Skip to main content
CVE-2023-4346 HIGH POC KEV THREAT Act Now

KNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to being locked and users being unable to reset them to gain access to the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Connection Authorization
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
Threat
4.5
CVE-2023-38975 HIGH POC This Week

* Buffer Overflow vulnerability in qdrant v.1.3.2 allows a remote attacker cause a denial of service via the chucnked_vectors.rs component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Qdrant
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-39663 HIGH POC This Week

Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Mathjax
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-3646 HIGH POC This Week

On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Eos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-41376 HIGH POC This Week

Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update-fault-tolerance is not enabled, mishandle BGP path attributes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Nokia Service Router Linux Service Router Operating System
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-38802 HIGH POC This Week

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Frrouting Picos Debian Linux Fedora
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-4572 HIGH This Week

Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Google Chrome +2
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-23773 HIGH This Week

Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Jwt Attack Ebts Base Radio Firmware Mbts Base Radio Firmware
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-23772 HIGH This Week

Motorola MBTS Site Controller fails to check firmware update authenticity. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Jwt Attack Mbts Site Controller Firmware
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-32457 HIGH PATCH This Week

Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Dell Powerscale Onefs
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-23774 HIGH This Week

Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Ebts Site Controller Firmware Mbts Site Controller Firmware
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2023-23771 HIGH This Week

Motorola MBTS Base Radio accepts hard-coded backdoor password. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mbts Base Radio Firmware
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2023-39616 HIGH PATCH This Week

AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Aomedia
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-41358 HIGH PATCH This Week

An issue was discovered in FRRouting FRR through 9.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Frrouting Debian Linux Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-1995 HIGH This Week

Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hirdb Server With Additional Function Hirdb Structured Data Access Facility Hirdb Server
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-20890 HIGH This Week

Aria Operations for Networks contains an arbitrary file write vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal VMware Aria Operations For Networks
NVD
CVSS 3.1
7.2
EPSS
21.6%
CVE-2023-41362 HIGH PATCH This Week

MyBB before 1.8.36 allows Code Injection by users with certain high privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Code Injection Mybb
NVD GitHub
CVSS 3.1
7.2
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy