Lucene search
K

142 matches found

Veracode
Veracode
added 2024/03/28 6:12 a.m.28 views

SSL Spoofing

azure-core is vulnerable to SSL spoofing attacks. The vulnerability is due to improper SSL configuration, which could allow an attackers to impersonate domains...

7.5CVSS6.7AI score0.01838EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/03/16 12:0 a.m.23 views

CVE-2024-28069

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to access sensitive information and...

6.4AI score0.00573EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/03/08 12:0 a.m.12 views

Samsung Mobile Improper configuration in Samsung Internet (SVE-2023-0322)

Binary data samsungsve-2023-0322.nbin...

6.5CVSS7.3AI score0.00502EPSS
Exploits0References2
Veracode
Veracode
added 2024/02/02 10:52 a.m.29 views

Cache Poisoning

Moby is vulnerable to Cache Poisoning. The vulnerability is due to improper cache configuration when the image is built FROM scratch. This issue can be exploited by an attacker to poison the cache and force a user to pull a specially crafted image. Note that 23.0+ users are only affected if they...

7.8CVSS6.5AI score0.00258EPSS
Exploits0References4Affected Software3
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.44 views

Dell iDRAC9 Improper Input Validation (CVE-2022-34435)

Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update...

4.9CVSS5.5AI score0.00513EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/11/29 7:57 p.m.32 views

CVE-2023-44383 October CMS stored XSS by authenticated backend user with improper configuration

October is a Content Management System CMS and web platform to assist with development workflow. A user with access to the media manager that stores SVG files could create a stored XSS attack against themselves and any other user with access to the media manager when SVG files are supported. This...

5.4CVSS5.4AI score0.0041EPSS
Exploits0References2
Prion
Prion
added 2023/08/25 10:15 p.m.22 views

Design/Logic Flaw

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...

5CVSS7.5AI score0.00494EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/08/25 12:0 a.m.53 views

CVE-2023-39291

CVE-2023-39291 concerns Mitel MiVoice Connect’s Connect Mobility Router (affected versions up to 9.6.2304.102). The vulnerability is described as an information disclosure due to improper configuration, enabling an authenticated attacker with elevated privileges to view system information. The co...

4.9CVSS4.8AI score0.0046EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/08/25 12:0 a.m.67 views

CVE-2023-39289

CVE-2023-39289 affects Mitel MiVoice Connect, specifically the Connect Mobility Router component, with versions up to 9.6.2208.101. The vulnerability allows an unauthenticated attacker to perform an account enumeration attack due to improper configuration, potentially exposing system information....

7.5CVSS7.5AI score0.00494EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/25 12:0 a.m.18 views

CVE-2023-39289

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...

7AI score0.00494EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/25 12:0 a.m.15 views

CVE-2023-39290

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view syst...

6.3AI score0.0046EPSS
Exploits0References2
OSV
OSV
added 2023/07/06 3:15 a.m.2 views

CVE-2023-30674

Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie...

6.5CVSS5.8AI score0.00502EPSS
Exploits0References1
Prion
Prion
added 2023/07/06 3:15 a.m.19 views

Input validation

Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie...

4.3CVSS6.5AI score0.00502EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/06 2:51 a.m.30 views

CVE-2023-30674

Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie...

6.5CVSS6.7AI score0.00502EPSS
Exploits0References1
Veracode
Veracode
added 2023/07/04 1:39 p.m.14 views

Improper Authentication

github.com/labring/sealos is vulnerable to Improper Authentication. The vulnerability exists due to Improper configuration in RBAC permissions, which allows an attacker to gain access and perform unauthorized actions...

9.9CVSS7AI score0.00706EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/12/15 7:15 p.m.22 views

CVE-2022-22063

Memory corruption in Core due to improper configuration in boot remapper...

8.4CVSS0.00309EPSS
Exploits1References1
Prion
Prion
added 2022/12/15 7:15 p.m.25 views

Memory corruption

Memory corruption in Core due to improper configuration in boot remapper...

4.3CVSS7.7AI score0.00309EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/12/14 5:54 a.m.7 views

CVE-2022-22063 Memory corruption in Core

Memory corruption in Core due to improper configuration in boot remapper...

8.4CVSS7.1AI score0.00309EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/12/14 5:54 a.m.25 views

CVE-2022-22063 Memory corruption in Core

Memory corruption in Core due to improper configuration in boot remapper...

8.4CVSS8.7AI score0.00309EPSS
Exploits1References1
CVE
CVE
added 2022/12/14 5:54 a.m.58 views

CVE-2022-22063

CVE-2022-22063 affects Qualcomm devices with a vulnerable non-secure boot remapper that can bypass hypervisor memory protection. The root cause is an improper boot remapper configuration that allows a compromised OS to remap to hypervisor memory and read/write/execute hypervisor code, enabling po...

8.4CVSS8AI score0.00309EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder