Skip to main content
CVE-2023-39043 MEDIUM POC This Month

An information leak in YKC Tokushima_awayokocho Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tokushima Awayokocho
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-39039 MEDIUM POC This Month

An information leak in Camp Style Project Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Camp Style Project Line
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-39040 MEDIUM POC This Month

An information leak in Cheese Cafe Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cheese Cafe Line
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-39056 MEDIUM POC This Month

An information leak in Coffee-jumbo v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Coffee Jumbo
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-39049 MEDIUM POC This Month

An information leak in youmart-tokunaga v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Youmart Tokunaga
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-39046 MEDIUM POC This Month

An information leak in TonTon-Tei_waiting Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tonton Tei Waiting
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-39058 MEDIUM POC This Month

An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure The B Members Card
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-4527 MEDIUM POC This Month

A flaw was found in glibc. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Glibc Codeready Linux Builder Eus Codeready Linux Builder Eus For Power Little Endian +24
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-42446 MEDIUM POC This Month

Pow is a authentication and user management solution for Phoenix and Plug-based apps. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pow
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-5031 MEDIUM POC This Month

A vulnerability was found in OpenRapid RapidCMS 1.3.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rapidcms
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-42253 MEDIUM POC This Month

Code-Projects Vehicle Management 1.0 is vulnerable to Cross Site Scripting (XSS) in Add Accounts via Invoice No, To, and Mammul. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Vehicle Management
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-37611 MEDIUM POC PATCH This Month

Cross Site Scripting (XSS) vulnerability in Neos CMS 8.3.3 allows a remote authenticated attacker to execute arbitrary code via a crafted SVG file to the neos/management/media component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Neos Cms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-42371 MEDIUM POC This Month

Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Rich Text Editor
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-42441 MEDIUM POC PATCH This Month

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Vyper
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-4806 MEDIUM This Month

A flaw has been identified in glibc. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Glibc Codeready Linux Builder Eus +20
NVD VulDB
CVSS 3.1
5.9
EPSS
1.9%
CVE-2023-38255 MEDIUM This Month

A potential attacker with or without (cookie theft) access to the device would be able to include malicious code (XSS) when uploading new device configuration that could affect the intended function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Modulys Gp Firmware
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-43114 MEDIUM PATCH This Month

An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Qt
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-38582 MEDIUM This Month

Persistent cross-site scripting (XSS) in the web application of MOD3GP-SY-120K allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Modulys Gp Firmware
NVD
CVSS 3.1
5.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy