High Severity Vulnerabilities

111.5K CVEs classified as high severity

HIGH
Total CVEs
111.5K
Vulnerabilities
Avg CVSS
8.8
High
Max CVSS
8.8
Highest
Min CVSS
8.8
Lowest

Browse by Severity

Critical
28.6K
High
111.5K
Medium
128.7K
Low
9.9K

High Severity CVEs

Page 168 of 4645

CVE-2023-49446

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/save.

CWE-3522023

CVE-2023-49428

HIGH
CVSS:8.8(High)

Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName.

CWE-772023

CVE-2023-49424

HIGH
CVSS:8.8(High)

Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.

CWE-7872023

CVE-2023-49398

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/delete.

CWE-3522023

CVE-2023-49397

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/updateStatus.

CWE-3522023

CVE-2023-49396

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/save.

CWE-3522023

CVE-2023-49395

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/update.

CWE-3522023

CVE-2023-49383

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/save.

CWE-3522023

CVE-2023-49382

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/div/delete.

CWE-3522023

CVE-2023-49381

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/div/update.

CWE-3522023

CVE-2023-49380

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/delete.

CWE-3522023

CVE-2023-49379

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /admin/friend_link/save.

CWE-3522023

CVE-2023-49378

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/form/save.

CWE-3522023

CVE-2023-49377

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/update.

CWE-3522023

CVE-2023-49376

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/delete.

CWE-3522023

CVE-2023-49375

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/update.

CWE-3522023

CVE-2023-49374

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update.

CWE-3522023

CVE-2023-49373

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete.

CWE-3522023

CVE-2023-49372

HIGH
CVSS:8.8(High)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save.

CWE-3522023

CVE-2023-4934

HIGH
CVSS:8.8(High)

Authorization Bypass Through User-Controlled Key vulnerability in Usta AYBS allows Authentication Abuse, Authentication Bypass.This issue affects AYBS: before 1.0.3.

CWE-6392023

CVE-2023-49335

HIGH
CVSS:8.8(High)

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.

CWE-892023

CVE-2023-49334

HIGH
CVSS:8.8(High)

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.

CWE-892023

CVE-2023-49333

HIGH
CVSS:8.8(High)

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.

CWE-892023

CVE-2023-49332

HIGH
CVSS:8.8(High)

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.

CWE-892023