Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Issue summary: Checking excessively long DH keys or parameters may be very slow. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.