Skip to main content
CVE-2023-33404 CRITICAL POC THREAT Act Now

An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Blogengine Net
NVD GitHub
CVSS 3.1
9.8
EPSS
25.8%
CVE-2023-30261 CRITICAL POC PATCH THREAT Act Now

Command Injection vulnerability in OpenWB 1.6 and 1.7 allows remote attackers to run arbitrary commands via crafted GET request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Openwb
NVD GitHub
CVSS 3.1
9.8
EPSS
31.7%
CVE-2023-32521 CRITICAL POC PATCH THREAT Act Now

A path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an unauthenticated remote attacker to delete arbitrary files. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Trend Micro Mobile Security
NVD
CVSS 3.1
9.1
EPSS
68.9%
CVE-2023-30945 CRITICAL Act Now

Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an unauthenticated arbitrary file read/write vulnerability due to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Clips2 Video Clip Distributor Video History Service
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-32557 CRITICAL PATCH Act Now

A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary file to the Management Server which could lead to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Path Traversal Trend Micro Apex One
NVD
CVSS 3.1
9.8
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy