Skip to main content
CVE-2023-24870 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24866 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24865 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24863 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24857 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +10
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-23411 MEDIUM PATCH This Month

Windows Hyper-V Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-23396 MEDIUM PATCH This Month

Microsoft Excel Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Office Online Server Office Web Apps Server
NVD
CVSS 3.1
6.5
EPSS
3.8%
CVE-2023-27895 MEDIUM This Month

SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Google Authenticator
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-27270 MEDIUM This Month

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in a class for test purposes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Denial Of Service Netweaver Application Server Abap
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-25618 MEDIUM This Month

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in an unused class for error. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Denial Of Service Netweaver Application Server Abap
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-23389 MEDIUM PATCH This Month

Microsoft Defender Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.3).

Information Disclosure Microsoft Malware Protection Engine
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2021-4195 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows XSS Targeting HTML. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Customer Relation Manager
NVD VulDB
CVSS 3.1
6.1
EPSS
0.2%
CVE-2022-23791 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows Cross-Site Scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Customer Relation Manager
NVD VulDB
CVSS 3.1
6.1
EPSS
0.2%
CVE-2022-23790 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows Cross-Site Scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Technology Customer Relation Manager
NVD VulDB
CVSS 3.1
6.1
EPSS
0.2%
CVE-2023-26457 MEDIUM This Month

SAP Content Server - version 7.53, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XSS Content Server
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-0021 MEDIUM This Month

Due to insufficient encoding of user input, SAP NetWeaver - versions 700, 701, 702, 731, 740, 750, allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure XSS Netweaver
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-23391 MEDIUM PATCH This Month

Office for Android Spoofing Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Microsoft Google Office
NVD VulDB
CVSS 3.1
5.5
EPSS
1.2%
CVE-2023-24923 MEDIUM PATCH This Month

Microsoft OneDrive for Android Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Google Microsoft Onedrive
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2023-24882 MEDIUM PATCH This Month

Microsoft OneDrive for Android Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Google Microsoft Onedrive
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2023-24862 MEDIUM PATCH This Month

Windows Secure Channel Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Denial Of Service Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-23409 MEDIUM PATCH This Month

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-23394 MEDIUM PATCH This Month

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-24921 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-24920 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

Microsoft XSS CSRF Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-24919 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-24891 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-24879 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-1296 MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-27894 MEDIUM This Month

SAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, allows an attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure Businessobjects Business Intelligence
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-27268 MEDIUM This Month

SAP NetWeaver AS Java (Object Analyzing Service) - version 7.50, does not perform necessary authorization checks, allowing an unauthenticated attacker to attach to an open interface and make use of. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Java Authentication Bypass Netweaver Application Server For Java
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-26460 MEDIUM This Month

Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Java Authentication Bypass Netweaver Application Server For Java
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-24526 MEDIUM This Month

SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any authentication checks for functionalities that require user identity, resulting in escalation of. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Java Authentication Bypass Netweaver Application Server Java
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-26461 MEDIUM This Month

SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an authenticated attacker with sufficient privileges to access the XML parser which can submit a crafted XML file which when parsed. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure XXE Netweaver Enterprise Portal
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2023-25615 MEDIUM This Month

Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP SQLi Abap Platform
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2023-23383 MEDIUM PATCH This Month

Service Fabric Explorer Spoofing Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Azure Service Fabric
NVD
CVSS 3.1
4.7
EPSS
11.7%
CVE-2023-24880 MEDIUM KEV PATCH THREAT This Month

Windows SmartScreen Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 20H2 +7
NVD
CVSS 3.1
4.4
EPSS
78.2%
CVE-2023-24911 MEDIUM PATCH This Month

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2023-27462 MEDIUM This Month

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ruggedcom Crossbow
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-23395 LOW PATCH Monitor

Microsoft SharePoint Server Spoofing Vulnerability. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Microsoft Open Redirect Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
3.1
EPSS
0.6%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy