Skip to main content
CVE-2023-48204 MEDIUM POC This Month

An issue in PublicCMS v.4.0.202302.e allows a remote attacker to obtain sensitive information via the appToken and Parameters parameter of the api/method/getHtml component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Publiccms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-47025 MEDIUM POC This Month

An issue in Free5gc v.3.3.0 allows a local attacker to cause a denial of service via the free5gc-compose component. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Free5gc
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-6013 MEDIUM POC This Month

H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS H2O
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-32469 MEDIUM This Month

Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Precision 5820 Firmware Precision 7820 Firmware Precision 7920 Firmware
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-36008 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Google Use After Free RCE Microsoft Memory Corruption +1
NVD
CVSS 3.1
6.6
EPSS
0.6%
CVE-2023-6174 MEDIUM This Month

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-43757 MEDIUM This Month

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wrc 2533Ghbk2 T Firmware Wrc 2533Ghbk I Firmware Wrc 1750Ghbk2 I Firmware Wrc 1750Ghbk E Firmware +30
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-47335 MEDIUM This Month

Insecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows attackers to breach the geo-fence and fly into no-fly zones. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Evo Nano Drone Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-47471 MEDIUM PATCH This Month

Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Denial Of Service Libde265
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-40314 MEDIUM PATCH This Month

Cross-site scripting in bootstrap.jsp in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Horizon Meridian
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-39926 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Under Construction Maintenance Mode
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-34375 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Seo
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-32796 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Woocommerce Product Enquiry
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-47512 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Product Enquiry For Woocommerce
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-47509 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Edit Woocommerce Templates
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-47508 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Master Slider
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-47514 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Star Cloudprnt For Woocommerce
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-4771 MEDIUM PATCH This Month

A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ckeditor
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2023-47054 MEDIUM This Month

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe Information Disclosure Audition
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-47053 MEDIUM This Month

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe Information Disclosure Audition
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-47052 MEDIUM This Month

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Audition
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-47051 MEDIUM This Month

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Heap Overflow Audition
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-47050 MEDIUM This Month

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Audition
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-47049 MEDIUM This Month

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Audition
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-47048 MEDIUM This Month

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Audition
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-47046 MEDIUM This Month

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Adobe RCE Audition
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-47044 MEDIUM This Month

Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe Information Disclosure Media Encoder
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-44335 MEDIUM This Month

Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-44334 MEDIUM This Month

Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-44333 MEDIUM This Month

Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-44332 MEDIUM This Month

Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-44331 MEDIUM This Month

Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-44329 MEDIUM This Month

Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe Information Disclosure Bridge
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-44328 MEDIUM This Month

Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Adobe Denial Of Service Memory Corruption Bridge
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-44327 MEDIUM This Month

Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe Information Disclosure Bridge
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-44361 MEDIUM This Month

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Adobe Denial Of Service Memory Corruption Acrobat Dc +3
NVD
CVSS 3.1
5.5
EPSS
2.1%
CVE-2023-44360 MEDIUM This Month

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.4%
CVE-2023-44358 MEDIUM This Month

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2023-44357 MEDIUM This Month

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2023-44356 MEDIUM This Month

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2023-44348 MEDIUM This Month

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.4%
CVE-2023-44340 MEDIUM This Month

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2023-44339 MEDIUM This Month

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2023-44296 MEDIUM This Month

Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Authentication Bypass E Lab Navigator
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-48222 MEDIUM PATCH This Month

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Rundeck
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-47242 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Anac Xml Bandi Di Gara
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-47240 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google XSS Cbx Map
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-47239 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Easy Paypal Shopping Cart
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-46213 MEDIUM This Month

In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Splunk XSS Cloud
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-32957 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Team Members Showcase
NVD
CVSS 3.1
4.8
EPSS
0.4%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy