Skip to main content
CVE-2023-50263 MEDIUM PATCH This Month

Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Python PostgreSQL Nautobot
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-49278 MEDIUM PATCH This Month

Umbraco is an ASP.NET content management system (CMS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Umbraco Cms
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-49274 MEDIUM PATCH This Month

Umbraco is an ASP.NET content management system (CMS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Umbraco Cms
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-36012 MEDIUM PATCH This Month

DHCP Server Service Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
5.3
EPSS
2.0%
CVE-2023-35619 MEDIUM PATCH This Month

Microsoft Outlook for Mac Spoofing Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Office Long Term Servicing Channel
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2023-31048 MEDIUM PATCH This Month

The OPC UA .NET Standard Reference Server before 1.4.371.86. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ua Netstandard
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-6193 MEDIUM PATCH This Month

quiche v. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Quiche
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-46701 MEDIUM This Month

Mattermost fails to perform authorization checks in the /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Playbooks plugin allowing an attacker to get limited information about a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mattermost Information Disclosure Mattermost Server
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-49058 MEDIUM This Month

SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing ‘traverse to parent. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Path Traversal File Upload Master Data Governance
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-42923 MEDIUM This Month

This issue was addressed through improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-35625 MEDIUM PATCH This Month

Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Azure Machine Learning Software Development Kit
NVD
CVSS 3.1
4.7
EPSS
0.7%
CVE-2023-34064 MEDIUM This Month

Workspace ONE Launcher contains a Privilege Escalation Vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Workspace One Launcher
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2023-42897 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2023-20275 MEDIUM This Month

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-48227 MEDIUM PATCH This Month

Umbraco is an ASP.NET content management system (CMS). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Umbraco Cms
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-6727 MEDIUM This Month

Mattermost fails to perform correct authorization checks when creating a playbook action, allowing users without access to the playbook to create playbook actions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mattermost Information Disclosure Mattermost Server
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-49874 MEDIUM This Month

Mattermost fails to check whether a user is a guest when updating the tasks of a private playbook run allowing a guest to update the tasks of a private playbook run if they know the run ID. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mattermost Authentication Bypass Mattermost Server
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-41116 MEDIUM This Month

An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PostgreSQL Postgres Advanced Server
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-41113 MEDIUM This Month

An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PostgreSQL Postgres Advanced Server
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-49584 MEDIUM This Month

SAP Fiori launchpad - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, UI_700 200, SAP_BASIS 793, allows an attacker to use HTTP verb POST on read-only service causing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Request Smuggling Fiori Launchpad
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-49578 LOW Monitor

SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform Denial of service attack from adjacent UI by sending a malicious request which leads to low impact on the. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

SAP Denial Of Service Cloud Connector
NVD
CVSS 3.1
3.5
EPSS
0.3%
CVE-2023-48430 LOW PATCH Monitor

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Sinec Ins
NVD
CVSS 3.1
2.7
EPSS
0.6%
CVE-2023-48429 LOW PATCH Monitor

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Sinec Ins
NVD
CVSS 3.1
2.7
EPSS
0.6%
CVE-2023-42874 LOW Monitor

This issue was addressed with improved state management. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
2.4
EPSS
0.3%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy