Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2023-50565	Description: A cross-site scripting (XSS) vulnerability in the component /logs/dopost.html in RPCMS v3.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. CVSS: LOW (0.0) EPSS Score: 0.06% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50495	Description: NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). CVSS: LOW (0.0) EPSS Score: 0.11% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50475	Description: An issue was discovered in bcoin-org bcoin version 2.2.0, allows remote attackers to obtain sensitive information via weak hashing algorithms in the component \vendor\faye-websocket.js. CVSS: LOW (0.0) EPSS Score: 0.29% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50470	Description: A cross-site scripting (XSS) vulnerability in the component admin_ Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. CVSS: LOW (0.0) EPSS Score: 0.06% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50444	Description: By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; and ZED! for Windows, Mac, Linux before 2023.5 include an encrypted version of sensitive user information, which could allow an unauthenticated attacker to obtain it via brute force. CVSS: LOW (0.0) EPSS Score: 0.15% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50101	Description: JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing. CVSS: LOW (0.0) EPSS Score: 0.06% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50089	Description: A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When using HTTP for SOAP authentication, command execution occurs during the process after successful authentication. CVSS: LOW (0.0) EPSS Score: 0.42% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-50038	Description: There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions. CVSS: LOW (0.0) EPSS Score: 0.08% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-49999	Description: Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setUmountUSBPartition. CVSS: CRITICAL (9.8) EPSS Score: 1.42% Source: CVE November 27th, 2024 (5 months ago)
CVE-2023-49991	Description: Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c. CVSS: LOW (0.0) EPSS Score: 0.05% Source: CVE November 27th, 2024 (5 months ago)