Skip to main content
CVE-2023-6069 HIGH POC PATCH This Week

Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Froxlor
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-41285 HIGH This Week

A SQL injection vulnerability has been reported to affect QuMagie. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Qumagie
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-41284 HIGH This Week

A SQL injection vulnerability has been reported to affect QuMagie. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Qumagie
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-39295 HIGH This Week

An OS command injection vulnerability has been reported to affect QuMagie. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Qumagie
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2023-47611 HIGH This Week

A CWE-269: Improper Privilege Management vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Bgs5 Firmware Ehs5 Firmware Ehs6 Firmware Ehs8 Firmware +6
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-47108 HIGH PATCH This Week

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Opentelemetry
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-6076 HIGH This Week

A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Restaurant Table Booking System
NVD VulDB
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-47120 HIGH PATCH This Week

Discourse is an open source platform for community discussion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Redis Denial Of Service Discourse
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-36014 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Google Microsoft Edge Chromium
NVD
CVSS 3.1
7.3
EPSS
1.4%
CVE-2023-23367 HIGH This Week

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Command Injection Qts Quts Hero Qutscloud
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-36024 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Microsoft Edge Chromium
NVD
CVSS 3.1
7.1
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy