Skip to main content
CVE-2023-45322 MEDIUM PATCH This Month

libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Libxml2
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-23366 MEDIUM This Month

A path traversal vulnerability has been reported to affect Music Station. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Music Station
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-23365 MEDIUM This Month

A path traversal vulnerability has been reported to affect Music Station. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Music Station
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-21291 MEDIUM PATCH This Month

In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21253 MEDIUM PATCH This Month

In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21252 MEDIUM PATCH This Month

In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-5366 MEDIUM PATCH This Month

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Openvswitch Openshift Container Platform Virtualization Enterprise Linux +1
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-45245 MEDIUM This Month

Sensitive information disclosure due to missing authorization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Information Disclosure Authentication Bypass Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-29235 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Fugu Design Maintenance Switch maintenance-switch allows Cross Site Request Forgery.7.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-4469 MEDIUM This Month

The Profile Extra Fields by BestWebSoft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the prflxtrflds_export_file function in versions up to,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Profile Extra Fields
NVD VulDB
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-42445 MEDIUM This Month

Gradle is a build tool with a focus on build automation and support for multi-language development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

XXE Gradle
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-23371 MEDIUM This Month

A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Qvpn
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-23370 MEDIUM This Month

An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Qvpn
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-44384 MEDIUM PATCH This Month

Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity.

SSRF Atlassian Discourse Jira
NVD GitHub
CVSS 3.1
4.1
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy