Skip to main content
CVE-2023-48667 HIGH This Week

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Dell Apex Protection Storage Powerprotect Data Domain Powerprotect Data Domain Management Center +2
NVD
CVSS 3.1
7.2
EPSS
1.8%
CVE-2023-48665 HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance Powermax Os
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2023-48664 HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance Powermax Os
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2023-48663 HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance Powermax Os
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2023-48662 HIGH PATCH This Week

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Dell Solutions Enabler Virtual Appliance Unisphere For Powermax Virtual Appliance Powermax Os
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2023-41719 HIGH This Week

A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker impersonating an administrator may craft a specific web request which may lead to remote code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ivanti Connect Secure
NVD
CVSS 3.1
7.2
EPSS
3.4%
CVE-2023-48771 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno "Aesqe" Babic File Gallery allows Reflected XSS.8.5.4. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS File Gallery
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-48767 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raghu Goriya MyTube PlayList allows Reflected XSS.0.3. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mytube Playlist
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-49813 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J.N.

XSS
NVD VulDB
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-49172 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BrainCert BrainCert - HTML5 Virtual Classroom allows Reflected XSS.30. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Virtual Classroom Api
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-49171 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TheInnovs Innovs HR - Complete Human Resource Management System for Your Business allows. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Innovs Hr
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-49827 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Soledad - Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme allows. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Soledad
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-49740 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seraphinite Solutions Seraphinite Accelerator allows Reflected XSS.20.28. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Seraphinite Accelerator
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-49771 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Reflected XSS.0.2. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Link Log
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-49766 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Ultimate Addons for Contact Form 7 allows Stored XSS.2.0. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ultimate Addons For Contact Form 7
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-48756 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetBlocks For Elementor allows Reflected XSS.3.8. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jetblocks For Elementor Elementor
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-48676 HIGH This Week

Sensitive information disclosure and manipulation due to missing authorization. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Authentication Bypass Agent
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-6407 HIGH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file deletion upon service restart when accessed by a local. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Easy Ups Online Monitoring Software
NVD
CVSS 3.1
7.1
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy