Skip to main content
CVE-2024-0195 MEDIUM POC THREAT This Month

A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 92.0%.

Java RCE Code Injection Spider Flow
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
92.0%
Threat
5.5
CVE-2023-49794 MEDIUM POC This Month

KernelSU is a Kernel-based root solution for Android devices. Rated medium severity (CVSS 6.7). Public exploit code available and no vendor patch available.

Authentication Bypass Google Kernelsu Android
NVD GitHub
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-50019 MEDIUM POC PATCH This Month

An issue was discovered in open5gs v2.6.6. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Denial Of Service Open5gs
NVD GitHub
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-26157 MEDIUM POC PATCH This Month

Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Libredwg
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-33038 MEDIUM This Month

Memory corruption while receiving a message in Bus Socket Transport Server. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware +136
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-28583 MEDIUM This Month

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Qca6420 Firmware Qca6430 Firmware +26
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32885 MEDIUM This Month

In display drm, there is a possible memory corruption due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32884 MEDIUM This Month

In netdagent, there is a possible information disclosure due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Information Disclosure Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32883 MEDIUM This Month

In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32872 MEDIUM This Month

In keyInstall, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32891 MEDIUM This Month

In bluetooth service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Lr13 +4
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32879 MEDIUM This Month

In battery, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32877 MEDIUM This Month

In battery, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-32882 MEDIUM This Month

In battery, there is a possible memory corruption due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2023-51652 MEDIUM PATCH This Month

OWASP AntiSamy .NET is a library for performing cleansing of HTML coming from untrusted sources. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Owasp Antisamy Net
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2023-50711 MEDIUM PATCH This Month

vmm-sys-util is a collection of modules that provides helpers and utilities used by multiple rust-vmm components. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Deserialization Buffer Overflow Memory Corruption Vmm Sys Util
NVD GitHub
CVSS 3.1
5.7
EPSS
0.1%
CVE-2023-32831 MEDIUM This Month

In wlan driver, there is a possible PIN crack due to use of insufficiently random values. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-7192 MEDIUM PATCH This Month

A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Enterprise Linux
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-45561 MEDIUM This Month

An issue in A-WORLD OIRASE BEER_waiting Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Line
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-6693 MEDIUM PATCH This Month

A stack based buffer overflow was found in the virtio-net device of QEMU. Rated medium severity (CVSS 4.9), this vulnerability is no authentication required.

Stack Overflow Buffer Overflow Qemu Enterprise Linux Fedora
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2023-48732 MEDIUM PATCH This Month

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Mattermost Server
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-32876 MEDIUM This Month

In keyInstall, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2023-32875 MEDIUM This Month

In keyInstall, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2023-32881 MEDIUM This Month

In battery, there is a possible information disclosure due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2023-32880 MEDIUM This Month

In battery, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2023-32878 MEDIUM This Month

In battery, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2023-47858 MEDIUM PATCH This Month

Mattermost fails to properly verify the permissions needed for viewing archived public channels, allowing a member of one team to get details about the archived public channels of another team via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Mattermost Server
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-48360 MEDIUM This Month

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Openharmony
NVD
CVSS 3.1
4.0
EPSS
0.1%
CVE-2023-47857 MEDIUM This Month

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia camera crash through modify a released pointer. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Openharmony
NVD
CVSS 3.1
4.0
EPSS
0.1%
CVE-2023-49142 MEDIUM This Month

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash through modify a released pointer. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Openharmony
NVD
CVSS 3.1
4.0
EPSS
0.1%
CVE-2023-49135 MEDIUM This Month

in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Openharmony
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2024-21629 MEDIUM PATCH This Month

Rust EVM is an Ethereum Virtual Machine interpreter. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Evm
NVD GitHub
CVSS 3.1
5.9
EPSS
0.6%
CVE-2024-21628 MEDIUM PATCH This Month

PrestaShop is an open-source e-commerce platform. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Prestashop
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-0196 MEDIUM POC This Month

A vulnerability has been found in Magic-Api up to 2.0.1 and classified as critical. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Magic Api
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-0194 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in CodeAstro Internet Banking System up to 1.0.php of the component Profile Picture Handler. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Internet Banking System
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-0192 MEDIUM POC This Month

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Rrj Nueva Ecija Engineer Online Portal
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-0191 MEDIUM POC This Month

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Rrj Nueva Ecija Engineer Online Portal
NVD VulDB
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-0185 MEDIUM POC Monitor

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Rrj Nueva Ecija Engineer Online Portal
NVD VulDB
CVSS 3.1
4.7
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy