Skip to main content
CVE-2023-22950 MEDIUM POC This Month

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tigergraph
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-29573 MEDIUM POC This Month

Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Bento4
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-2021 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Teampass
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-22948 MEDIUM POC This Month

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tigergraph
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2023-2014 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Generic in GitHub repository microweber/microweber prior to 1.3.3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Microweber
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-20866 MEDIUM PATCH This Month

In Spring Session version 3.0.0, the session id can be logged to the standard output stream. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Information Disclosure Spring Session
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-20863 MEDIUM PATCH This Month

In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Denial Of Service Spring Framework
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-26264 MEDIUM This Month

All versions of Talend Data Catalog before 8.0-20220907 are potentially vulnerable to XML External Entity (XXE) attacks in the license parsing code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XXE Data Catalog
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-26263 MEDIUM This Month

All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML External Entity (XXE) attacks in the /MIMBWebServices/license endpoint of the remote harvesting server. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XXE Data Catalog
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-25954 MEDIUM This Month

KYOCERA Mobile Print' v3.2.0.230119 and earlier, 'UTAX/TA MobilePrint' v3.2.0.230119 and earlier, and 'Olivetti Mobile Print' v3.2.0.230119 and earlier are vulnerable to improper intent handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Mobile Print
NVD
CVSS 3.1
5.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy