Skip to main content
CVE-2023-49213 HIGH POC This Week

The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Powershell Universal
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2023-41812 HIGH This Week

Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Pandora Fms
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-41807 HIGH This Week

Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Pandora Fms
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-41788 HIGH This Week

Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Pandora Fms
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-5972 HIGH PATCH This Week

A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Null Pointer Dereference Linux Linux Kernel Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-44290 HIGH This Week

Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass Command Monitor
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44289 HIGH This Week

Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass Command Configure
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-43086 HIGH This Week

Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Authentication Bypass Command Configure
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39253 HIGH This Week

Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Authentication Bypass Os Recovery Tool
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-41140 HIGH This Week

A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Heap Overflow Autocad +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-41139 HIGH This Week

A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Autocad Autocad Advance Steel Autocad Architecture Autocad Civil 3D +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-6118 HIGH This Week

Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal.1.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Neu Ipb210 28 Firmware Ntl Pt 06Wod 3Mp Firmware Neu Ipb410 28 Firmware Ntl Bc 01W Firmware +13
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-41808 HIGH This Week

Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Pandora Fms
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-41806 HIGH This Week

Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Pandora Fms
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-41787 HIGH This Week

Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pandora Fms
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-28813 HIGH This Week

An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Localservicecomponents
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-47668 HIGH This Week

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin - Restrict Content plugin <= 3.2.7 versions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Restrict Content
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-30581 HIGH This Week

The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Node.js Authentication Bypass Node Js
NVD
CVSS 3.1
7.5
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy