Lucene search
K

6 matches found

OSV
OSV
added 2024/06/16 4:15 p.m.3 views

CVE-2024-38466

Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password...

9.8CVSS5.8AI score0.00421EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.23 views

CVE-2024-38465

Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...

5.3CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/16 12:0 a.m.31 views

CVE-2024-38468

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API...

0.00421EPSS
Exploits0References1
CVE
CVE
added 2024/06/16 12:0 a.m.78 views

CVE-2024-38467

The CVE-2024-38467 vulnerability affects Shenzhen Guoxin Synthesis Image System prior to version 8.3.0. The issue permits unauthorized retrieval of user information via the queryUser API, with CVSS v3.1 base score 7.5 (HIGH) and network access, no privileges or user interaction required. Remediat...

7.5CVSS6.7AI score0.00379EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/16 12:0 a.m.4 views

PT-2024-28019 · Shenzhen Guoxin · Shenzhen Guoxin Synthesis Image System

Name of the Vulnerable Software and Affected Versions: Shenzhen Guoxin Synthesis image system versions prior to 8.3.0 Description: The issue allows username enumeration due to a response discrepancy between incorrect and error responses. Recommendations: For versions prior to 8.3.0, update to...

5.3CVSS7.2AI score0.0025EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/16 12:0 a.m.12 views

CVE-2024-38465

Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...

6.9AI score0.0025EPSS
Exploits0References1
Rows per page
Query Builder