Skip to main content
CVE-2023-37907 HIGH POC PATCH This Week

Cryptomator is data encryption software for users who store their files in the cloud. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Cryptomator
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-35943 HIGH POC This Week

Envoy is an open source edge and service proxy designed for cloud-native applications. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Envoy
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-34235 HIGH POC PATCH This Week

Strapi is an open-source headless content management system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Strapi
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-3882 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in Campcodes Beauty Salon Management System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-3881 HIGH POC This Week

A vulnerability classified as critical was found in Campcodes Beauty Salon Management System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-3880 HIGH POC This Week

A vulnerability classified as critical has been found in Campcodes Beauty Salon Management System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-3879 HIGH POC This Week

A vulnerability was found in Campcodes Beauty Salon Management System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD VulDB GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-3878 HIGH POC This Week

A vulnerability was found in Campcodes Beauty Salon Management System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-3877 HIGH POC This Week

A vulnerability was found in Campcodes Beauty Salon Management System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-3876 HIGH POC This Week

A vulnerability was found in Campcodes Beauty Salon Management System 1.0 and classified as critical. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-3875 HIGH POC This Week

A vulnerability has been found in Campcodes Beauty Salon Management System 0.1.0 and classified as critical. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-3874 HIGH POC This Week

A vulnerability, which was classified as critical, was found in Campcodes Beauty Salon Management System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-3873 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in Campcodes Beauty Salon Management System 1.0.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-34093 HIGH POC PATCH This Week

Strapi is an open-source headless content management system. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Strapi
NVD GitHub
CVSS 3.1
7.1
EPSS
0.6%
CVE-2023-2626 HIGH This Week

There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Nest Hub Max Firmware Nest Hub Firmware Wifi Firmware Nest Wifi Point Firmware +1
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2023-39173 HIGH This Week

In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-21406 HIGH This Week

Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow A1001 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-35067 HIGH This Week

Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System allows Read Sensitive Strings Within an Executable.20230701. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-38493 HIGH PATCH This Week

Armeria is a microservice framework Spring supports Matrix variables. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Java Authentication Bypass Armeria
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-39174 HIGH This Week

In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Teamcity
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-3486 HIGH This Week

An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host’s file storage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Authentication Bypass Papercut Mf Papercut Ng
NVD
CVSS 3.1
7.5
EPSS
75.8%
CVE-2023-34434 HIGH PATCH This Week

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.4.0 through 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Deserialization Inlong
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-22363 HIGH This Week

A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group.80 prior to vEL8.80.1192 (MR2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Denial Of Service Command Centre
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-36385 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post allows DOM-Based XSS.9.9. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
7.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy