Skip to main content
CVE-2023-2806 HIGH POC This Week

A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XXE E Cology
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-32679 HIGH POC PATCH This Week

Craft CMS is an open source content management system. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Craft Cms
NVD GitHub
CVSS 3.1
7.2
EPSS
1.8%
CVE-2023-1618 HIGH This Week

Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 Serial number 2310 **** and prior allows a remote unauthenticated attacker to bypass authentication. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Melsec Ws0 Geth00200 Firmware
NVD
CVSS 3.1
8.6
EPSS
1.1%
CVE-2023-20881 HIGH This Week

Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Capi Release Cf Deployment Loggregator Agent
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2023-33240 HIGH This Week

Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-30199 HIGH PATCH This Week

Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Customexporter
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-28045 HIGH PATCH This Week

Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Dell Cloudiq Collector
NVD
CVSS 3.1
7.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy