Skip to main content
CVE-2023-4735 HIGH POC PATCH This Week

Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Vim macOS
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-4734 HIGH POC PATCH This Week

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Vim macOS
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-4736 HIGH POC PATCH This Week

Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Vim macOS
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-4738 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim macOS
NVD GitHub
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-39979 CRITICAL Act Now

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mxsecurity
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-39980 HIGH PATCH This Week

A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Mxsecurity
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2023-39981 HIGH PATCH This Week

A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Mxsecurity
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-4718 MEDIUM This Month

The Font Awesome 4 Menus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fa' and 'fa-stack' shortcodes in versions up to, and including, 4.7.0 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Font Awesome 4 Menus
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-39982 MEDIUM PATCH This Month

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Mxsecurity
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2023-39983 MEDIUM PATCH This Month

A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Mxsecurity
NVD
CVSS 3.1
5.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy