Skip to main content
CVE-2023-22300 MEDIUM This Month

An unauthenticated remote attacker could force all authenticated users, such as administrative users, to perform unauthorized actions by viewing the logs. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation XSS Ey As525F001 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-24839 MEDIUM This Month

HGiga MailSherlock’s specific function has insufficient filtering for user input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Oaklouds Mailsherlock
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-28638 MEDIUM PATCH This Month

Snappier is a high performance C# implementation of the Snappy compression algorithm. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Snappier
NVD GitHub
CVSS 3.1
5.9
EPSS
0.6%
CVE-2023-1637 MEDIUM PATCH This Month

A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Authentication Bypass Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-25878 MEDIUM PATCH This Month

Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-25877 MEDIUM PATCH This Month

Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-25876 MEDIUM PATCH This Month

Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-25875 MEDIUM PATCH This Month

Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-1076 MEDIUM PATCH This Month

A flaw was found in the Linux Kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Authentication Bypass Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-1074 MEDIUM PATCH This Month

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-28629 MEDIUM PATCH This Month

GoCD is an open source continuous delivery server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Gocd
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-28655 MEDIUM This Month

A malicious user could leverage this vulnerability to escalate privileges or perform unauthorized actions in the context of the targeted privileged users. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Ey As525F001 Firmware
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22707 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Greenshift
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-25018 MEDIUM This Month

RIFARTEK IOT Wall transportation function has insufficient filtering for user input. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Iot Wall
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-22902 MEDIUM This Month

Openfind Mail2000 file uploading function has insufficient filtering for user input. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mail2000
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-22250 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Commerce Magento Open Source
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2023-24842 MEDIUM This Month

HGiga MailSherlock has vulnerability of insufficient access control. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oaklouds Mailsherlock
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-28866 MEDIUM This Month

In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-22249 MEDIUM This Month

Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XSS Commerce Magento Open Source
NVD
CVSS 3.1
4.8
EPSS
57.4%
CVE-2023-26958 MEDIUM This Month

Phpgurukul Park Ticketing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Admin Name parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Park Ticketing Management System
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-41354 MEDIUM PATCH This Month

An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Argo Cd
NVD GitHub
CVSS 3.1
4.3
EPSS
0.8%
CVE-2023-28630 MEDIUM PATCH This Month

GoCD is an open source continuous delivery server. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Information Disclosure PostgreSQL Gocd
NVD GitHub
CVSS 3.1
4.4
EPSS
0.3%
CVE-2023-22251 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Incorrect Authorization vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Information Disclosure Authentication Bypass Commerce Magento Open Source
NVD
CVSS 3.1
4.3
EPSS
0.6%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy