Skip to main content
CVE-2022-43450 MEDIUM This Month

Authorization Bypass Through User-Controlled Key vulnerability in XWP Stream.9.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Stream
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-47754 MEDIUM This Month

Missing Authorization vulnerability in Clever plugins Delete Duplicate Posts allows Accessing Functionality Not Properly Constrained by ACLs.8.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Delete Duplicate Posts
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-48751 MEDIUM This Month

Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database allows Accessing Functionality Not Properly Constrained by ACLs, Cross. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Participants Database
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-6871 MEDIUM This Month

Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-6870 MEDIUM This Month

Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Google Information Disclosure Firefox Firefox Focus
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-6868 MEDIUM This Month

In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Google Authentication Bypass Firefox
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-6135 MEDIUM This Month

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-50762 MEDIUM This Month

When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Thunderbird Debian Linux
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-50761 MEDIUM This Month

The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Thunderbird Debian Linux
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-42015 MEDIUM This Month

IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 is vulnerable to HTML injection. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure XSS IBM Urbancode Deploy
NVD
CVSS 3.1
4.3
EPSS
0.6%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy