Skip to main content
CVE-2023-32424 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os Watchos +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-48783 MEDIUM This Month

An Authorization Bypass Through User-Controlled Key vulnerability [CWE-639] affecting PortiPortal version 7.2.1 and below, version 7.0.6 and below, version 6.0.14 and below, version 5.3.8 and below. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Fortiportal
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2023-48256 MEDIUM This Month

The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim’s session via a crafted URL or HTTP request. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Nexo Os
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2023-48261 MEDIUM This Month

The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Nexo Os
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-48260 MEDIUM This Month

The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Nexo Os
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-48259 MEDIUM This Month

The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Nexo Os
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-41603 MEDIUM PATCH This Month

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass D-Link R15 Firmware
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-48247 MEDIUM This Month

The vulnerability allows an unauthenticated remote attacker to read arbitrary files under the context of the application OS user (“root”) via a crafted HTTP request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Nexo Os
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-48254 MEDIUM This Month

The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim’s session via a crafted URL or HTTP request. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Nexo Os
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2023-48244 MEDIUM This Month

The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim’s session via a crafted URL or HTTP request. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Nexo Os
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2023-42941 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.8). No vendor patch available.

Denial Of Service Apple Ipados Iphone Os iOS
NVD
CVSS 3.1
4.8
EPSS
0.1%
CVE-2022-32919 MEDIUM This Month

The issue was addressed with improved UI handling. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Ipados Iphone Os macOS +1
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2023-29446 MEDIUM This Month

An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Code Injection Kepware Kepserverex Thingworx Kepware Server Thingworx Industrial Connectivity
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2023-37934 MEDIUM This Month

An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiPAM 1.0 all versions allows an authenticated attacker to perform a denial of service attack via sending crafted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Fortipam
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-42934 MEDIUM This Month

An information disclosure issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
4.2
EPSS
0.1%
CVE-2024-0333 MEDIUM This Month

Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Chrome Fedora
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-0389 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in SourceCodester Student Attendance System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Student Attendance System
NVD VulDB
CVSS 3.1
6.3
EPSS
0.3%
CVE-2024-20715 MEDIUM PATCH This Month

Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-20714 MEDIUM PATCH This Month

Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-20713 MEDIUM PATCH This Month

Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-20712 MEDIUM PATCH This Month

Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-20711 MEDIUM PATCH This Month

Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-20710 MEDIUM PATCH This Month

Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Substance 3d Stager
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-0310 MEDIUM This Month

A content-security-policy vulnerability in ENS Control browser extension prior to 10.7.0 Update 15 allows a remote attacker to alter the response header parameter setting to switch the content. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Endpoint Security Web Control
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-0364 MEDIUM This Month

A vulnerability, which was classified as critical, was found in PHPGurukul Hospital Management System 1.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

PHP SQLi Hospital Management System
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-0363 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital Management System
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-0362 MEDIUM POC This Month

A vulnerability classified as critical was found in PHPGurukul Hospital Management System 1.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital Management System
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-0361 MEDIUM POC This Month

A vulnerability classified as critical has been found in PHPGurukul Hospital Management System 1.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital Management System
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-0360 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Hospital Management System 1.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital Management System
NVD VulDB GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-0358 MEDIUM This Month

A vulnerability was found in DeShang DSO2O up to 4.1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Dso2O
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-0357 MEDIUM POC This Month

A vulnerability was found in coderd-repos Eva 1.0.0 and classified as critical. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

SQLi Eva
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-0356 MEDIUM POC Monitor

A vulnerability has been found in Mandelo ssm_shiro_blog 1.0 and classified as problematic. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ssm Shiro Blog
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-0355 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System up to 1.1. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Dairy Farm Shop Management System
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-0354 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in unknown-o download-station up to 1.1.8.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Path Traversal Download Station
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy