Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2023-6110	Openstack: deleting a non existing access rule deletes another existing access rule in it's scope Description: A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials. EPSS Score: 0.04% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-5685	Xnio: stackoverflowexception when the chain of notifier states becomes problematically big Description: A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS). EPSS Score: 0.04% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-52048	Description: RuoYi v4.7.8 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /system/notice/. CVSS: LOW (0.0) EPSS Score: 0.04% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-51708	Description: Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For Transportation before 23.00.01.25. CVSS: LOW (0.0) EPSS Score: 0.14% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-51097	Description: Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetAutoPing. CVSS: LOW (0.0) EPSS Score: 0.18% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-51020	Description: TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi. CVSS: LOW (0.0) EPSS Score: 2.01% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50989	Description: Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function. CVSS: LOW (0.0) EPSS Score: 0.64% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50803	Description: An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service. CVSS: LOW (3.7) EPSS Score: 0.05% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50565	Description: A cross-site scripting (XSS) vulnerability in the component /logs/dopost.html in RPCMS v3.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. CVSS: LOW (0.0) EPSS Score: 0.06% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50495	Description: NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). CVSS: LOW (0.0) EPSS Score: 0.11% Source: CVE November 27th, 2024 (5 months ago)