Skip to main content
CVE-2023-37462 HIGH POC PATCH THREAT This Week

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Python Xwiki
NVD GitHub
CVSS 3.1
8.8
EPSS
91.3%
CVE-2023-36887 HIGH POC PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption RCE Google Microsoft Edge Chromium
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2023-3514 HIGH POC This Week

Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Razer Central
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-3513 HIGH POC This Week

Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Deserialization Microsoft Razer Central
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-37464 HIGH POC PATCH This Week

OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption (JOSE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Cjose
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-38325 HIGH POC PATCH This Week

The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Python Information Disclosure Cryptography
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-37474 HIGH POC PATCH THREAT This Week

Copyparty is a portable file server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Copyparty
NVD GitHub
CVSS 3.1
7.5
EPSS
42.8%
CVE-2023-38286 HIGH POC PATCH This Week

Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Java RCE Command Injection Spring Boot Admin Thymeleaf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-3673 HIGH POC PATCH This Week

SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.24. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Pimcore
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2023-3668 HIGH POC PATCH This Week

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Froxlor
NVD GitHub
CVSS 3.1
7.2
EPSS
0.8%
CVE-2023-37268 HIGH PATCH This Week

Warpgate is an SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Warpgate
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-37473 HIGH PATCH This Week

zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Collection
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-32761 HIGH This Week

Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execute arbitrary code via a crafted request. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE CSRF Archer
NVD
CVSS 3.1
8.0
EPSS
0.4%
CVE-2023-35692 HIGH This Week

In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-38337 HIGH PATCH This Week

rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Rswag
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-36818 HIGH PATCH This Week

Discourse is an open source discussion platform. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Discourse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-3633 HIGH This Week

An out-of-bounds write vulnerability in Bitdefender Engines on Windows causes the engine to crash.94791 and lower. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Microsoft Engines
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-36835 HIGH This Week

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-28985 HIGH This Week

An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-36832 HIGH This Week

An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series allows an unauthenticated network-based attacker to send specific packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-36831 HIGH This Week

An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy