Skip to main content
CVE-2023-25964 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS We Re Open
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-29501 MEDIUM This Month

Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vulnerable to improper server certificate. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple Google Jiyu Kukan Toku Toku Coupon
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-31238 MEDIUM PATCH This Month

A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-0AA0) (All versions <. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Q200 Firmware
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-29175 MEDIUM This Month

An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Fortinet Information Disclosure Fortiproxy Fortios
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2023-2639 MEDIUM This Month

The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Information Disclosure Factorytalk Policy Manager Factorytalk System Services
NVD
CVSS 3.1
4.7
EPSS
0.4%
CVE-2023-27465 MEDIUM PATCH This Month

A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1),. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Simotion D425 2 Dp Firmware Simotion D425 2 Dp Pn Firmware Simotion D435 2 Dp Firmware Simotion D435 2 Dp Pn Firmware +9
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2023-32546 MEDIUM This Month

Code injection vulnerability exists in Chatwork Desktop Application (Mac) 2.6.43 and earlier. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

RCE Code Injection Chatwork
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2023-2563 MEDIUM PATCH This Month

The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Contact Forms
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-28599 MEDIUM This Month

Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zoom
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-29178 MEDIUM This Month

A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Fortinet Denial Of Service Fortiproxy Fortios
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2023-34247 MEDIUM PATCH This Month

Keystone is a content management system for Node.JS. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Node.js Open Redirect Keystone
NVD GitHub
CVSS 3.1
4.1
EPSS
0.4%
CVE-2023-34115 LOW Monitor

Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Meeting Sdk
NVD
CVSS 3.1
3.8
EPSS
0.3%
CVE-2023-28303 LOW Monitor

Windows Snipping Tool Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Snip Sketch Snipping Tool
NVD
CVSS 3.1
3.3
EPSS
2.0%
CVE-2023-32114 LOW Monitor

SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Netweaver
NVD
CVSS 3.1
2.7
EPSS
0.6%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy