Skip to main content
CVE-2023-28868 HIGH POC This Week

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Secure Enterprise Client
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2023-49800 HIGH POC PATCH This Week

`nuxt-api-party` is an open source module to proxy API requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Nuxt Api Party
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-49799 HIGH POC PATCH This Week

`nuxt-api-party` is an open source module to proxy API requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Nuxt Api Party
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-28523 HIGH This Week

IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow IBM Informix Dynamic Server +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-49797 HIGH PATCH This Week

PyInstaller bundles a Python application and all its dependencies into a single package. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Python Information Disclosure Pyinstaller
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-6394 HIGH PATCH This Week

A flaw was found in Quarkus. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Quarkus Build Of Quarkus
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2023-49798 HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy