Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-22 | CVE-2023-28467 | Cross-site Scripting vulnerability in Mybb In MyBB before 1.8.34, there is XSS in the User CP module via the user email field. | 6.1 |
| 2023-05-22 | CVE-2023-31584 | Cross-site Scripting vulnerability in Silicon Project Silicon GitHub repository cu/silicon commit a9ef36 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the User Input field. | 6.1 |
| 2023-05-22 | CVE-2023-2837 | Stack-based Buffer Overflow vulnerability in Gpac Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | 5.5 |
| 2023-05-22 | CVE-2023-27066 | Path Traversal vulnerability in Sitecore Experience Platform Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle. | 6.5 |
| 2023-05-22 | CVE-2023-31101 | Insecure Default Initialization of Resource vulnerability in Apache Inlong 1.5.0/1.6.0 Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. | 6.5 |
| 2023-05-22 | CVE-2023-33288 | Use After Free vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 6.2.9. | 4.7 |
| 2023-05-22 | CVE-2023-33281 | Authentication Bypass by Capture-replay vulnerability in Nissan Sylphy Classic 2021 Firmware The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door-open request, which allows for a replay attack. | 6.5 |
| 2023-05-22 | CVE-2023-33264 | Insufficiently Protected Credentials vulnerability in Hazelcast In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, configuration routines don't mask passwords in the member configuration properly. | 4.3 |
| 2023-05-21 | CVE-2023-33254 | Incorrect Authorization vulnerability in Quest Kace Systems Deployment Appliance 9.0.146 There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. | 6.5 |
| 2023-05-21 | CVE-2021-46888 | Cross-site Scripting vulnerability in Hledger An issue was discovered in hledger before 1.23. | 5.4 |