Skip to main content
CVE-2023-5831 MEDIUM This Month

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, and all versions starting from 16.5.0 before. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gitlab
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-4625 MEDIUM This Month

Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F/iQ-R Series CPU modules Web server function allows a remote unauthenticated. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Fx5U 32Mt Es Firmware Fx5U 64Mt Es Firmware Fx5U 80Mt Es Firmware Fx5U 32Mr Es Firmware +59
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2023-47271 MEDIUM PATCH This Month

PKP-WAL (aka PKP Web Application Library or pkp-lib) before 3.3.0-16, as used in Open Journal Systems (OJS) and other products, does not verify that the file named in an XML document (used for the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Pkp Web Application Library
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-5968 MEDIUM PATCH This Month

Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mattermost Information Disclosure
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2023-47186 MEDIUM This Month

A vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer.5.11. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-5823 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in ThemeKraft TK Google Fonts GDPR Compliant plugin <= 2.2.11 versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Google Tk Google Fonts Gdpr Compliant
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-46781 MEDIUM This Month

A vulnerability in Roland Murg Current Menu Item for Custom Post Types current-menu-item-for-custom-post-types.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-46780 MEDIUM This Month

A vulnerability in Alter Alter alter.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-46778 MEDIUM This Month

A vulnerability in TheFreeWindows Auto Limit Posts Reloaded auto-limit-posts-reloaded.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-46776 MEDIUM This Month

A vulnerability in J0SiE Auto Excerpt everywhere auto-excerpt-everywhere.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-46775 MEDIUM This Month

A vulnerability in Djo Original texts Yandex WebMaster original-texts-yandex-webmaster.18. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-46254 MEDIUM PATCH This Month

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Privilege Escalation Kubernetes Information Disclosure Capsule Capsule Proxy
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-5967 MEDIUM PATCH This Month

Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mattermost Denial Of Service
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-5963 MEDIUM This Month

An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 prior to 16.4.2 and 16.5 prior to 16.5.1 that could allow a denial of service in the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Gitlab
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-3246 MEDIUM This Month

An issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1 which allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Gitlab
NVD
CVSS 3.1
4.3
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy