Skip to main content
CVE-2023-45205 HIGH PATCH This Week

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

RCE Sicam Pas Pqs
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-45204 HIGH PATCH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44087 HIGH PATCH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44086 HIGH PATCH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44085 HIGH PATCH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44084 HIGH PATCH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44083 HIGH PATCH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44082 HIGH PATCH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44081 HIGH PATCH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-36380 HIGH PATCH This Week

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11 (only with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Cp 8050 Firmware Cp 8031 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-30900 HIGH This Week

A vulnerability has been identified in Xpedition Layout Browser (All versions < VX.2.14). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Xpedition Layout Browser
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-36127 HIGH This Week

User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Appointment Scheduler
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-38171 HIGH PATCH This Week

Microsoft QUIC Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Net Visual Studio 2022 +2
NVD
CVSS 3.1
7.5
EPSS
69.5%
CVE-2023-36720 HIGH PATCH This Week

Windows Mixed Reality Developer Tools Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 +6
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2023-36709 HIGH PATCH This Week

Microsoft AllJoyn API Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1507 Windows 10 1809 +7
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2023-36707 HIGH PATCH This Week

Windows Deployment Services Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2023-36703 HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2023-36606 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
67.2%
CVE-2023-36603 HIGH PATCH This Week

Windows TCP/IP Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2023-36602 HIGH PATCH This Week

Windows TCP/IP Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2023-36596 HIGH PATCH This Week

Remote Procedure Call Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1809 Windows 10 21H1 Windows 10 22h2 +6
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-36585 HIGH PATCH This Week

Windows upnphost.dll Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1809 Windows 10 21H1 +8
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2023-36581 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2023-36579 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2023-36567 HIGH PATCH This Week

Windows Deployment Services Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1809 Windows 10 21H1 +8
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-36438 HIGH PATCH This Week

Windows TCP/IP Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-36435 HIGH PATCH This Week

Microsoft QUIC Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Net Windows 11 21H2 Windows 11 22h2 +1
NVD
CVSS 3.1
7.5
EPSS
5.5%
CVE-2023-36431 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2023-29348 HIGH PATCH This Week

Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-40718 HIGH This Week

A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Fortinet Information Disclosure Fortios Ips Engine
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-37935 HIGH This Week

A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Fortinet Information Disclosure Fortios
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-5499 HIGH This Week

Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could allow a remote attacker to retrieve all the week's logs stored in the 'log2' directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Reachfar Gps Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-41085 HIGH This Week

When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Advanced Web Application Firewall Big Ip Analytics +15
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-40542 HIGH This Week

When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Advanced Web Application Firewall Big Ip Analytics +15
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-40534 HIGH This Week

When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Advanced Web Application Firewall Big Ip Analytics +16
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-42189 HIGH This Week

Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mini Smart Wi Fi Plug Firmware Lightstrip Firmware Led Strip Firmware Hub2 Firmware +5
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-40310 HIGH This Week

SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure Powerdesigner
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-45226 HIGH This Week

The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Big Ip Next Service Proxy For Kubernetes
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2023-36593 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36592 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36591 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2023-36590 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36589 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36583 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 +11
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36582 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36578 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36575 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36574 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36573 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-36572 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.3
EPSS
1.0%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy