Skip to main content
CVE-2023-36698 MEDIUM PATCH This Month

Windows Kernel Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Race Condition Authentication Bypass Microsoft Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2023-45219 MEDIUM This Month

Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Advanced Web Application Firewall Big Ip Analytics +15
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-39447 MEDIUM This Month

When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Guided Configuration
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-38640 MEDIUM PATCH This Month

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.22). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Sicam Pas Pqs
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-37195 MEDIUM This Month

A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Simatic Cp 1604 Firmware Simatic Cp 1616 Firmware Simatic Cp 1623 Firmware Simatic Cp 1626 Firmware +1
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-41730 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in brewlabs SendPress Newsletters sendpress allows Cross Site Request Forgery.26.1.20. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-33301 MEDIUM This Month

An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from a non trusted host. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Fortinet Authentication Bypass Fortios
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-42475 MEDIUM This Month

The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure S 4Hana
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-41365 MEDIUM This Month

SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details stack trace of the fault message to conduct the XXE injection, which will lead to information disclosure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure XXE Business One
NVD
CVSS 3.1
4.3
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy