Skip to main content
CVE-2023-7102 CRITICAL POC THREAT Emergency

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Barracuda Email Security Gateway 300 Firmware Email Security Gateway 400 Firmware Email Security Gateway 600 Firmware +2
NVD GitHub
CVSS 3.1
9.8
EPSS
43.6%
CVE-2023-7101 HIGH POC KEV PATCH THREAT Act Now

Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Spreadsheet Debian Linux Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
16.8%
CVE-2023-7091 HIGH POC This Week

A vulnerability was found in Dreamer CMS 4.1.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Dreamer Cms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-51714 CRITICAL PATCH Act Now

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Debian Linux Qt
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-51763 CRITICAL PATCH Act Now

csv_builder.rb in ActiveAdmin (aka Active Admin) before 3.2.0 allows CSV injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Active Admin
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-51766 MEDIUM POC PATCH This Month

Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Exim Extra Packages For Enterprise Linux Fedora Debian Linux
NVD GitHub
CVSS 3.1
5.3
EPSS
1.1%
CVE-2023-51765 MEDIUM POC PATCH This Month

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Sendmail Freebsd Enterprise Linux
NVD GitHub
CVSS 3.1
5.3
EPSS
1.1%
CVE-2023-51764 MEDIUM POC This Month

Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Postfix Fedora Enterprise Linux
NVD GitHub
CVSS 3.1
5.3
EPSS
2.6%
CVE-2023-7092 MEDIUM POC This Month

A vulnerability was found in Uniway UW-302VP 2.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Uw 302Vp Firmware
NVD VulDB
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-51767 HIGH This Week

OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not. Rated high severity (CVSS 7.0). No vendor patch available.

Authentication Bypass SSH Openssh Fedora Enterprise Linux
NVD GitHub VulDB
CVSS 3.1
7.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy