Skip to main content
CVE-2023-4815 HIGH POC PATCH This Week

Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Answer
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-30800 HIGH POC This Week

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mikrotik Routeros
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2023-39424 HIGH This Week

A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content (such as a web shell component) to the SQL database and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Internet Reservation Module Next Generation
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-39420 HIGH This Week

The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an "admin" account and a corresponding password computed daily by a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Internet Reservation Module Next Generation
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-39237 HIGH This Week

ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ac86U Firmware
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-39236 HIGH This Week

ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ac86U Firmware
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-38033 HIGH This Week

ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ac86U Firmware
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-38032 HIGH This Week

ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ac86U Firmware
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-38031 HIGH This Week

ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ac86U Firmware
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-4685 HIGH This Week

Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE Cncsoft B Dopsoft
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-41064 HIGH KEV THREAT This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Ipados Iphone Os +1
NVD
CVSS 3.1
7.8
EPSS
15.3%
CVE-2023-41061 HIGH KEV THREAT This Week

A validation issue was addressed with improved logic. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os Watchos
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2023-34357 HIGH This Week

Soar Cloud Ltd. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hr Portal
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39421 HIGH This Week

The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of hardcoded API keys for third-party services such as Twilio and Vonage. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Internet Reservation Module Next Generation
NVD
CVSS 3.1
7.7
EPSS
0.4%
CVE-2023-4528 HIGH This Week

Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Microsoft Apple Deserialization Jscape Mft
NVD
CVSS 3.1
7.2
EPSS
27.1%
CVE-2023-40060 HIGH This Week

A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Serv U
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-39240 HIGH This Week

It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Rt Ax55 Firmware Rt Ax56U V2 Firmware Rt Ac86U Firmware
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2023-39239 HIGH This Week

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Rt Ax55 Firmware Rt Ax56U V2 Firmware Rt Ac86U Firmware
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2023-39238 HIGH This Week

It is identified a format string vulnerability in ASUS RT-AX56U V2. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Rt Ax55 Firmware Rt Ax56U V2 Firmware Rt Ac86U Firmware
NVD
CVSS 3.1
7.2
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy