Skip to main content
CVE-2023-38572 HIGH This Week

The issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Safari Ipados Iphone Os +3
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-38564 HIGH This Week

The issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-38489 HIGH PATCH This Week

Kirby is a content management system. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Kirby
NVD GitHub
CVSS 3.1
7.3
EPSS
0.7%
CVE-2023-38425 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2023-23764 HIGH This Week

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff within the GitHub pull request UI. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Enterprise Server
NVD GitHub
CVSS 3.1
7.1
EPSS
0.5%
CVE-2023-37900 LOW POC PATCH Monitor

Crossplane is a framework for building cloud native control planes without needing to write code. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Crossplane
NVD GitHub
CVSS 3.1
2.7
EPSS
0.5%
CVE-2023-38133 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Safari Ipados Iphone Os +3
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-3973 MEDIUM PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository jgraph/drawio prior to 21.6.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Drawio
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-37977 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Wpfunnels
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-37976 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Radio Forge Muses Player With Skins
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-37975 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Variation Swatches For Woocommerce
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-37894 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Variation Images Gallery For Woocommerce
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-37981 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Authors List
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-38608 MEDIUM This Month

The issue was addressed with additional permissions checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-38602 MEDIUM This Month

A permissions issue was addressed with additional restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-38593 MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-38421 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-38259 MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-38258 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-32442 MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-32429 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-32416 MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-38606 MEDIUM KEV THREAT This Month

This issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2023-36862 MEDIUM This Month

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Intel macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-35983 MEDIUM This Month

This issue was addressed with improved data protection. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-38512 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in wpstream WpStream wpstream allows Cross Site Request Forgery.5.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-38491 MEDIUM PATCH This Month

Kirby is a content management system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Kirby
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-37970 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mf Gig Calendar
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-28014 MEDIUM This Month

HCL BigFix Mobile is vulnerable to a cross-site scripting attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Bigfix Mobile
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2023-37993 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wpshopgermany It Recht Kanzlei
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-37980 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Custom Field For Wp Job Manager
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-3957 MEDIUM PATCH This Month

The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient restriction on the 'apg_profile_update' function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass WordPress Acf Photo Gallery Field
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy