Skip to main content
CVE-2023-4903 MEDIUM This Month

Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Chrome Fedora Debian Linux
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-4902 MEDIUM This Month

Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Chrome Fedora Debian Linux
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-4901 MEDIUM This Month

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Chrome Fedora Debian Linux
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-4900 MEDIUM This Month

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Chrome Fedora Debian Linux
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-36767 MEDIUM PATCH This Month

Microsoft Office Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
4.3
EPSS
3.3%
CVE-2023-40611 MEDIUM PATCH This Month

Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Apache Authentication Bypass Airflow
NVD GitHub
CVSS 3.1
4.3
EPSS
1.3%
CVE-2023-41369 MEDIUM This Month

The Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP XXE S 4 Hana
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-40725 MEDIUM This Month

A vulnerability has been identified in QMS Automotive (All versions < V12.39). Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qms Automotive
NVD
CVSS 3.1
4.0
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy