Skip to main content
CVE-2023-31756 MEDIUM POC This Month

A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection Archer Vr1600V Firmware
NVD
CVSS 3.1
6.7
EPSS
1.8%
CVE-2023-2814 MEDIUM POC This Month

A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Class Scheduling System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-26818 MEDIUM POC This Month

Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Telegram
NVD VulDB
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-30774 MEDIUM POC This Month

A vulnerability was found in the libtiff library. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Libtiff macOS
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-31757 MEDIUM POC This Month

DedeCMS up to v5.7.108 is vulnerable to XSS in sys_info.php via parameters 'edit___cfg_powerby' and 'edit___cfg_beian'. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Dedecms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31862 MEDIUM POC This Month

jizhicms v2.4.6 is vulnerable to Cross Site Scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Jizhicms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-32675 MEDIUM POC PATCH This Month

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Vyper
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-1996 MEDIUM This Month

A reflected Cross-site Scripting (XSS) vulnerability in Release 3DEXPERIENCE R2018x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS 3Dexperience
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-28950 MEDIUM PATCH This Month

IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure IBM Mq
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-22878 MEDIUM PATCH This Month

IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure IBM Infosphere Information Server
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-30775 MEDIUM This Month

A vulnerability was found in the libtiff library. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Libtiff
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-28514 MEDIUM PATCH This Month

IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure IBM Mq
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-28529 MEDIUM PATCH This Month

IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Infosphere Information Server
NVD
CVSS 3.1
5.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy