An information disclosure vulnerability exists in the challenge functionality of instipod DuoUniversalKeycloakAuthenticator 1.0.7 plugin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'et_pb_text' shortcode in all versions up to, and including, 4.23.1 due to insufficient input sanitization. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in systemd-resolved. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.