Skip to main content
CVE-2023-32749 HIGH POC THREAT This Week

Pydio Cells allows users by default to create so-called external users in order to share files with them. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Cells
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
14.2%
CVE-2023-34096 HIGH POC PATCH THREAT This Week

Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Thruk
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
62.7%
CVE-2023-3163 HIGH POC This Week

A vulnerability was found in y_project RuoYi up to 4.7.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Ruoyi
NVD VulDB
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-33657 HIGH POC PATCH This Week

A use-after-free vulnerability exists in NanoMQ 0.17.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Use After Free Denial Of Service Memory Corruption Nanomq
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-33660 HIGH POC PATCH This Week

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Denial Of Service Nanomq
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-33658 HIGH POC PATCH This Week

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Denial Of Service Nanomq
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-34233 HIGH PATCH This Week

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Python Command Injection Snowflake Connector
NVD GitHub
CVSS 3.1
8.8
EPSS
1.8%
CVE-2023-34232 HIGH PATCH This Week

snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in versions prior to 1.6.21. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Command Injection Snowflake Connector
NVD GitHub
CVSS 3.1
8.8
EPSS
1.9%
CVE-2023-34230 HIGH PATCH This Week

snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Command Injection Snowflake Connector
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-34231 HIGH PATCH This Week

gosnowflake is th Snowflake Golang driver. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Gosnowflake
NVD GitHub
CVSS 3.1
8.8
EPSS
2.0%
CVE-2023-34962 HIGH PATCH This Week

Incorrect access control in Chamilo v1.11.x up to v1.11.18 allows a student to arbitrarily access and modify another student's personal notes. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Chamilo Lms
NVD GitHub
CVSS 3.1
8.1
EPSS
0.7%
CVE-2023-29403 HIGH PATCH This Week

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Go Fedora
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-24535 HIGH PATCH This Week

Parsing invalid messages can panic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Protobuf
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy