Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2023-51020
Description: TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi.

CVSS: LOW (0.0)

EPSS Score: 2.01%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2023-50989
Description: Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function.

CVSS: LOW (0.0)

EPSS Score: 0.64%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2023-50803
Description: An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service.

CVSS: LOW (3.7)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2023-50565
Description: A cross-site scripting (XSS) vulnerability in the component /logs/dopost.html in RPCMS v3.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

CVSS: LOW (0.0)

EPSS Score: 0.06%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2023-50495
Description: NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().

CVSS: LOW (0.0)

EPSS Score: 0.11%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2023-50475
Description: An issue was discovered in bcoin-org bcoin version 2.2.0, allows remote attackers to obtain sensitive information via weak hashing algorithms in the component \vendor\faye-websocket.js.

CVSS: LOW (0.0)

EPSS Score: 0.29%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2023-50470
Description: A cross-site scripting (XSS) vulnerability in the component admin_ Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

CVSS: LOW (0.0)

EPSS Score: 0.06%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2023-50444
Description: By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; and ZED! for Windows, Mac, Linux before 2023.5 include an encrypted version of sensitive user information, which could allow an unauthenticated attacker to obtain it via brute force.

CVSS: LOW (0.0)

EPSS Score: 0.15%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2023-50101
Description: JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing.

CVSS: LOW (0.0)

EPSS Score: 0.06%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2023-50089
Description: A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When using HTTP for SOAP authentication, command execution occurs during the process after successful authentication.

CVSS: LOW (0.0)

EPSS Score: 0.42%

Source: CVE
November 27th, 2024 (5 months ago)