Skip to main content
CVE-2023-33876 HIGH POC This Week

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free RCE Memory Corruption Buffer Overflow Pdf Reader
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-33866 HIGH POC This Week

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free RCE Memory Corruption Pdf Reader
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-28744 HIGH POC This Week

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free RCE Memory Corruption Buffer Overflow Pdf Reader
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-27379 HIGH POC This Week

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free RCE Memory Corruption Pdf Reader
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-32664 HIGH POC This Week

A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow Pdf Reader
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-37899 HIGH POC PATCH This Week

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Feathers
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-37276 HIGH POC PATCH This Week

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Python Request Smuggling Information Disclosure Aiohttp
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-3763 HIGH POC This Week

A vulnerability was found in Intergard SGS 8.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Smartgard Silver With Matrix Keyboard
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-37362 HIGH This Week

Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Weincloud
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-26217 HIGH This Week

The Data Exchange Add-on component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged user with import permissions and network access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft SQLi Ebx Add Ons
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-28754 HIGH PATCH This Week

Deserialization of Untrusted Data vulnerability in Apache ShardingSphere-Agent, which allows attackers to execute arbitrary code by constructing a special YAML configuration file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache RCE Deserialization Shardingsphere
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-22506 HIGH PATCH This Week

This High severity Injection and RCE (Remote Code Execution) vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of Bamboo Data Center. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Atlassian Bamboo Data Center Bamboo Server
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2023-3467 HIGH This Week

Privilege Escalation to root administrator (nsroot). Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Netscaler Application Delivery Controller Netscaler Gateway
NVD
CVSS 3.1
8.0
EPSS
2.1%
CVE-2023-36853 HIGH This Week

​In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Geolocation Server
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-34394 HIGH This Week

In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Geolocation Server
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-34429 HIGH This Week

Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Weincloud
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-32657 HIGH This Week

Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Weincloud
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-25838 HIGH PATCH This Week

There is SQL injection vulnerability in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

SQLi Arcgis Insights
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-3762 HIGH This Week

A vulnerability was found in Intergard SGS 8.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Smartgard Silver With Matrix Keyboard
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-3761 HIGH This Week

A vulnerability was found in Intergard SGS 8.7.0 and classified as problematic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Smartgard Silver With Matrix Keyboard
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-28513 HIGH PATCH This Week

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service IBM Mq Mq Appliance
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-27877 HIGH PATCH This Week

IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure IBM Cloud Pak For Data
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-26026 HIGH PATCH This Week

Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure IBM Cloud Pak For Data
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-26023 HIGH PATCH This Week

Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure IBM Cloud Pak For Data
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-30799 HIGH This Week

MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation RCE Mikrotik Routeros
NVD GitHub
CVSS 3.1
7.2
EPSS
1.3%
CVE-2023-25839 HIGH PATCH This Week

There is SQL injection vulnerability in Esri ArcGIS Insights Desktop for Mac and Windows version 2022.1 that may allow a local, authorized attacker to execute arbitrary SQL commands against the. Rated high severity (CVSS 7.0).

Microsoft SQLi Arcgis Insights
NVD
CVSS 3.1
7.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy