Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2023-50803	Description: An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service. CVSS: LOW (3.7) EPSS Score: 0.05% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50565	Description: A cross-site scripting (XSS) vulnerability in the component /logs/dopost.html in RPCMS v3.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. CVSS: LOW (0.0) EPSS Score: 0.06% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50495	Description: NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). CVSS: LOW (0.0) EPSS Score: 0.11% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50475	Description: An issue was discovered in bcoin-org bcoin version 2.2.0, allows remote attackers to obtain sensitive information via weak hashing algorithms in the component \vendor\faye-websocket.js. CVSS: LOW (0.0) EPSS Score: 0.29% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50470	Description: A cross-site scripting (XSS) vulnerability in the component admin_ Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. CVSS: LOW (0.0) EPSS Score: 0.06% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50444	Description: By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; and ZED! for Windows, Mac, Linux before 2023.5 include an encrypted version of sensitive user information, which could allow an unauthenticated attacker to obtain it via brute force. CVSS: LOW (0.0) EPSS Score: 0.15% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50101	Description: JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing. CVSS: LOW (0.0) EPSS Score: 0.06% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50089	Description: A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When using HTTP for SOAP authentication, command execution occurs during the process after successful authentication. CVSS: LOW (0.0) EPSS Score: 0.42% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50038	Description: There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions. CVSS: LOW (0.0) EPSS Score: 0.08% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-49999	Description: Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setUmountUSBPartition. CVSS: CRITICAL (9.8) EPSS Score: 1.42% Source: CVE November 27th, 2024 (5 months ago)