Skip to main content
CVE-2023-44185 HIGH This Week

An Improper Input Validation vulnerability in the routing protocol daemon (rpd) of Juniper Networks allows an attacker to cause a Denial of Service (DoS )to the device upon receiving and processing a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-44181 HIGH This Week

An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-32976 HIGH This Week

An OS command injection vulnerability has been reported to affect Container Station. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Container Station
NVD
CVSS 3.1
7.2
EPSS
1.1%
CVE-2023-32973 HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero Qutscloud
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-5409 MEDIUM PATCH This Month

HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure HP T430 Thin Client Firmware T638 Thin Client Firmware
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2023-26366 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Adobe Commerce Magento
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2023-38250 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Adobe SQLi Commerce Magento
NVD
CVSS 3.1
6.6
EPSS
0.8%
CVE-2023-38249 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Adobe SQLi Commerce Magento
NVD
CVSS 3.1
6.6
EPSS
0.8%
CVE-2023-38221 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Adobe SQLi Commerce Magento
NVD
CVSS 3.1
6.6
EPSS
0.8%
CVE-2023-44204 MEDIUM This Month

An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-44203 MEDIUM This Month

An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-44196 MEDIUM This Month

An Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS Evolved on PTX10003 Series allows an unauthenticated adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos Os Evolved
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-44184 MEDIUM This Month

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-4995 MEDIUM This Month

The Embed Calendly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'calendly' shortcode in versions up to, and including, 3.6 due to insufficient input sanitization and output. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Embed Calendly
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-41836 MEDIUM PATCH This Month

An improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 4.4.0, FortiSandbox 4.2.1 through 4.2.4, FortiSandbox 4.0 all versions,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Fortinet XSS Fortisandbox
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-41681 MEDIUM PATCH This Month

A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.1, FortiSandbox 4.2.1 through 4.2.5, FortiSandbox 4.0.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Fortinet XSS Fortisandbox
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-41680 MEDIUM PATCH This Month

A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.1, FortiSandbox 4.2.1 through 4.2.5, FortiSandbox 4.0.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Fortinet XSS Fortisandbox
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-42752 MEDIUM PATCH This Month

An integer overflow flaw was found in the Linux kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-44201 MEDIUM This Month

An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated attacker to read configuration. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Juniper Junos Junos Os Evolved
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-44193 MEDIUM This Month

An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-44178 MEDIUM This Month

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Juniper Denial Of Service Junos +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-44177 MEDIUM This Month

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Juniper Denial Of Service Junos +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-44176 MEDIUM This Month

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Juniper Denial Of Service Junos +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-34977 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Video Station
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-45269 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <= 2.0.25 versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Simple Seo
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2023-41843 MEDIUM PATCH This Month

A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.1, FortiSandbox 4.2.1 through 4.2.5, FortiSandbox 4.0.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Fortinet XSS Fortisandbox
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-38251 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Uncontrolled Resource Consumption vulnerability that. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Denial Of Service Commerce Magento
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-44195 MEDIUM This Month

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos Os Evolved
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-44183 MEDIUM This Month

An Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper Networks Junos OS on QFX5000 Series, EX4600 Series devices allows an unauthenticated, adjacent. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Juniper Information Disclosure Junos
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2023-32970 MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Qnap Qts Quts Hero +1
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2023-26367 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Input Validation vulnerability that could lead. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Information Disclosure Commerce Magento
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2023-40682 MEDIUM This Month

IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure IBM App Connect Enterprise
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-36559 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Google Microsoft Edge Chromium
NVD
CVSS 3.1
4.2
EPSS
0.8%
CVE-2023-5449 LOW PATCH Monitor

A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure HP E22 G4 Fhd Firmware E23 G4 Fhd Firmware E24I G4 Wuxga Firmware +26
NVD
CVSS 3.1
3.3
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy