Skip to main content
CVE-2023-0338 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Daloradius
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-0337 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Daloradius
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-22733 MEDIUM PATCH This Month

Shopware is an open source commerce platform based on Symfony Framework and Vue js. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Shopware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-22316 MEDIUM This Month

Hidden functionality vulnerability in PIX-RT100 versions RT100_TEQ_2.1.1_EQ101 and RT100_TEQ_2.1.2_EQ101 allows a network-adjacent attacker to access the product via undocumented Telnet or SSH. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pix Rt100 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-22298 MEDIUM PATCH This Month

Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Open Redirect Pgadmin 4 Fedora
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2023-22296 MEDIUM This Month

Reflected cross-site scripting vulnerability in MAHO-PBX NetDevancer series MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Maho Pbx Netdevancer Firmware Maho Pbx Netdevancer Vsg Firmware Maho Pbx Netdevancer Mobilegate Firmware
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-0296 MEDIUM This Month

The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Openshift
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2023-22278 MEDIUM This Month

m-FILTER prior to Ver.5.70R01 (Ver.5 Series) and m-FILTER prior to Ver.4.87R04 (Ver.4 Series) allows a remote unauthenticated attacker to bypass authentication and send users' unintended email when. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass M Filter
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-36647 MEDIUM This Month

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Mbed Tls
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy