Skip to main content
CVE-2023-23004 MEDIUM PATCH This Month

In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Linux Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-23002 MEDIUM PATCH This Month

In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Linux Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-23001 MEDIUM PATCH This Month

In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Mediatek Null Pointer Dereference Linux Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-23000 MEDIUM PATCH This Month

In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Linux Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-0594 MEDIUM PATCH This Month

Grafana is an open-source platform for monitoring and observability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Grafana XSS
NVD
CVSS 3.1
5.4
EPSS
9.2%
CVE-2023-0507 MEDIUM PATCH This Month

Grafana is an open-source platform for monitoring and observability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Grafana XSS
NVD
CVSS 3.1
5.4
EPSS
15.5%
CVE-2023-20052 MEDIUM This Month

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Secure Endpoint Secure Endpoint Private Cloud Clamav Stormshield Network Security
NVD
CVSS 3.1
5.3
EPSS
7.0%
CVE-2023-22776 MEDIUM This Month

An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Arubaos Sd Wan
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2023-22778 MEDIUM This Month

A vulnerability in the ArubaOS web management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sd Wan Arubaos
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-27672 MEDIUM This Month

When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. Rated medium severity (CVSS 4.7). No vendor patch available.

Amd Information Disclosure Athlon X4 750 Firmware Athlon X4 760K Firmware Athlon X4 830 Firmware +162
NVD VulDB
CVSS 3.1
4.7
EPSS
0.1%
CVE-2022-45068 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Mercado Pago Mercado Pago payments for WooCommerce plugin <= 6.3.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Mercado Pago Payments For Woocommerce
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2022-45804 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.9 leading to galleries hierarchy change, included plugin deactivate &. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Robo Gallery
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-23984 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu - circle floating menu plugin <= 3.0.1 leading to form deletion. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Bubble Menu
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-23974 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Quick Event Manager
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-23003 MEDIUM PATCH This Month

In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value. Rated medium severity (CVSS 4.0).

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 3.1
4.0
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy