Skip to main content
CVE-2023-2753 MEDIUM PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Phpmyfaq
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-2752 MEDIUM PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Phpmyfaq
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-30452 MEDIUM This Month

The MoroSystems EasyMind - Mind Maps plugin before 2.15.0 for Confluence allows persistent XSS when saving a Mind Map with the hyperlink parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Atlassian Easymind
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-26044 MEDIUM PATCH This Month

react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Http
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-1859 MEDIUM This Month

A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. Rated medium severity (CVSS 4.7). No vendor patch available.

Use After Free Denial Of Service Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2023-22348 MEDIUM This Month

Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Checkmk
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-2679 MEDIUM This Month

Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Microsoft Snow License Manager
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-0864 MEDIUM This Month

Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE). Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Abb Information Disclosure Terra Ac Wallbox Ul40 Firmware Terra Ac Wallbox 80A Firmware Terra Ac Wallbox Ul32A Firmware +5
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-2608 LOW PATCH Monitor

The Multiple Page Generator Plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to time-based SQL Injection via the orderby and order parameters in versions up to, and including,. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

SQLi WordPress CSRF Denial Of Service Multiple Page Generator
NVD
CVSS 3.1
3.1
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy