32 matches found
EUVD-2023-34332
Malicious code in bioql PyPI...
EUVD-2023-34333
Malicious code in bioql PyPI...
EUVD-2023-34328
Malicious code in bioql PyPI...
EUVD-2023-34331
Malicious code in bioql PyPI...
EUVD-2023-34330
Malicious code in bioql PyPI...
EUVD-2023-34329
Malicious code in bioql PyPI...
CVE-2023-2886
Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2885
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle AiTM. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2882
Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2885
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle AiTM.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2886
Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2882
Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2883
Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2884
Use of Cryptographically Weak Pseudo-Random Number Generator PRNG, Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2885
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle AiTM. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2887
Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
Design/Logic Flaw
Use of Cryptographically Weak Pseudo-Random Number Generator PRNG, Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
Design/Logic Flaw
Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2887 User Authentication Bypass in CBOT's Chatbot
Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...
CVE-2023-2887
Summary: CVE-2023-2887 is an authentication bypass by spoofing affecting CBOT Chatbot Core prior to v4.0.3.4 and Panel prior to v4.0.3.7. The vulnerability allows unauthorized access by spoofing authentication. The NVD/related records assign a high impact with CVSS v3.1 scores of 9.8 (NETWORK, HI...