Skip to main content
CVE-2023-43260 MEDIUM POC This Month

Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ur51 Firmware Ur52 Firmware Ur55 Firmware Ur32L Firmware +3
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-5441 MEDIUM POC PATCH This Month

NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Vim Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-42755 MEDIUM POC PATCH This Month

A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Linux Denial Of Service Linux Kernel +2
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-42754 MEDIUM POC PATCH This Month

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Linux Linux Kernel Enterprise Linux +1
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-43343 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Quick Cms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-26237 MEDIUM This Month

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Watchguard Authentication Bypass Epp Firmware Edr Firmware Epdr Firmware +1
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-41175 MEDIUM This Month

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service Buffer Overflow Libtiff +2
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-40745 MEDIUM This Month

LibTIFF is vulnerable to an integer overflow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service Buffer Overflow Libtiff +3
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-44387 MEDIUM PATCH This Month

Gradle is a build tool with a focus on build automation and support for multi-language development. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Gradle
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-43073 MEDIUM This Month

Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Smartfabric Storage Software
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-43070 MEDIUM This Month

Dell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Dell Smartfabric Storage Software
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-44390 MEDIUM PATCH This Month

HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Htmlsanitizer
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-45243 MEDIUM This Month

Sensitive information disclosure due to missing authorization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Information Disclosure Authentication Bypass Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-45242 MEDIUM This Month

Sensitive information disclosure due to missing authorization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Information Disclosure Authentication Bypass Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-45241 MEDIUM This Month

Sensitive information leak through log files. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Microsoft Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-45240 MEDIUM This Month

Sensitive information disclosure due to missing authorization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Information Disclosure Authentication Bypass Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-44214 MEDIUM This Month

Sensitive information disclosure due to missing authorization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Information Disclosure Authentication Bypass Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-44213 MEDIUM This Month

Sensitive information disclosure due to excessive collection of system information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-26239 MEDIUM This Month

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Watchguard Epp Firmware Edr Firmware Epdr Firmware +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-26238 MEDIUM This Month

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Watchguard Epp Firmware Edr Firmware Epdr Firmware +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-43071 MEDIUM This Month

Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dell Smartfabric Storage Software
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-44386 MEDIUM PATCH This Month

Vapor is an HTTP web framework for Swift. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Vapor
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy