CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-25366 |
Description: In Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS, insecure SCPI interface discloses web password.
CVSS: LOW (0.0) EPSS Score: 0.21%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-25185 |
Description: An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. A mobile network solution internal fault was found in Nokia Single RAN software releases. Certain software processes in the BTS internal software design have unnecessarily high privileges to BTS embedded operating system (OS) resources.
CVSS: LOW (3.8) EPSS Score: 0.04%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-2492 |
Description: The QueryWall: Plug'n Play Firewall WordPress plugin through 1.1.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
CVSS: LOW (0.0) EPSS Score: 0.1%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-2431 |
Description: A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet.
CVSS: LOW (3.4) EPSS Score: 0.05%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-24243 |
Description: CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF).
CVSS: LOW (0.0) EPSS Score: 4.63%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-2401 |
Description: The QuBot WordPress plugin before 1.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CVSS: LOW (0.0) EPSS Score: 0.05%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-2359 |
Description: The Slider Revolution WordPress plugin through 6.6.12 does not check for valid image files upon import, leading to an arbitrary file upload which may be escalated to Remote Code Execution in some server configurations.
CVSS: LOW (0.0) EPSS Score: 0.18%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-2221 |
Description: The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-0368 |
Description: The Responsive Tabs For WPBakery Page Builder (formerly Visual Composer) WordPress plugin through 1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
CVSS: LOW (0.0) EPSS Score: 0.06%
December 13th, 2024 (6 months ago)
|
|
CVE-2024-55587 |
Description: python-libarchive through 4.2.1 allows directory traversal (to create files) in extract in zip.py for ZipFile.extractall and ZipFile.extract.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 12th, 2024 (6 months ago)
|