Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-32229 |
Description: Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256.
CVSS: MEDIUM (4.9) EPSS Score: 0.09%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-28810 |
Description: Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.
CVSS: MEDIUM (4.3) EPSS Score: 0.05%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-25683 |
Description: IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC. IBM X-Force ID: 247592.
CVSS: MEDIUM (5.9) EPSS Score: 0.1%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-25188 |
Description: An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a BTS administrator) removes security hardenings from the Nokia Single RAN BTS baseband unit, the BTS baseband unit diagnostic tool AaShell (which is by default disabled) allows unauthenticated access from the mobile network solution internal BTS management network to the BTS embedded Linux operating-system level.
CVSS: MEDIUM (5.1) EPSS Score: 0.04%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-25187 |
Description: An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN commissioning procedures do not change (factory-time installed) default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH server (disabled by default) continues to apply the default SSH public/private key values. These keys don't give access to BTS, because service user authentication is username/password-based on top of SSH. Nokia factory installed default SSH keys are meant to be changed from operator-specific values during the BTS deployment commissioning phase. However, before the 21B release, BTS commissioning manuals did not provide instructions to change default SSH keys (to BTS operator-specific values). This leads to a possibility for malicious operations staff (inside a CSP network) to attempt MITM exploitation of BTS service user access, during the moments that SSH is enabled for Nokia service personnel to perform troubleshooting activities.
CVSS: MEDIUM (6.3) EPSS Score: 0.11%
December 13th, 2024 (6 months ago)
|
|
CVE-2023-20268 |
Description: A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.
This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.
CVSS: MEDIUM (4.7) EPSS Score: 0.04%
December 13th, 2024 (6 months ago)
|
|
CVE-2024-8602 |
Description: When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default settings of the DocumentBuilder allow for an XXE (XML External Entity) attack. Further information on this can be found on the website of the Open Worldwide Application Security Project (OWASP). An attacker could theoretically leverage this by delivering a manipulated PDF file to the target, and depending on the environment, various actions can be executed. These actions include:
* Reading files from the operating system
* Crashing the thread handling the parsing or causing it to enter an infinite loop
* Executing HTTP requests
* Loading additional DTDs or XML files
* Under certain conditions, executing OS commands
CVSS: MEDIUM (6.3) EPSS Score: 0.04%
December 12th, 2024 (6 months ago)
|
|
CVE-2024-55660 |
Description: SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's `/api/template/renderSprig` endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables. Version 3.1.16 contains a patch for the issue.
CVSS: MEDIUM (6.9) EPSS Score: 0.04%
December 12th, 2024 (6 months ago)
|
|
CVE-2024-55652 |
Description: PenDoc is a penetration testing reporting application. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an attacker can write a malicious docx template containing expressions that escape the JavaScript sandbox to execute arbitrary code on the system. An attacker who can control the contents of the template document is able to execute arbitrary code on the system. By default, only users with the `admin` role are able to create or update templates. Commit 1d4219c596f4f518798492e48386a20c6e9a2fe6 patches the issue.
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
December 12th, 2024 (6 months ago)
|
|
CVE-2024-54269 |
Description: Missing Authorization vulnerability in Ninja Team Notibar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notibar: from n/a through 2.1.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 12th, 2024 (6 months ago)
|