Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-35974 |
Description: Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
CVSS: HIGH (7.2) EPSS Score: 0.09%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-35973 |
Description: Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
CVSS: HIGH (7.2) EPSS Score: 0.09%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-35972 |
Description: An authenticated remote command injection vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS.
CVSS: HIGH (7.2) EPSS Score: 0.08%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-35178 |
Description: Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs.
CVSS: LOW (0.0) EPSS Score: 0.38%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-35177 |
Description: Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser.
CVSS: LOW (0.0) EPSS Score: 0.38%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-35176 |
Description: Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device.
CVSS: LOW (0.0) EPSS Score: 0.57%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-35175 |
Description: Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.
CVSS: LOW (0.0) EPSS Score: 0.43%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-35085 |
Description: An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.50 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
-USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update the UniFi Switches to Version 6.5.59 or later.
CVSS: CRITICAL (9.0) EPSS Score: 0.3%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-34927 |
Description: Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. This vulnerability allows attackers to arbitrarily change the victim user's password via supplying a crafted URL.
CVSS: LOW (0.0) EPSS Score: 3.19%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-34923 |
Description: XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk user via SAML Response manipulation.
CVSS: LOW (0.0) EPSS Score: 0.1%
December 5th, 2024 (5 months ago)
|