Skip to main content
CVE-2023-29659 MEDIUM POC PATCH This Month

A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libheif Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-2553 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to 2.2.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Bumsys
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-2516 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Teampass
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-2550 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Phpmyfaq
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-2427 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Phpmyfaq
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-32269 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel before 6.1.11. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Linux Memory Corruption Linux Kernel
NVD GitHub
CVSS 3.1
6.7
EPSS
0.3%
CVE-2023-26285 MEDIUM PATCH This Month

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service IBM Mq Appliance
NVD
CVSS 3.1
5.9
EPSS
0.9%
CVE-2023-30434 MEDIUM PATCH This Month

IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Elastic Information Disclosure IBM Elastic Storage System Spectrum Scale
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-29942 MEDIUM PATCH This Month

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Llvm
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-29941 MEDIUM PATCH This Month

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Llvm
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-29939 MEDIUM PATCH This Month

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Llvm
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-29935 MEDIUM PATCH This Month

llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Llvm
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-29934 MEDIUM PATCH This Month

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect(). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Llvm
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-29933 MEDIUM PATCH This Month

llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Llvm
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-29932 MEDIUM PATCH This Month

llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Llvm
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-22874 MEDIUM PATCH This Month

IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service IBM Mq Appliance
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-29354 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Google Microsoft Edge Chromium
NVD
CVSS 3.1
4.7
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy