Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-23825 |
Description: Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0.
CVSS: LOW (3.1) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-23823 |
Description: Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-23814 |
Description: Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through 1.4.13.
CVSS: LOW (3.8) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-23726 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Tickera.com Tickera allows Cross Site Request Forgery.This issue affects Tickera: from n/a through 3.5.1.0.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-23725 |
Description: Missing Authorization vulnerability in Chris Baldelomar Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes: from n/a through 3.46.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-23716 |
Description: Missing Authorization vulnerability in Zendesk Zendesk Support for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zendesk Support for WordPress: from n/a through 1.8.4.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-23715 |
Description: Missing Authorization vulnerability in JobBoardWP JobBoardWP – Job Board Listings and Submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobBoardWP – Job Board Listings and Submissions: from n/a through 1.2.2.
CVSS: MEDIUM (5.2) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-22708 |
Description: Missing Authorization vulnerability in Karim Salman Kraken.io Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through 2.6.7.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-22701 |
Description: Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ebook Store: from n/a through 5.775.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-1862 |
Description: Cloudflare WARP client for Windows (up to v2023.3.381.0) allowed a malicious actor to remotely access the warp-svc.exe binary due to an insufficient access control policy on an IPC Named Pipe. This would have enabled an attacker to trigger WARP connect and disconnect commands, as well as obtaining network diagnostics and application configuration from the target's device. It is important to note that in order to exploit this, a set of requirements would need to be met, such as the target's device must've been reachable on port 445, allowed authentication with NULL sessions or otherwise having knowledge of the target's credentials.
CVSS: HIGH (7.3) EPSS Score: 0.07%
December 10th, 2024 (4 months ago)
|