Skip to main content
CVE-2023-6206 MEDIUM This Month

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla XSS Firefox Firefox Esr Thunderbird +1
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-28802 MEDIUM This Month

An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service restart from Zscaler. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Client Connector
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2023-5599 MEDIUM This Month

A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 3Dswymer 3Dexperience 2022 3Dswymer 3Dexperience 2023
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-5598 MEDIUM This Month

Stored Cross-site Scripting (XSS) vulnerabilities affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allow an attacker to execute arbitrary script code. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 3Dswymer 3Dexperience 2022 3Dswymer 3Dexperience 2023
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-48299 MEDIUM PATCH This Month

TorchServe is a tool for serving and scaling PyTorch models in production. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Torchserve
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-20208 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the web-based management interface of an. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Identity Services Engine
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-5776 MEDIUM PATCH This Month

The Post Meta Data Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Post Meta Data Manager
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-48303 LOW PATCH Monitor

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
2.7
EPSS
0.7%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy