Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54215 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Envato Security Team Revy.This issue affects Revy: from n/a through 1.18.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-53822 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium.This issue affects Pie Register Premium: from n/a before 3.8.3.3.
CVSS: CRITICAL (10.0) EPSS Score: 0.04%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-43222 |
Description: Missing Authorization vulnerability in Envato Security Team Sweet Date.This issue affects Sweet Date: from n/a through 3.7.3.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 10th, 2024 (5 months ago)
|
|
CVE-2023-5288 |
Description:
A remote unauthorized attacker may connect to the SIM1012, interact with the device and
change configuration settings. The adversary may also reset the SIM and in the worst case upload a
new firmware version to the device.
CVSS: CRITICAL (9.8) EPSS Score: 0.2%
December 10th, 2024 (5 months ago)
|
|
CVE-2023-4420 |
Description: A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted.
CVSS: CRITICAL (9.8) EPSS Score: 0.09%
December 10th, 2024 (5 months ago)
|
|
CVE-2023-4419 |
Description: The LMS5xx uses hard-coded credentials, which potentially allow low-skilled
unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device.
CVSS: CRITICAL (9.8) EPSS Score: 0.21%
December 10th, 2024 (5 months ago)
|
|
CVE-2023-32117 |
Description: Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through 1.1.99.
CVSS: CRITICAL (9.8) EPSS Score: 0.25%
December 10th, 2024 (5 months ago)
|
|
CVE-2023-31411 |
Description: A remote unprivileged attacker can modify and access configuration settings on the EventCam App due to the absence of API authentication. The lack of authentication in the API allows the attacker to potentially compromise the functionality of the EventCam App.
CVSS: CRITICAL (9.8) EPSS Score: 0.22%
December 10th, 2024 (5 months ago)
|
|
CVE-2023-3110 |
Description: Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.
CVSS: CRITICAL (9.6) EPSS Score: 0.07%
December 10th, 2024 (5 months ago)
|
|
CVE-2024-43468 |
Description: Microsoft Configuration Manager Remote Code Execution Vulnerability
CVSS: CRITICAL (9.8) EPSS Score: 0.05%
December 9th, 2024 (5 months ago)
|