Skip to main content
CVE-2023-52204 HIGH This Week

SQL injection in Randomize WordPress plugin through 1.4.3.

SQLi
NVD
CVSS 3.1
8.5
EPSS
0.3%
CVE-2023-29051 HIGH This Week

User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Java Ox App Suite
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2021-3600 HIGH PATCH This Week

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. Rated high severity (CVSS 7.8). This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Linux Buffer Overflow RCE Information Disclosure Linux Kernel +3
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-7224 HIGH This Week

OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external third party libraries using the DYLD_INSERT_LIBRARIES environment variable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Code Injection Connect macOS
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-6631 HIGH This Week

PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Powersystem Center
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-52206 HIGH This Week

Deserialization in Live Composer page builder WordPress plugin.

Deserialization
NVD
CVSS 3.1
7.7
EPSS
0.4%
CVE-2024-21747 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM &. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi
NVD
CVSS 3.1
7.6
EPSS
0.3%
CVE-2023-52142 HIGH This Week

SQL injection in Events Shortcodes For The Events Calendar WordPress plugin.

SQLi
NVD
CVSS 3.1
7.6
EPSS
0.3%
CVE-2023-52201 HIGH This Week

SQL injection in pTypeConverter WordPress plugin.

SQLi
NVD
CVSS 3.1
7.6
EPSS
0.2%
CVE-2023-52190 HIGH This Week

Information exposure in Coupon Referral Program WordPress plugin through 1.7.2.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-29050 HIGH This Week

The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter strings that allow to access content outside of the intended hierarchy. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Code Injection LDAP Ox App Suite
NVD
CVSS 3.1
7.6
EPSS
0.1%
CVE-2023-49961 HIGH PATCH This Week

WALLIX Bastion 7.x, 8.x, 9.x and 10.x and WALLIX Access Manager 3.x and 4.x have Incorrect Access Control which can lead to sensitive data exposure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Information Disclosure Bastion Bastion Access Manager
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-52196 HIGH This Week

Reflected XSS in CPT Bootstrap Carousel WordPress plugin.

XSS Bootstrap
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-52213 HIGH This Week

XSS in Rate Star Review plugin for WordPress.

XSS
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-0307 HIGH POC This Month

A vulnerability was found in Kashipara Dynamic Lab Management System up to 1.0. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Dynamic Lab Management System
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.1%
CVE-2024-0306 HIGH POC This Month

A vulnerability was found in Kashipara Dynamic Lab Management System up to 1.0. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Dynamic Lab Management System
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.1%
CVE-2024-0299 HIGH POC This Month

A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N200re Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
2.1%
CVE-2024-0298 HIGH POC This Month

A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N200re Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
2.1%
CVE-2024-0297 HIGH POC This Month

A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical.cgi. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N200re Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.9%
CVE-2024-0296 HIGH POC This Month

A vulnerability has been found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N200re Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
2.1%
CVE-2024-0295 HIGH POC This Month

Elevation of privilege in Samsung Galaxy Watch4 via nearby BLE connection. Allows unauthorized access to watch data.

Command Injection Lr1200Gb Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
2.1%
CVE-2024-0294 HIGH POC This Month

A vulnerability, which was classified as critical, has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Lr1200Gb Firmware
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
2.1%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy