Information System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Bus Dispatch And Information System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-27233 HIGH POC This Week

Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order[0][dir] parameter at user_list_backend.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Piwigo
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-2772 HIGH POC This Week

A vulnerability, which was classified as critical, was found in SourceCodester Budget and Expense Tracker System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Budget And Expense Tracker System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-2771 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in SourceCodester Online Exam System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Exam System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-2770 HIGH POC This Week

A vulnerability classified as critical was found in SourceCodester Online Exam System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Exam System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-2769 HIGH POC This Week

A vulnerability classified as critical has been found in SourceCodester Service Provider Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Service Provider Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-24805 HIGH POC PATCH This Week

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Apple Command Injection Cups Filters Fedora +1
NVD GitHub
CVSS 3.1
8.8
EPSS
3.7%
CVE-2023-31701 HIGH POC This Week

TP-Link TL-WPA4530 KIT V2 (EU)_170406 and V2 (EU)_161115 is vulnerable to Command Injection via _httpRpmPlcDeviceRemove. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection Tl Wpa4530 Kit Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2023-31700 HIGH POC This Week

TP-Link TL-WPA4530 KIT V2 (EU)_170406 and V2 (EU)_161115 is vulnerable to Command Injection via _httpRpmPlcDeviceAdd. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection Tl Wpa4530 Kit Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2023-31724 HIGH POC This Week

yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the function do_directive at /nasm/nasm-pp.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Yasm
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-31722 HIGH POC This Week

There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Netwide Assembler
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-32767 HIGH POC This Week

The web interface of Symcon IP-Symcon before 6.3 (i.e., before 2023-05-12) allows a remote attacker to read sensitive files via .. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ip Symcon
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-2766 HIGH POC THREAT This Week

A vulnerability was found in Weaver OA 9.5 and classified as problematic.ini. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Information Disclosure E Office
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
54.2%
CVE-2023-2765 HIGH POC This Week

A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP E Office
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
2.2%
CVE-2023-31904 HIGH POC This Week

savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File Inclusion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Wifi Hd Wireless Disk Drive
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-31702 HIGH POC This Week

SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Microsoft SQLi Escan Management Console
NVD GitHub Exploit-DB
CVSS 3.1
7.2
EPSS
4.3%
CVE-2023-2756 HIGH POC PATCH This Week

SQL Injection in GitHub repository pimcore/customer-data-framework prior to 3.3.10. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Customer Management Framework
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-25394 HIGH POC This Week

Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Information Disclosure Apple Videostream
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-2203 HIGH This Week

A flaw was found in the WebKitGTK package. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Red Hat +5
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-2773 HIGH This Week

A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Bus Dispatch And Information System
NVD VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-30438 HIGH This Week

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE IBM Powervm Hypervisor
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2023-31208 HIGH This Week

Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, < 2.1.0p28, and < 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-0863 HIGH This Week

Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Abb Authentication Bypass Terra Ac Wallbox Ul40 Firmware Terra Ac Wallbox 80A Firmware Terra Ac Wallbox Ul32A Firmware +5
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-31848 HIGH This Week

davinci 0.3.0-rc is vulnerable to Server-side request forgery (SSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Davinci
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-2706 HIGH PATCH This Week

The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

WordPress Authentication Bypass Otp Login Woocommerce Gravity Forms
NVD VulDB
CVSS 3.1
8.1
EPSS
1.7%
CVE-2023-2491 HIGH This Week

A flaw was found in the Emacs text editor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Command Injection Emacs Enterprise Linux Enterprise Linux Eus +2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-2295 HIGH This Week

A vulnerability was found in the libreswan library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Red Hat RCE Denial Of Service Libreswan Enterprise Linux +3
NVD
CVSS 3.1
7.5
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy