Skip to main content
CVE-2023-33062 HIGH This Week

Transient DOS in WLAN Firmware while parsing a BTM request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +280
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-33109 HIGH This Week

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware +301
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-33040 HIGH This Week

Transient DOS in Data Modem during DTLS handshake. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Csra6620 Firmware +135
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2022-3010 HIGH This Week

The Priva TopControl Suite contains predictable credentials for the SSH service, based on the Serial number. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Top Control Suite
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-33036 HIGH This Week

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware +99
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2023-33037 HIGH This Week

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +76
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2023-33038 MEDIUM This Month

Memory corruption while receiving a message in Bus Socket Transport Server. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware +136
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-28583 MEDIUM This Month

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Qca6420 Firmware Qca6430 Firmware +26
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32885 MEDIUM This Month

In display drm, there is a possible memory corruption due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32884 MEDIUM This Month

In netdagent, there is a possible information disclosure due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Information Disclosure Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32883 MEDIUM This Month

In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32872 MEDIUM This Month

In keyInstall, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32891 MEDIUM This Month

In bluetooth service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Lr13 +4
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32879 MEDIUM This Month

In battery, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32877 MEDIUM This Month

In battery, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32882 MEDIUM This Month

In battery, there is a possible memory corruption due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-51652 MEDIUM PATCH This Month

OWASP AntiSamy .NET is a library for performing cleansing of HTML coming from untrusted sources. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Owasp Antisamy Net
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2023-50711 MEDIUM PATCH This Month

vmm-sys-util is a collection of modules that provides helpers and utilities used by multiple rust-vmm components. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Deserialization Buffer Overflow Memory Corruption Vmm Sys Util
NVD GitHub
CVSS 3.1
5.7
EPSS
0.1%
CVE-2023-32831 MEDIUM This Month

In wlan driver, there is a possible PIN crack due to use of insufficiently random values. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-7192 MEDIUM PATCH This Month

A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Enterprise Linux
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-45561 MEDIUM This Month

An issue in A-WORLD OIRASE BEER_waiting Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Line
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-6693 MEDIUM PATCH This Month

A stack based buffer overflow was found in the virtio-net device of QEMU. Rated medium severity (CVSS 4.9), this vulnerability is no authentication required.

Stack Overflow Buffer Overflow Qemu Enterprise Linux Fedora
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2023-48732 MEDIUM PATCH This Month

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Mattermost Server
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-32876 MEDIUM This Month

In keyInstall, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2023-32875 MEDIUM This Month

In keyInstall, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2023-32881 MEDIUM This Month

In battery, there is a possible information disclosure due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2023-32880 MEDIUM This Month

In battery, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2023-32878 MEDIUM This Month

In battery, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2023-47858 MEDIUM PATCH This Month

Mattermost fails to properly verify the permissions needed for viewing archived public channels, allowing a member of one team to get details about the archived public channels of another team via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Mattermost Server
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-48360 MEDIUM This Month

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Openharmony
NVD
CVSS 3.1
4.0
EPSS
0.1%
CVE-2023-47857 MEDIUM This Month

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia camera crash through modify a released pointer. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Openharmony
NVD
CVSS 3.1
4.0
EPSS
0.1%
CVE-2023-49142 MEDIUM This Month

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash through modify a released pointer. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Openharmony
NVD
CVSS 3.1
4.0
EPSS
0.1%
CVE-2023-49135 MEDIUM This Month

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Openharmony
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2023-50333 LOW PATCH Monitor

Mattermost fails to update the permissions of the current session for a user who was just demoted to guest, allowing freshly demoted guests to change group names. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable.

Authentication Bypass Mattermost Server
NVD
CVSS 3.1
3.7
EPSS
0.1%
CVE-2015-10128 LOW PATCH Monitor

A vulnerability was found in rt-prettyphoto Plugin up to 1.2 on WordPress and classified as problematic. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress PHP Royal Prettyphoto
NVD GitHub VulDB
CVSS 3.1
3.5
EPSS
0.2%
CVE-2018-25097 LOW PATCH Monitor

A vulnerability, which was classified as problematic, was found in Acumos Design Studio up to 2.0.7. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Design Studio
NVD GitHub VulDB
CVSS 3.1
3.5
EPSS
0.1%
CVE-2023-47216 LOW Monitor

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all resources. Rated low severity (CVSS 2.9), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Openharmony
NVD
CVSS 3.1
2.9
EPSS
0.0%
CVE-2017-20188 LOW PATCH Monitor

A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Zm Ajax
NVD GitHub VulDB
CVSS 3.1
2.6
EPSS
0.1%
CVE-2024-21632 HIGH POC PATCH This Week

omniauth-microsoft_graph provides an Omniauth strategy for the Microsoft Graph API. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Omniauth
NVD GitHub
CVSS 3.1
8.6
EPSS
0.3%
CVE-2024-21629 MEDIUM PATCH This Month

Rust EVM is an Ethereum Virtual Machine interpreter. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Evm
NVD GitHub
CVSS 3.1
5.9
EPSS
0.6%
CVE-2024-21628 MEDIUM PATCH This Month

PrestaShop is an open-source e-commerce platform. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Prestashop
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-0196 MEDIUM POC This Month

A vulnerability has been found in Magic-Api up to 2.0.1 and classified as critical. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Magic Api
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-21627 HIGH PATCH This Month

PrestaShop is an open-source e-commerce platform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

XSS Prestashop
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
CVE-2024-21623 CRITICAL POC PATCH Act Now

OTCLient is an alternative tibia client for otserv. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Otclient
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2024-0194 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in CodeAstro Internet Banking System up to 1.0.php of the component Profile Picture Handler. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Internet Banking System
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-0192 MEDIUM POC This Month

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Rrj Nueva Ecija Engineer Online Portal
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-0191 MEDIUM POC This Month

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Rrj Nueva Ecija Engineer Online Portal
NVD VulDB
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-0190 LOW POC Monitor

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic.php of the component Quiz Handler. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Rrj Nueva Ecija Engineer Online Portal
NVD VulDB
CVSS 3.1
3.5
EPSS
0.2%
CVE-2024-0189 LOW POC Monitor

A vulnerability has been found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Rrj Nueva Ecija Engineer Online Portal
NVD VulDB
CVSS 3.1
3.5
EPSS
0.1%
CVE-2024-0188 LOW POC Monitor

A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Brute Force Information Disclosure Rrj Nueva Ecija Engineer Online Portal
NVD VulDB
CVSS 3.1
3.1
EPSS
0.2%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy