Skip to main content
CVE-2023-34597 MEDIUM POC This Month

A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service (DoS) via a crafted Z-Wave message. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Fgms 001 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-34596 MEDIUM POC This Month

A vulnerability in Aeotec WallMote Switch firmware v2.3 allows attackers to cause a Denial of Service (DoS) via a crafted Z-Wave message. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Zw130 A Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-26428 MEDIUM This Month

Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users within the same context. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Open Xchange Appsuite Backend
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-33495 MEDIUM This Month

Craft CMS through 4.4.9 is vulnerable to HTML Injection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Craft Cms
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-35098 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Nextgen Galleryview
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-35097 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Wp Affiliate Links
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-35884 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Eventprime
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-3220 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 6.1-rc8. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-35882 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Super Socializer
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-26429 MEDIUM This Month

Control characters were not removed when exporting user feedback content. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Open Xchange Appsuite Backend
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-26435 MEDIUM This Month

It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Open Xchange Appsuite Backend
NVD
CVSS 3.1
5.0
EPSS
0.8%
CVE-2023-35095 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Flo Forms
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-35878 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Extra User Details
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-26434 MEDIUM This Month

When adding an external mail account, processing of POP3 "capabilities" responses are not limited to plausible sizes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Open Xchange Appsuite Backend
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2023-26433 MEDIUM This Month

When adding an external mail account, processing of IMAP "capabilities" responses are not limited to plausible sizes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Open Xchange Appsuite Backend
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2023-26432 MEDIUM This Month

When adding an external mail account, processing of SMTP "capabilities" responses are not limited to plausible sizes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Open Xchange Appsuite Backend
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2023-26431 MEDIUM This Month

IPv4-mapped IPv6 addresses did not get recognized as "local" by the code and a connection attempt is made. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Open Xchange Appsuite Backend
NVD
CVSS 3.1
4.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy