Skip to main content
CVE-2023-4436 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in SourceCodester Inventory Management System 1.0.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Inventory Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-37369 HIGH POC PATCH This Week

In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Qt Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-4451 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Cockpit
NVD GitHub
CVSS 3.1
6.1
EPSS
2.3%
CVE-2023-4434 MEDIUM POC PATCH This Month

Missing Authorization in GitHub repository hamza417/inure prior to build88. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Inure
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-4440 CRITICAL Act Now

A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Free Hospital Management System For Small Practices
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-4438 CRITICAL Act Now

A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Inventory Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-4437 CRITICAL Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Inventory Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-4435 MEDIUM POC PATCH This Month

Improper Input Validation in GitHub repository hamza417/inure prior to build88. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Inure
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-40711 HIGH This Week

Veilid before 0.1.9 does not check the size of uncompressed data during decompression upon an envelope receipt, which allows remote attackers to cause a denial of service (out-of-memory abort) via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Veilid
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-37250 HIGH This Week

Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Parsec
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2023-4439 MEDIUM This Month

A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Card Holder Management System
NVD VulDB
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-36674 MEDIUM PATCH This Month

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Mediawiki
NVD
CVSS 3.1
5.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy