Skip to main content
CVE-2023-35333 HIGH PATCH This Week

MediaWiki PandocUpload Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Pandocupload
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-35330 HIGH PATCH This Week

Windows Extended Negotiation Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-35325 HIGH PATCH This Week

Windows Print Spooler Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-35309 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-35298 HIGH PATCH This Week

HTTP.sys Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Windows 11 21H2 Windows 11 22h2 Windows Server 2022
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-34090 HIGH PATCH This Week

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Decidim
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-33173 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33172 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33169 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33168 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33167 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33166 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-33165 HIGH PATCH This Week

Microsoft SharePoint Server Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Sharepoint Server
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-33163 HIGH PATCH This Week

Windows Network Load Balancing Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

RCE Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-32084 HIGH PATCH This Week

HTTP.sys Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Windows 10 1809 Windows 11 21H2 Windows 11 22h2 +2
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-32045 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-32044 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-32042 HIGH PATCH This Week

OLE Automation Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-32035 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-32034 HIGH PATCH This Week

Remote Procedure Call Runtime Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-3354 HIGH PATCH This Week

A flaw was found in the QEMU built-in VNC server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Qemu Openstack Platform Enterprise Linux +1
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-36293 HIGH This Week

SQL injection vulnerability in wmanager v.1.0.7 and before allows a remote attacker to obtain sensitive information via a crafted script to the company.php component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Wmanager
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-36521 HIGH This Week

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions <. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Mv540 H Firmware Simatic Mv540 S Firmware Simatic Mv550 H Firmware Simatic Mv550 S Firmware +2
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-35921 HIGH This Week

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions <. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Mv540 H Firmware Simatic Mv540 S Firmware Simatic Mv550 H Firmware Simatic Mv550 S Firmware +2
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-35920 HIGH This Week

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions <. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Simatic Mv540 H Firmware Simatic Mv540 S Firmware Simatic Mv550 H Firmware Simatic Mv550 S Firmware +2
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-36917 HIGH This Week

SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized attacker who had hijacked a user session, to be able to bypass the victim’s old password via brute force,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Authentication Bypass Businessobjects Business Intelligence
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-21526 HIGH PATCH This Week

Windows Netlogon Information Disclosure Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.4
EPSS
1.1%
CVE-2023-36749 HIGH This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Ruggedcom Rox Mx5000 Firmware Ruggedcom Rox Mx5000Re Firmware Ruggedcom Rox Rx1400 Firmware Ruggedcom Rox Rx1500 Firmware +7
NVD
CVSS 3.1
7.4
EPSS
0.3%
CVE-2023-35874 HIGH This Week

SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass Netweaver Application Server Abap
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2023-32054 HIGH PATCH This Week

Volume Shadow Copy Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2023-35870 HIGH This Week

When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions S4CORE 104, 105, 106, 107, an attacker could intercept the save request and change the template,. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure S4core
NVD
CVSS 3.1
7.3
EPSS
0.4%
CVE-2023-33152 HIGH PATCH This Week

Microsoft ActiveX Remote Code Execution Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Heap Overflow Microsoft RCE Buffer Overflow 365 Apps +2
NVD VulDB
CVSS 3.1
7.0
EPSS
1.1%
CVE-2023-35350 HIGH PATCH This Week

Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows Server 2008 +4
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2023-32033 HIGH PATCH This Week

Microsoft Failover Cluster Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows Server 2008 +4
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-36755 HIGH This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ruggedcom Rox Mx5000 Firmware Ruggedcom Rox Mx5000Re Firmware Ruggedcom Rox Rx1400 Firmware +8
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2023-36754 HIGH This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ruggedcom Rox Mx5000 Firmware Ruggedcom Rox Mx5000Re Firmware Ruggedcom Rox Rx1400 Firmware +8
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-36753 HIGH This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ruggedcom Rox Mx5000 Firmware Ruggedcom Rox Mx5000Re Firmware Ruggedcom Rox Rx1400 Firmware +8
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-36752 HIGH This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ruggedcom Rox Mx5000 Firmware Ruggedcom Rox Mx5000Re Firmware Ruggedcom Rox Rx1400 Firmware +8
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-36751 HIGH This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ruggedcom Rox Mx5000 Firmware Ruggedcom Rox Mx5000Re Firmware Ruggedcom Rox Rx1400 Firmware +8
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-36750 HIGH This Week

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ruggedcom Rox Mx5000 Firmware Ruggedcom Rox Mx5000Re Firmware Ruggedcom Rox Rx1400 Firmware +8
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-23777 HIGH This Week

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.18 and below. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Fortinet Command Injection Fortiweb
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2023-36925 HIGH This Week

SAP Solution Manager (Diagnostics agent) - version 7.20, allows an unauthenticated attacker to blindly execute HTTP requests. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP SSRF Solution Manager
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2023-36921 HIGH This Week

SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with headers in a client request. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure Solution Manager
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2023-35347 HIGH PATCH This Week

Microsoft Install Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +2
NVD
CVSS 3.1
7.1
EPSS
0.5%
CVE-2023-33990 HIGH This Week

SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing the service by crashing the service. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Denial Of Service Microsoft Sql Anywhere
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-35361 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-35360 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-33156 HIGH PATCH This Week

Microsoft Defender Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Malware Protection Engine
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-32050 HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Microsoft Windows Server 2008
NVD
CVSS 3.1
7.0
EPSS
0.4%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy