Skip to main content
CVE-2023-50255 HIGH POC PATCH This Week

Deepin-Compressor is the default archive manager of Deepin Linux OS. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Path Traversal Deepin Compressor
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-49002 HIGH POC This Week

An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Phone Dialer Voice Call Dialer
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-51080 HIGH POC PATCH This Week

The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Hutool
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-51075 HIGH POC PATCH This Week

hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Hutool
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-47882 HIGH POC This Week

The Kami Vision YI IoT com.yunyi.smartcamera application through 4.1.9_20231127 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Google Yi Iot
NVD GitHub
CVSS 3.1
7.1
EPSS
0.5%
CVE-2023-40038 HIGH This Week

Arris DG860A and DG1670A devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dg860A Firmware Dg1670A Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-52075 HIGH This Week

ReVanced API proxies requests needed to feed the ReVanced Manager and website with data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Revanced
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-51697 HIGH PATCH This Week

Audiobookshelf is a self-hosted audiobook and podcast server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Audiobookshelf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-51665 HIGH PATCH This Week

Audiobookshelf is a self-hosted audiobook and podcast server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Audiobookshelf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-3171 HIGH This Week

A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Deserialization Jboss Enterprise Application Platform
NVD
CVSS 3.1
7.5
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy