Skip to main content
CVE-2023-31226 HIGH This Week

The SDK for the MediaPlaybackController module has improper permission verification. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-20883 HIGH PATCH This Week

In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service Spring Boot
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-0116 HIGH This Week

The reminder module lacks an authentication mechanism for broadcasts received. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-32676 HIGH PATCH This Week

Autolab is a course management service that enables auto-graded programming assignments. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Autolab
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-32317 HIGH PATCH This Week

Autolab is a course management service that enables auto-graded programming assignments. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Autolab
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-32318 MEDIUM PATCH This Month

Nextcloud server provides a home for data. Rated medium severity (CVSS 6.7).

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-32319 MEDIUM PATCH This Month

Nextcloud server is an open source personal cloud implementation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-33187 MEDIUM PATCH This Month

Highlight is an open source, full-stack monitoring platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Highlight
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-2283 MEDIUM This Month

A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Libssh Fedora Enterprise Linux
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-1667 MEDIUM This Month

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Libssh Fedora Debian Linux +1
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2023-1664 MEDIUM PATCH This Month

A flaw was found in Keycloak. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Build Of Quarkus Jboss A Mq Keycloak Migration Toolkit For Runtimes +1
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-32681 MEDIUM PATCH This Month

Requests is a HTTP library. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Requests Fedora
NVD GitHub
CVSS 3.1
6.1
EPSS
3.0%
CVE-2023-20868 MEDIUM This Month

NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Vmware Nsx T Data Center
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-29098 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Copysafe Web Protection
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-20882 MEDIUM This Month

In Cloud foundry routing release versions from 0.262.0 and prior to 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Cf Deployment Routing Release
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2023-2817 MEDIUM PATCH This Month

A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions <= 4.4.11. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Craft Cms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-33199 MEDIUM PATCH This Month

Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Rekor
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-27311 MEDIUM This Month

NetApp Blue XP Connector versions prior to 3.9.25 expose information via a directory listing. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Blue Xp Connector
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-0117 MEDIUM This Month

The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-25781 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Upload File Type Settings Plugin
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-2898 MEDIUM PATCH This Month

There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. Rated medium severity (CVSS 4.7). This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Linux Linux Kernel Debian Linux +5
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2023-32316 MEDIUM This Month

CloudExplorer Lite is an open source cloud management tool. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cloudexplorer
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-32311 MEDIUM This Month

CloudExplorer Lite is an open source cloud management platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cloudexplorer
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-31225 LOW Monitor

The Gallery app has the risk of hijacking attacks. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Race Condition Information Disclosure Emui
NVD
CVSS 3.1
3.3
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy