Skip to main content
CVE-2023-22410 MEDIUM POC This Month

A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-22491 MEDIUM POC PATCH This Month

Gatsby is a free and open source framework based on React that helps developers build websites and apps. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Node.js Code Injection Gatsby
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-0289 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository craigk5n/webcalendar prior to master. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Webcalendar
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-0287 MEDIUM POC This Month

A vulnerability was found in ityouknow favorites-web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Favorites Web
NVD VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-0105 MEDIUM PATCH This Month

A flaw was found in Keycloak. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Keycloak
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-22414 MEDIUM This Month

A Missing Release of Memory after Effective Lifetime vulnerability in Flexible PIC Concentrator (FPC) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker from the same shared. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-22407 MEDIUM This Month

An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-22406 MEDIUM This Month

A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-22405 MEDIUM This Month

An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent,. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-22404 MEDIUM This Month

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon (iked) of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Juniper Microsoft Memory Corruption +1
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-22395 MEDIUM This Month

A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-22397 MEDIUM This Month

An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Juniper Denial Of Service Junos Os Evolved
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2023-22402 MEDIUM This Month

A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free Juniper Denial Of Service Memory Corruption Junos Os Evolved
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2023-0295 MEDIUM This Month

The Launchpad plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of its settings parameters in versions up to, and including, 1.0.13 due to insufficient input sanitization. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Launchpad Coming Soon Maintenance Mode Plugin
NVD VulDB
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-21599 MEDIUM This Month

Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Incopy
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-21598 MEDIUM This Month

Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Adobe Denial Of Service Memory Corruption Incopy
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-21592 MEDIUM This Month

Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Indesign
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-21591 MEDIUM This Month

Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Indesign
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-22409 MEDIUM This Month

An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-22398 MEDIUM This Month

An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-0221 MEDIUM This Month

Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Application And Change Control
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-0293 MEDIUM This Month

The Mediamatic - Media Library Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.8.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Mediamatic
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy