Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-4766
Description: Different techniques existed to obscure the fullscreen notification in Firefox for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 126.

CVSS: LOW (0.0)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2024-39702
Description: In lj_str_hash.c in OpenResty 1.19.3.1 through 1.25.3.1, the string hashing function (used during string interning) allows HashDoS (Hash Denial of Service) attacks. An attacker could cause excessive resource usage during proxy operations via crafted requests, potentially leading to a denial of service with relatively few incoming requests. This vulnerability only exists in the OpenResty fork in the openresty/luajit2 GitHub repository. The LuaJIT/LuaJIT repository. is unaffected.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-52048
Description: RuoYi v4.7.8 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /system/notice/.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-51708
Description: Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For Transportation before 23.00.01.25.

CVSS: LOW (0.0)

EPSS Score: 0.14%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-51097
Description: Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetAutoPing.

CVSS: LOW (0.0)

EPSS Score: 0.18%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-51020
Description: TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi.

CVSS: LOW (0.0)

EPSS Score: 2.01%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-50989
Description: Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function.

CVSS: LOW (0.0)

EPSS Score: 0.64%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-50803
Description: An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service.

CVSS: LOW (3.7)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-50565
Description: A cross-site scripting (XSS) vulnerability in the component /logs/dopost.html in RPCMS v3.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

CVSS: LOW (0.0)

EPSS Score: 0.06%

Source: CVE
November 27th, 2024 (6 months ago)

CVE-2023-50495
Description: NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().

CVSS: LOW (0.0)

EPSS Score: 0.11%

Source: CVE
November 27th, 2024 (6 months ago)