Skip to main content
CVE-2023-0872 HIGH POC PATCH Act Now

The Horizon REST API includes a users endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to elevation of privilege. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Horizon Meridian
NVD GitHub
CVSS 3.1
8.0
EPSS
3.0%
CVE-2023-30187 CRITICAL POC PATCH Act Now

An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow RCE Document Server
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-30186 CRITICAL POC PATCH Act Now

A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Use After Free RCE Document Server
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.8%
CVE-2023-3435 CRITICAL POC Act Now

The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitise and escape several parameters before using it in a SQL statement as part of its exportation feature, allowing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi User Activity Log
NVD WPScan
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-4322 CRITICAL POC PATCH Act Now

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Radare2 Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-28483 HIGH POC This Week

An issue was discovered in Tigergraph Enterprise 3.7.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Tigergraph
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-28481 HIGH POC This Week

An issue was discovered in Tigergraph Enterprise 3.7.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Tigergraph
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-40295 HIGH POC This Week

libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_strInitUtf8 at string.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Boron
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-30188 HIGH POC PATCH This Week

Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Document Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-40303 HIGH POC PATCH This Week

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Inetutils
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-39829 HIGH POC This Week

Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda A18 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-39828 HIGH POC This Week

Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda A18 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-39827 HIGH POC This Week

Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda A18 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-40296 HIGH POC This Week

async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Async Sockets Cpp
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-40274 HIGH POC PATCH This Week

An issue was discovered in zola 0.13.0 through 0.17.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Zola
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-40293 MEDIUM POC This Month

Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Harman Infotainment
NVD
CVSS 3.1
6.8
EPSS
1.7%
CVE-2023-40291 MEDIUM POC This Month

Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Harman Infotainment
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2023-28482 MEDIUM POC This Month

An issue was discovered in Tigergraph Enterprise 3.7.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Tigergraph
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-28480 MEDIUM POC This Month

An issue was discovered in Tigergraph Enterprise 3.7.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Tigergraph
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-40294 MEDIUM POC This Month

libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Boron
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-40024 MEDIUM POC PATCH This Month

ScanCode.io is a server to script and automate software composition analysis pipelines. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Scancode Io
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-2803 MEDIUM POC This Month

The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Ultimate Addons For Contact Form 7
NVD WPScan
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-4321 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Cockpit
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-37847 CRITICAL Act Now

novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Novel Plus
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-21287 CRITICAL PATCH Act Now

In multiple locations, there is a possible code execution due to type confusion. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-21242 CRITICAL PATCH Act Now

In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-20965 CRITICAL PATCH Act Now

In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Privilege Escalation Android
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-39293 CRITICAL Act Now

A Command Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to execute arbitrary commands within the context of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Microsoft Mivoice Office 400 Mivoice Office 400 Smb Controller Firmware
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-39292 CRITICAL Act Now

A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to access sensitive information and execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft SQLi Mivoice Office 400 Mivoice Office 400 Smb Controller Firmware
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-29468 CRITICAL Act Now

The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Wilink8 Wifi Mcp8
NVD
CVSS 3.1
9.8
EPSS
10.1%
CVE-2023-32748 CRITICAL Act Now

The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mivoice Connect
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-40359 CRITICAL Act Now

xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Xterm
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-3266 CRITICAL Act Now

A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Powerpanel Server
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-3265 CRITICAL Act Now

An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Powerpanel Server
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2023-3264 CRITICAL Act Now

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PostgreSQL Authentication Bypass Powerpanel Server Iboot Pdu4A C10 Firmware Iboot Pdu4A C20 Firmware +20
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-3259 CRITICAL Act Now

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Deserialization Iboot Pdu4A C10 Firmware Iboot Pdu4A C20 Firmware Iboot Pdu4A N15 Firmware +19
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-40360 MEDIUM POC PATCH This Month

QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Qemu
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-40305 MEDIUM POC This Month

GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Indent
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-40013 MEDIUM POC PATCH This Month

SVG Loader is a javascript library that fetches SVGs using XMLHttpRequests and injects the SVG code in the tag's place. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Svg Loader
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-38687 MEDIUM POC PATCH This Month

Svelecte is a flexible autocomplete/select component written in Svelte. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Svelecte
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-32358 HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Ipados Iphone Os +1
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-28198 HIGH This Week

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Apple RCE Memory Corruption Ipados +4
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-21282 HIGH PATCH This Week

In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow RCE Android
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-21273 HIGH PATCH This Week

In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow RCE Android
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2023-3721 MEDIUM POC This Month

The WP-EMail WordPress plugin before 2.69.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp Email
NVD WPScan
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-3645 MEDIUM POC This Month

The Contact Form Builder by Bit Form WordPress plugin before 2.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Contact Form Builder
NVD WPScan
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-3328 MEDIUM POC This Month

The Custom Field For WP Job Manager WordPress plugin before 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Custom Field For Wp Job Manager
NVD WPScan
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-2802 MEDIUM POC This Month

The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Ultimate Addons For Contact Form 7
NVD WPScan
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-2606 MEDIUM POC This Month

The WP Brutal AI WordPress plugin before 2.06 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp Brutal Ai
NVD WPScan
CVSS 3.1
4.8
EPSS
2.0%
CVE-2023-33013 HIGH PATCH This Week

A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated attacker to execute some OS commands remotely. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Zyxel Nbg6604 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.4%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy