Skip to main content
CVE-2023-25833 MEDIUM PATCH This Month

There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could render. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Portal For Arcgis
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-2310 MEDIUM This Month

A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC) could allow a remote attacker to perform a man-in-the-middle. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-27919 MEDIUM This Month

Authentication bypass vulnerability in NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series) all versions allows a remote unauthenticated attacker to alter the information stored in the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Next Engine Integration
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-0007 MEDIUM This Month

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto XSS Pan Os
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-30746 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Rental Software Booqable Rental
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24406 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Simple Popup
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23794 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Semalt Blocker
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-28932 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple XSS Google Wpmobile App
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24418 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Tiny Carousel Horizontal Slider Plus
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23812 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Enhanced Wp Contact Form
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23789 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Premmerce Redirect Manager
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23788 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Custom More Link Complete
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-0008 MEDIUM This Month

A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Paloalto Pan Os
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2023-25776 MEDIUM PATCH This Month

Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Information Disclosure Intel Server System D50Tnp1Mhcrlc Firmware Server System D50Tnp1Mhcpac Firmware Server System D50Tnp2Mhsvac Firmware +7
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-24475 MEDIUM PATCH This Month

Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Intel Server System D50Tnp1Mhcrlc Firmware Server System D50Tnp1Mhcpac Firmware +8
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-23573 MEDIUM This Month

Improper access control in the Intel(R) Unite(R) android application before Release 17 may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Intel Authentication Bypass Unite
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-22447 MEDIUM This Month

Insertion of sensitive information into log file in the Open CAS software for Linux maintained by Intel before version 22.6.2 may allow a privileged user to potentially enable information disclosure. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Open Cache Acceleration Software
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-31166 MEDIUM This Month

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-31162 MEDIUM This Month

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-31151 MEDIUM This Month

An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
4.2
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy