Skip to main content
CVE-2023-30625 HIGH POC PATCH THREAT Act Now

rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE SQLi Rudder Server
NVD GitHub
CVSS 3.1
8.8
EPSS
85.8%
CVE-2023-35788 HIGH POC PATCH This Week

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Privilege Escalation Linux Memory Corruption +8
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-34795 HIGH POC PATCH This Week

xlsxio v0.1.2 to v0.2.34 was discovered to contain a free of uninitialized pointer in the xlsxioread_sheetlist_close() function. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Use After Free Denial Of Service Memory Corruption Xlsxio
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-34645 HIGH POC This Week

jfinal CMS 5.1.0 has an arbitrary file read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Information Disclosure Jfinal Cms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-30223 HIGH POC This Week

A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Server
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-30222 HIGH POC This Week

An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Server
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-24243 HIGH POC This Week

CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Arc
NVD GitHub
CVSS 3.1
7.5
EPSS
4.0%
CVE-2023-25187 HIGH POC This Week

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Nokia Authentication Bypass Asika Airscale Firmware
NVD Exploit-DB
CVSS 3.1
7.0
EPSS
1.0%
CVE-2023-34154 HIGH This Week

Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Huawei Harmonyos
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2023-30905 HIGH This Week

The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Sgi Uv 300 Rmc Firmware Integrity Mc990 X Server Rmc Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-25188 HIGH This Week

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nokia Asika Airscale Firmware
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-25185 HIGH This Week

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Nokia Asika Airscale Firmware
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-32028 HIGH PATCH This Week

Microsoft SQL OLE DB Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Ole Db Driver For Sql Server +1
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-32027 HIGH PATCH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Odbc Driver For Sql Server +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-32026 HIGH PATCH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Odbc Driver For Sql Server +1
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-32025 HIGH PATCH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Odbc Driver For Sql Server +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-29356 HIGH PATCH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Odbc Driver For Sql Server +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-29349 HIGH PATCH This Week

Microsoft ODBC and OLE DB Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow RCE Microsoft Odbc Driver For Sql Server Ole Db Driver For Sql Server +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-25645 HIGH This Week

There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Zte Up T2 4K Firmware Zxv10 B866V2 H Firmware Zxv10 B866V2 Firmware +2
NVD
CVSS 3.1
7.7
EPSS
0.3%
CVE-2023-35790 HIGH PATCH This Week

An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Libjxl
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-3268 HIGH PATCH This Week

An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
7.1
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy