Skip to main content
CVE-2023-38633 MEDIUM POC PATCH This Month

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Path Traversal Librsvg Fedora Debian Linux
NVD
CVSS 3.1
5.5
EPSS
2.1%
CVE-2023-3837 MEDIUM POC This Month

A vulnerability classified as problematic has been found in DedeBIZ 6.2.10. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Dedebiz
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-3835 MEDIUM This Month

A vulnerability classified as problematic has been found in Bug Finder MineStack 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Minestack
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-3834 MEDIUM This Month

A vulnerability was found in Bug Finder EX-RATE 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ex Rate
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-3833 MEDIUM This Month

A vulnerability was found in Bug Finder Montage 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Montage
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-3832 MEDIUM This Month

A vulnerability was found in Bug Finder Wedding Wonders 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Wedding Wonders
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-3830 MEDIUM This Month

A vulnerability was found in Bug Finder SASS BILLER 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Sass Biller
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-3829 MEDIUM This Month

A vulnerability was found in Bug Finder ICOGenie 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Icogenie
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-3828 MEDIUM This Month

A vulnerability was found in Bug Finder Listplace Directory Listing Platform 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Listplace Directory Listing Platform
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-3827 MEDIUM This Month

A vulnerability was found in Bug Finder Listplace Directory Listing Platform 3.0 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Listplace Directory Listing Platform
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-3831 MEDIUM This Month

A vulnerability was found in Bug Finder Finounce 1.0 and classified as problematic. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Finounce
NVD VulDB
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-28530 MEDIUM PATCH This Month

IBM Cognos Analytics 11.1 and 11.2 is vulnerable to stored cross-site scripting, caused by improper validation of SVG Files in Custom Visualizations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Cognos Analytics
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-25929 MEDIUM PATCH This Month

IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Cognos Analytics
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-38195 MEDIUM This Month

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PostgreSQL Seq
NVD GitHub
CVSS 3.1
4.9
EPSS
0.4%
CVE-2023-3247 MEDIUM PATCH This Month

In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure PHP
NVD GitHub
CVSS 3.1
4.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy