Skip to main content
CVE-2023-34104 HIGH PATCH This Week

fast-xml-parser is an open source, pure javascript xml parser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Fast Xml Parser
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-2132 HIGH This Week

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Gitlab
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-21669 HIGH PATCH This Week

Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Aqt1000 Firmware Wcn3991 Firmware Wcn3998 Firmware +58
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21661 HIGH This Week

Transient DOS while parsing WLAN beacon or probe-response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +111
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21660 HIGH This Week

Transient DOS in WLAN Firmware while parsing FT Information Elements. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Csr8811 Firmware Wcn6750 Firmware Wcn685X 5 Firmware Wcn685X 1 Firmware +75
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21659 HIGH This Week

Transient DOS in WLAN Firmware while processing frames with missing header fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Ar9380 Firmware +266
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21658 HIGH This Week

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +147
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-2602 LOW POC Monitor

A vulnerability was found in the pthread_create() function in libcap. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libcap Enterprise Linux Debian Linux Fedora
NVD
CVSS 3.1
3.3
EPSS
0.4%
CVE-2023-22450 HIGH This Week

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Webaccess Scada
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2023-20752 MEDIUM This Month

In keymange, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20751 MEDIUM This Month

In keymange, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20749 MEDIUM This Month

In swpm, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20746 MEDIUM This Month

In vcu, there is a possible out of bounds write due to improper locking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Iot Yocto Yocto Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20745 MEDIUM This Month

In vcu, there is a possible out of bounds write due to improper locking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Iot Yocto Yocto Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20744 MEDIUM This Month

In vcu, there is a possible use after free due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Privilege Escalation Denial Of Service Memory Corruption Iot Yocto +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20743 MEDIUM This Month

In vcu, there is a possible out of bounds write due to improper locking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Iot Yocto Yocto Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20740 MEDIUM This Month

In vcu, there is a possible memory corruption due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Iot Yocto Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20739 MEDIUM This Month

In vcu, there is a possible memory corruption due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20738 MEDIUM This Month

In vcu, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Iot Yocto Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20737 MEDIUM This Month

In vcu, there is a possible use after free due to improper locking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Iot Yocto Yocto Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20735 MEDIUM This Month

In vcu, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Iot Yocto Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20734 MEDIUM This Month

In vcu, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Iot Yocto Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20733 MEDIUM This Month

In vcu, there is a possible use after free due to improper locking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Iot Yocto Yocto Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20732 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Information Disclosure Yocto Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20725 MEDIUM This Month

In preloader, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Rdk B Android +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20724 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20723 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20716 MEDIUM This Month

In wlan, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Iot Yocto Yocto +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20715 MEDIUM This Month

In wlan, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Iot Yocto Yocto +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20712 MEDIUM This Month

In wlan, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Iot Yocto Yocto +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-33477 MEDIUM This Month

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nsg 9000 6G Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-2253 MEDIUM PATCH This Month

A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Openshift Api For Data Protection Openshift Container Platform Openshift Developer Tools And Services
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-1621 MEDIUM This Month

An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10.5, all versions starting from 15.11 before 15.11.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Gitlab
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-33958 MEDIUM PATCH This Month

notation is a CLI tool to sign and verify OCI artifacts and container images. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Notation Go
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-22833 MEDIUM This Month

Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Foundry
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-30948 MEDIUM This Month

A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Foundry Comments
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-20736 MEDIUM This Month

In vcu, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Iot Yocto Yocto +1
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-32551 MEDIUM This Month

Landscape allowed URLs which caused open redirection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Landscape
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-33684 MEDIUM This Month

Weak session management in DB Elettronica Telecomunicazioni SpA SFT DAB 600/C Firmware: 1.9.3 Bios firmware: 7.1 (Apr 19 2021) Gui: 2.46 FPGA: 169.55 uc: 6.15 allows attackers on the same network to. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Sft Dab 600 C Bios Sft Dab 600 C Firmware
NVD
CVSS 3.1
5.7
EPSS
0.3%
CVE-2023-33957 MEDIUM PATCH This Month

notation is a CLI tool to sign and verify OCI artifacts and container images. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Notation Go
NVD GitHub
CVSS 3.1
5.7
EPSS
0.5%
CVE-2023-2157 MEDIUM PATCH This Month

A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow Imagemagick
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2023-30915 MEDIUM This Month

In email service, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-30914 MEDIUM This Month

In email service, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-30866 MEDIUM This Month

In telephony service, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-30865 MEDIUM This Month

In dialer service, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-32683 MEDIUM PATCH This Month

Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Python SSRF Authentication Bypass Synapse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-32682 MEDIUM PATCH This Month

Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Python Authentication Bypass Synapse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2023-2801 MEDIUM PATCH This Month

Grafana is an open-source platform for monitoring and observability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Grafana Denial Of Service
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-20747 MEDIUM This Month

In vcu, there is a possible memory corruption due to type confusion. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Iot Yocto Yocto +1
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20742 MEDIUM This Month

In ril, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy