Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-35695 |
Description: A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file which may contain sensitive information regarding the product.
CVSS: LOW (0.0) EPSS Score: 0.34%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-34935 |
Description: A stack overflow in the AddWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-34836 |
Description: A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Dtltyp and ListName parameters.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-34835 |
Description: A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable delete_file parameter.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-34830 |
Description: i-doit Open v24 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the timeout parameter on the login page.
CVSS: LOW (0.0) EPSS Score: 0.08%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-34736 |
Description: Guantang Equipment Management System version 4.12 is vulnerable to Arbitrary File Upload.
CVSS: LOW (0.0) EPSS Score: 0.11%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-34673 |
Description: Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the public Internet in some cases.
CVSS: LOW (0.0) EPSS Score: 0.13%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-34672 |
Description: Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role within the admin profile. An attack could occur over the public Internet in some cases.
CVSS: LOW (0.0) EPSS Score: 0.15%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-34671 |
Description: Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role in the user profile. An attack could occur over the public Internet in some cases.
CVSS: LOW (0.0) EPSS Score: 0.15%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-34601 |
Description: Jeesite before commit 10742d3 was discovered to contain a SQL injection vulnerability via the component ${businessTable} at /act/ActDao.xml.
CVSS: LOW (0.0) EPSS Score: 0.21%
December 6th, 2024 (5 months ago)
|