Skip to main content
CVE-2023-23558 MEDIUM POC PATCH This Month

In Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp. Rated medium severity (CVSS 6.3). Public exploit code available.

Information Disclosure Eternal Terminal
NVD GitHub
CVSS 3.1
6.3
EPSS
0.3%
CVE-2023-23936 MEDIUM POC PATCH This Month

Undici is an HTTP/1.1 client for Node.js. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Node.js Code Injection Node Js Undici
NVD GitHub
CVSS 3.1
5.4
EPSS
1.1%
CVE-2023-23752 MEDIUM POC KEV THREAT This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Joomla
NVD Exploit-DB
CVSS 3.1
5.3
EPSS
99.8%
CVE-2023-0821 MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-22380 MEDIUM This Month

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Enterprise Server
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-23784 MEDIUM This Month

A relative path traversal in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to information disclosure via specially. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Fortinet Path Traversal Information Disclosure Fortiweb
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-23778 MEDIUM PATCH This Month

A relative path traversal vulnerability [CWE-23] in FortiWeb version 7.0.1 and below, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated user to obtain unauthorized. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Fortinet Path Traversal Authentication Bypass Fortiweb
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-0475 MEDIUM PATCH This Month

HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Go Getter
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-24484 MEDIUM PATCH This Month

A malicious user can cause log files to be written to a directory that they do not have permission to write to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Workspace
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-25153 MEDIUM PATCH This Month

containerd is an open source container runtime. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Containerd
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-22638 MEDIUM PATCH This Month

Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Fortinac
NVD
CVSS 3.1
5.4
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy