Skip to main content
CVE-2023-1668 HIGH PATCH This Week

A flaw was found in openvswitch (OVS). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Open Vswitch Debian Linux Openshift Container Platform Openstack Platform +2
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2023-26466 HIGH This Week

A user with non-Admin access can change a configuration file on the client to modify the Server URL. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Synchronization Engine
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-26495 HIGH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2024.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Drawings Sdk
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-29005 HIGH PATCH This Week

Flask-AppBuilder versions before 4.3.0 lack rate limiting which can allow an attacker to brute-force user credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Python Information Disclosure Flask Appbuilder
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-26774 HIGH This Week

An issue found in Sales Tracker Management System v.1.0 allows a remote attacker to access sensitive information via sales.php component of the admin/reports endpoint. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Sales Tracker Management System
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-28093 MEDIUM This Month

A user with a compromised configuration can start an unsigned binary as a service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Synchronization Engine
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2023-30456 MEDIUM PATCH This Month

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-26467 MEDIUM This Month

A man in the middle can redirect traffic to a malicious server in a compromised configuration. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Synchronization Engine
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-29376 MEDIUM This Month

An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sitefinity
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-29192 MEDIUM This Month

SilverwareGames.io versions before 1.2.19 allow users with access to the game upload panel to edit download links for games uploaded by other developers. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Silverwaregames
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy