Skip to main content
CVE-2023-45371 HIGH This Week

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mediawiki
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-45349 HIGH This Week

Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.34.7, 4000 Assistant V10 R1.42.0, 4000 Assistant V10 R0, 4000 Manager V10 R1 before V10 R1.34.7, 4000 Manager V10 R1.42.0, and 4000 Manager. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Unify Openscape 4000 Assistant Unify Openscape 4000 Manager
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-45248 HIGH This Week

Local privilege escalation due to DLL hijacking vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Agent
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2023-45247 HIGH This Week

Sensitive information disclosure and manipulation due to missing authorization. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Information Disclosure Authentication Bypass Agent
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-41047 MEDIUM PATCH This Month

OctoPrint is a web interface for 3D printers. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

RCE Ssti Octoprint
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-25822 MEDIUM PATCH This Month

ReportPortal is an AI-powered test automation platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Reportportal Service Api
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-5100 MEDIUM This Month

Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote attacker to retrieve potentially sensitive information via intercepting network traffic that is not. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apu0200 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-43697 MEDIUM This Month

Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apu0200 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-5333 MEDIUM This Month

Mattermost fails to deduplicate input IDs allowing a simple user to cause the application to consume excessive resources and possibly crash by sending a specially crafted request to /api/v4/users/ids. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mattermost Denial Of Service Mattermost Server
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-39854 MEDIUM This Month

The web interface of ATX Ucrypt through 3.5 allows authenticated users (or attackers using default credentials for the admin, master, or user account) to include files via a URL in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Ucrypt
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-43698 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (’Cross-site Scripting’) in RDT400 in SICK APU allows an unprivileged remote attacker to run arbitrary code in the clients browser via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XSS Apu0200 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-45373 MEDIUM This Month

An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mediawiki
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-39193 MEDIUM PATCH This Month

A flaw was found in the Netfilter subsystem in the Linux kernel. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Linux Linux Kernel Enterprise Linux +1
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2023-39192 MEDIUM PATCH This Month

A flaw was found in the Netfilter subsystem in the Linux kernel. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Linux Linux Kernel Enterprise Linux +1
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2023-39189 MEDIUM PATCH This Month

A flaw was found in the Netfilter subsystem in the Linux kernel. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Linux Linux Kernel Enterprise Linux +1
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2023-5461 MEDIUM This Month

A vulnerability was found in Delta Electronics WPLSoft 2.51. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Wplsoft
NVD VulDB
CVSS 3.1
5.9
EPSS
0.4%
CVE-2023-5460 MEDIUM This Month

A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Wplsoft
NVD VulDB
CVSS 3.1
5.7
EPSS
0.4%
CVE-2023-44378 MEDIUM PATCH This Month

gnark is a zk-SNARK library that offers a high-level API to design circuits. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Canonical Gnark
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-30910 MEDIUM This Month

HPE MSA Controller prior to version IN210R004 could be remotely exploited to allow inconsistent interpretation of HTTP requests. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling Msa 1060 Storage Firmware Msa 2060 Storage Firmware Msa 2062 Storage Firmware
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-5102 MEDIUM This Month

Insufficient Control Flow Management in RDT400 in SICK APU allows an unprivileged remote attacker to potentially enable hidden functionality via HTTP requests. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apu0200 Firmware
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-5101 MEDIUM This Month

Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged remote attacker to download various files from the server via HTTP requests. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Apu0200 Firmware
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-5331 MEDIUM This Month

Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing unauthorized file information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mattermost Authentication Bypass Mattermost Server
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2023-45374 MEDIUM This Month

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Mediawiki
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-45372 MEDIUM This Month

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mediawiki
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2023-45370 MEDIUM This Month

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mediawiki
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2023-45364 MEDIUM This Month

An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Mediawiki Debian Linux
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-39194 MEDIUM PATCH This Month

A flaw was found in the XFRM subsystem in the Linux kernel. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Linux Linux Kernel Enterprise Linux +1
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2023-5103 MEDIUM This Month

Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged remote attacker to potentially reveal sensitive information via tricking a user into clicking on an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apu0200 Firmware
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-45369 MEDIUM This Month

An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Mediawiki
NVD
CVSS 3.1
4.3
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy