Vulnerabilities > Home Assistant > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-15 | CVE-2023-50715 | Unspecified vulnerability in Home-Assistant Home Assistant is open source home automation software. low complexity home-assistant | 4.3 |
| 2023-10-20 | CVE-2023-41893 | Unspecified vulnerability in Home-Assistant Home assistant is an open source home automation. | 5.4 |
| 2023-10-20 | CVE-2023-41894 | Unspecified vulnerability in Home-Assistant Home assistant is an open source home automation. | 5.3 |
| 2022-03-10 | CVE-2020-36517 | Information Exposure Through Discrepancy vulnerability in Home-Assistant 2022.03 An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS resolver configuration. | 5.0 |
| 2021-01-26 | CVE-2021-3152 | Path Traversal vulnerability in Home-Assistant Home Assistant before 2021.1.3 does not have a protection layer that can help to prevent directory-traversal attacks against custom integrations. | 5.3 |
| 2019-09-23 | CVE-2018-21019 | Information Exposure vulnerability in Home-Assistant Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py. | 5.0 |
| 2017-11-10 | CVE-2017-16782 | Cross-site Scripting vulnerability in Home-Assistant In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS. | 4.3 |