Skip to main content
CVE-2023-23754 MEDIUM This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Open Redirect Joomla
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-20884 MEDIUM PATCH This Month

VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Information Disclosure VMware Open Redirect Identity Manager Workspace One Access +2
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-33186 MEDIUM PATCH This Month

Zulip is an open-source team collaboration tool with unique topic-based threading that combines the best of email and chat to make remote work productive and delightful. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Zulip Server
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-33974 MEDIUM PATCH This Month

RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Denial Of Service Riot
NVD GitHub
CVSS 3.1
5.9
EPSS
0.7%
CVE-2023-23561 MEDIUM This Month

Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-32448 MEDIUM PATCH This Month

PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Microsoft Powerpath
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-33961 MEDIUM This Month

Leantime is a lean open source project management system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Leantime
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-32685 MEDIUM PATCH This Month

Kanboard is project management software that focuses on the Kanban methodology. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Kanboard
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-33181 MEDIUM This Month

Xibo is a content management system (CMS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xibo
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-31186 MEDIUM This Month

Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ix Workforce Engagement
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-33955 MEDIUM PATCH This Month

Minio Console is the UI for MinIO Object Storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Console
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-1711 MEDIUM This Month

A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that use remote authentication to the network elements. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Foxman Un Unem
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-2941 MEDIUM This Month

Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Chrome
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-2938 MEDIUM This Month

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Chrome
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2023-2937 MEDIUM This Month

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Chrome
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2023-24568 MEDIUM This Month

Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dell Networker
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-33183 MEDIUM PATCH This Month

Calendar app for Nextcloud easily sync events from various devices with your Nextcloud. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Nextcloud Calendar
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-33182 MEDIUM PATCH This Month

Contacts app for Nextcloud easily syncs contacts from various devices with your Nextcloud and allows editing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Nextcloud Contacts
NVD GitHub
CVSS 3.1
4.3
EPSS
0.8%
CVE-2023-32684 LOW PATCH Monitor

Lima launches Linux virtual machines, typically on macOS, for running containerd. Rated low severity (CVSS 2.5), this vulnerability is no authentication required.

Path Traversal Information Disclosure Apple Lima
NVD GitHub
CVSS 3.1
2.5
EPSS
0.3%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy