Skip to main content
CVE-2023-20820 HIGH This Week

In wlan service, there is a possible command injection due to improper input validation. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Openwrt
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2023-40205 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixelgrade PixTypes pixtypes allows DOM-Based XSS.4.15. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2023-4216 LOW POC Monitor

The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url parameter when importing a CSV file, allowing high privilege users with the manage_woocommerce. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure WordPress Orders Tracking For Woocommerce
NVD WPScan
CVSS 3.1
2.7
EPSS
0.5%
CVE-2023-32812 MEDIUM This Month

In gnss service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Yocto Android Openwrt
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32811 MEDIUM This Month

In connectivity system driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Iot Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32806 MEDIUM This Month

In wlan driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Iot Yocto +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20837 MEDIUM This Month

In seninf, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20832 MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20831 MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20830 MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20829 MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20828 MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20822 MEDIUM This Month

In netdagent, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20821 MEDIUM This Month

In nvram, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-38553 MEDIUM This Month

In gnss service, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32805 MEDIUM This Month

In power, there is a possible out of bounds write due to an insecure default value. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-20850 MEDIUM This Month

In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Iot Yocto +2
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-20849 MEDIUM This Month

In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Privilege Escalation Denial Of Service Memory Corruption Yocto +3
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-20848 MEDIUM This Month

In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Yocto Iot Yocto +2
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-20842 MEDIUM This Month

In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Iot Yocto +2
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-20841 MEDIUM This Month

In imgsys, there is a possible out of bounds write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Iot Yocto +2
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-20840 MEDIUM This Month

In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Yocto Iot Yocto +2
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-20835 MEDIUM This Month

In camsys, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Yocto Iot Yocto +1
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20834 MEDIUM This Month

In pda, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20827 MEDIUM This Month

In ims service, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20851 MEDIUM This Month

In stc, there is a possible out of bounds read due to a race condition. Rated medium severity (CVSS 6.3). No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
6.3
EPSS
0.1%
CVE-2023-40214 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Business Pro
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-40196 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Imagerecycle Pdf Image Compression
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-32296 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Kangu
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-30485 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Avartan Slider Lite
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-39992 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Online Booking Scheduling Calendar
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-39991 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Bigbluebutton
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-39918 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Booking Package
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-31220 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Wp Categories Widget
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-30494 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Imagerecycle Pdf Image Compression
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-39164 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Molongui
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-39162 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Woo Confirmation Email
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-4587 MEDIUM This Month

An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Zem800 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-20826 MEDIUM This Month

In cta, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20825 MEDIUM This Month

In duraspeed, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20824 MEDIUM This Month

In duraspeed, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-38554 MEDIUM This Month

In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-38466 MEDIUM This Month

In ims service, there is a possible missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-38465 MEDIUM This Month

In ims service, there is a possible missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-38463 MEDIUM This Month

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-38462 MEDIUM This Month

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-38461 MEDIUM This Month

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-38457 MEDIUM This Month

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-38454 MEDIUM This Month

In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-38448 MEDIUM This Month

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy