Skip to main content
CVE-2023-38331 MEDIUM This Month

Zoho ManageEngine Support Center Plus 14001 and below is vulnerable to stored XSS in the products module. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Zoho Manageengine Supportcenter Plus
NVD
CVSS 3.1
5.4
EPSS
1.9%
CVE-2023-3774 MEDIUM This Month

An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Hashicorp Vault
NVD
CVSS 3.1
4.9
EPSS
0.6%
CVE-2023-0958 MEDIUM PATCH This Month

Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Backup Migration Clone Duplicate Post +8
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-38685 MEDIUM PATCH This Month

Discourse is an open source discussion platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Discourse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-37906 MEDIUM PATCH This Month

Discourse is an open source discussion platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Discourse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-37904 LOW PATCH Monitor

Discourse is an open source discussion platform. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Race Condition Information Disclosure Discourse
NVD GitHub
CVSS 3.1
3.1
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy