Skip to main content
CVE-2023-33254 MEDIUM POC This Month

There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Kace Systems Deployment Appliance
NVD
CVSS 3.1
6.5
EPSS
3.2%
CVE-2023-2826 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Class Scheduling System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-33252 HIGH This Week

iden3 snarkjs through 0.6.11 allows double spending because there is no validation that the publicSignals length is less than the field modulus. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Snarkjs
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-33251 MEDIUM This Month

When Akka HTTP before 10.5.2 accepts file uploads via the FileUploadDirectives.fileUploadAll directive, the temporary file it creates has too weak permissions: it is readable by other users on Linux. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Akka Http
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-33250 MEDIUM This Month

The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Linux Memory Corruption Linux Kernel +4
NVD
CVSS 3.1
4.4
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy