Skip to main content
CVE-2023-43268 HIGH POC This Week

Deyue Remote Vehicle Management System v1.1 was discovered to contain a deserialization vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Deyue Remote Vehicle Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-43890 HIGH POC This Week

Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N3M Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2023-43835 HIGH POC This Week

Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite config.inc.php content. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Super Store Finder
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-43361 HIGH POC This Week

Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE Denial Of Service Vorbis Tools
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-5344 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-41580 HIGH POC PATCH This Week

Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure PHP Phpipam
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-3744 HIGH This Week

Server-Side Request Forgery vulnerability in SLims version 9.6.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF PHP Senayan Library Management System
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-5328 HIGH This Week

A vulnerability classified as critical has been found in SATO CL4NX-J Plus 1.13.2-u455_r2. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cl4Nx J Plus Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-3592 HIGH This Week

In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mosquitto
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-3769 HIGH This Week

Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ingepac Fc5066 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-5106 HIGH PATCH This Week

An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Gitlab Authentication Bypass
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-3768 HIGH This Week

Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ingepac Da3451 Firmware Ingepac Ef Md Firmware Ingepac Fc5066 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-32820 HIGH This Week

In wlan firmware, there is a possible firmware assertion due to improper input handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Yocto Iot Yocto Android Linux Kernel
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-5329 HIGH This Week

A vulnerability classified as problematic was found in Field Logic DataCube4 up to 20231001. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Datacube4 Firmware
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy