Vulnerabilities > Home Assistant > Home Assistant > 0.17.3

DATE CVE VULNERABILITY TITLE RISK
2023-12-15 CVE-2023-50715 Unspecified vulnerability in Home-Assistant
Home Assistant is open source home automation software.
low complexity
home-assistant
4.3
4.3
2023-10-20 CVE-2023-41893 Unspecified vulnerability in Home-Assistant
Home assistant is an open source home automation.
network
low complexity
home-assistant
5.4
5.4
2023-10-20 CVE-2023-41894 Unspecified vulnerability in Home-Assistant
Home assistant is an open source home automation.
network
low complexity
home-assistant
5.3
5.3
2023-10-19 CVE-2023-41895 Cross-site Scripting vulnerability in Home-Assistant
Home assistant is an open source home automation.
network
low complexity
home-assistant CWE-79
critical
 9.6
9.6
2023-10-19 CVE-2023-41896 Insufficient Verification of Data Authenticity vulnerability in Home-Assistant Home-Assistant-Js-Websocket
Home assistant is an open source home automation.
network
low complexity
home-assistant CWE-345
critical
 9.0
9.0
2023-10-19 CVE-2023-41897 Improper Restriction of Rendered UI Layers or Frames vulnerability in Home-Assistant
Home assistant is an open source home automation.
network
low complexity
home-assistant CWE-1021
critical
 9.6
9.6
2023-10-19 CVE-2023-41899 Server-Side Request Forgery (SSRF) vulnerability in Home-Assistant
Home assistant is an open source home automation.
network
low complexity
home-assistant CWE-918
7.2
7.2
2023-03-08 CVE-2023-27482 Unspecified vulnerability in Home-Assistant Supervisor
homeassistant is an open source home automation tool.
network
low complexity
home-assistant
critical
 10.0
10
2021-01-26 CVE-2021-3152 Path Traversal vulnerability in Home-Assistant
Home Assistant before 2021.1.3 does not have a protection layer that can help to prevent directory-traversal attacks against custom integrations.
network
low complexity
home-assistant CWE-22
5.3
5.3
2019-09-23 CVE-2018-21019 Information Exposure vulnerability in Home-Assistant
Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py.
network
low complexity
home-assistant CWE-200
7.5
7.5