Skip to main content
CVE-2023-26081 HIGH POC PATCH This Week

In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Epiphany Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-25656 HIGH PATCH This Week

notation-go is a collection of libraries for supporting Notation sign, verify, push, and pull of oci artifacts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Notation Go
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-25570 HIGH PATCH This Week

Apollo is a configuration management system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Apollo
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-24998 HIGH PATCH This Week

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache File Upload Denial Of Service Commons Fileupload Debian Linux
NVD
CVSS 3.1
7.5
EPSS
46.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy