Skip to main content
CVE-2023-34470 HIGH This Week

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Aptio V
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-41846 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-41033 HIGH This Week

A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.260), Parasolid V35.1 (All versions < V35.1.246), Parasolid V36.0 (All versions < V36.0.156), Simcenter Femap V2301 (All. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Parasolid Simcenter Femap
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-41032 HIGH This Week

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Parasolid Simcenter Femap
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-40728 HIGH This Week

A vulnerability has been identified in QMS Automotive (All versions < V12.39). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Qms Automotive
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-40727 HIGH This Week

A vulnerability has been identified in QMS Automotive (All versions < V12.39). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Jwt Attack Qms Automotive
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-38076 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38075 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Jt2Go Teamcenter Visualization +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38074 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38073 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38072 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38071 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38070 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-3039 HIGH This Week

SD ROM Utility, versions prior to 1.0.2.0 contain an Improper Access Control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Authentication Bypass Sd Rom Utility
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-25519 HIGH This Week

NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Privilege Escalation Bluefield 1 Firmware Bluefield 2 Lts Firmware Bluefield 2 Ga Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-41990 HIGH KEV THREAT This Week

The issue was addressed with improved handling of caches. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-39208 HIGH This Week

Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service XSS Zoom
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-38162 HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.5
EPSS
10.3%
CVE-2023-38149 HIGH PATCH This Week

Windows TCP/IP Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
4.3%
CVE-2023-36763 HIGH PATCH This Week

Microsoft Outlook Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft 365 Apps Office Office Long Term Servicing Channel +1
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-37879 HIGH This Week

Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information elicitation.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wing Ftp Server
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-40308 HIGH This Week

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow SAP Commoncryptolib Content Server +7
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-40440 HIGH This Week

This issue was addressed with improved state management of S/MIME encrypted emails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-40729 HIGH This Week

A vulnerability has been identified in QMS Automotive (All versions < V12.39). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Qms Automotive
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2023-36762 HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Office Long Term Servicing Channel +2
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-40724 HIGH This Week

A vulnerability has been identified in QMS Automotive (All versions < V12.39). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qms Automotive
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2023-42472 HIGH This Week

Due to insufficient file type validation, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) - version 420, allows a report creator to upload files from local system. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP File Upload Information Disclosure Businessobjects Business Intelligence Platform
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2023-21521 HIGH This Week

An SQL Injection vulnerability in the Management Console (Operator Audit Trail) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SQLi Athoc
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-38156 HIGH PATCH This Week

Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Apache Code Injection Microsoft Azure Hdinsight
NVD
CVSS 3.1
7.2
EPSS
1.9%
CVE-2023-40623 HIGH This Week

SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Businessobjects
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-36805 HIGH PATCH This Week

Windows MSHTML Platform Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.0
EPSS
2.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy