Skip to main content
CVE-2023-5104 MEDIUM POC PATCH This Month

Improper Input Validation in GitHub repository nocodb/nocodb prior to 0.96.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Nocodb
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-42458 MEDIUM POC PATCH This Month

Zope is an open-source web application server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Zope
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-40183 MEDIUM POC PATCH This Month

DataEase is an open source data visualization and analysis tool. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

File Upload Dataease
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-43309 MEDIUM POC This Month

There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows attackers to run malicious scripts by injecting a specially. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Webmin
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-38344 MEDIUM This Month

An issue was discovered in Ivanti Endpoint Manager before 2022 SU4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ivanti Endpoint Manager
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-42806 MEDIUM This Month

Hydra is the layer-two scalability solution for Cardano. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Jwt Attack Hydra
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-39252 MEDIUM PATCH This Month

Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Dell Policy Manager For Secure Connect Gateway
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-41991 MEDIUM KEV THREAT This Month

A certificate validation issue was addressed. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os macOS
NVD
CVSS 3.1
5.5
EPSS
4.5%
CVE-2023-4753 MEDIUM This Month

OpenHarmony v3.2.1 and prior version has a system call function usage error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Openharmony
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-41048 MEDIUM PATCH This Month

plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depending on, Plone Dexterity content. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Namedfile
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-4292 MEDIUM This Month

Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a SQL injection vulnerability via manipulated parameters of the web interface without. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Frauscher Diagnostic System 101
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-41616 MEDIUM This Month

A reflected cross-site scripting (XSS) vulnerability in the Search Student function of Student Management System v1.2.3 and before allows attackers to execute arbitrary Javascript in the context of a. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Student Management System
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-41614 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability in the Add Animal Details function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Zoo Management System
NVD
CVSS 3.1
4.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy