CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

72 matches found

ATTACKERKB•added 2024/05/03 3:15 a.m.•2 views

CVE-2023-42032

Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this...

7.5CVSS5.7AI score0.00606EPSS

Exploits0References3Affected Software1

OSV•added 2024/05/03 3:15 a.m.•0 views

CVE-2023-42032

7.5CVSS7.3AI score0.00606EPSS

Exploits0References2

CVE•added 2024/05/03 2:12 a.m.•53 views

CVE-2023-42035

Summary: CVE-2023-42035 affects Visualware MyConnection Server, arising from the doIForward method and improper restriction of XML External Entity (XXE) references. A crafted XML document can cause the parser to retrieve a URI and embed its contents back into the XML, leading to information discl...

6.5CVSS6.6AI score0.00332EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/05/03 2:12 a.m.•9 views

CVE-2023-42035 Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability

Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this...

6.5CVSS6.9AI score0.00332EPSS

Exploits0References2

Vulnrichment•added 2024/05/03 2:12 a.m.•18 views

CVE-2023-42035 Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability

6.5CVSS6.1AI score0.00332EPSS

Exploits0References2

Cvelist•added 2024/05/03 2:12 a.m.•10 views

CVE-2023-42034 Visualware MyConnection Server doRTAAccessCTConfig Cross-Site Scripting Authentication Bypass Vulnerability

Visualware MyConnection Server doRTAAccessCTConfig Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Visualware MyConnection Server. Minimal user interaction is required to exploit this...

8.8CVSS8.7AI score0.0037EPSS

Exploits0References2

Vulnrichment•added 2024/05/03 2:12 a.m.•10 views

CVE-2023-42034 Visualware MyConnection Server doRTAAccessCTConfig Cross-Site Scripting Authentication Bypass Vulnerability

8.8CVSS6.8AI score0.0037EPSS

Exploits0References2

CVE•added 2024/05/03 2:12 a.m.•62 views

CVE-2023-42034

Visualware MyConnection Server is affected by CVE-2023-42034 in the doRTAAccessCTConfig path, enabling Cross-Site Scripting that bypasses authentication. The flaw arises from insufficient validation of user-supplied data, permitting injection of arbitrary script and resulting in a remote authenti...

8.8CVSS8.4AI score0.0037EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/05/03 2:12 a.m.•11 views

CVE-2023-42033 Visualware MyConnection Server doPostUploadfiles Directory Traversal Remote Code Execution Vulnerability

Visualware MyConnection Server doPostUploadfiles Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Visualware MyConnection Server. Although authentication is required to exploit this...

7.2CVSS8.2AI score0.01606EPSS

Exploits0References2

Vulnrichment•added 2024/05/03 2:12 a.m.•12 views

CVE-2023-42033 Visualware MyConnection Server doPostUploadfiles Directory Traversal Remote Code Execution Vulnerability

7.2CVSS8AI score0.01606EPSS

Exploits0References2

CVE•added 2024/05/03 2:12 a.m.•50 views

CVE-2023-42033

Visualware MyConnection Server is affected by CVE-2023-42033 via the doPostUploadfiles directory traversal, allowing remote code execution with root context. The flaw is due to insufficient validation of a user-supplied path before file operations. Exploitation requires authentication, but authen...

7.2CVSS7.5AI score0.01606EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/05/03 2:12 a.m.•16 views

CVE-2023-42032 Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability

7.5CVSS7.6AI score0.00606EPSS

Exploits0References2

Vulnrichment•added 2024/05/03 2:12 a.m.•15 views

CVE-2023-42032 Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability

7.5CVSS6AI score0.00606EPSS

Exploits0References2

CVE•added 2024/05/03 2:12 a.m.•50 views

CVE-2023-42032

CVE-2023-42032 affects Visualware MyConnection Server. The doRTAAccessUPass method is exposed, creating an unauthenticated remote information disclosure vulnerability. Multiple connected sources corroborate that an attacker can disclose sensitive data within the application context without authen...

7.5CVSS7.1AI score0.00606EPSS

Exploits0References2Affected Software1

CNNVD•added 2024/05/03 12:0 a.m.•0 views

Visualware MyConnection Server 安全漏洞

Visualware MyConnection Server is a software application from Visualware, Inc. Providing accurate measurements of network quality and performance ensures a good user experience. A security vulnerability exists in Visualware MyConnection Server, which arises from a specific flaw in the doIForward...

6.5CVSS6.5AI score0.00332EPSS

Exploits0References3

CNNVD•added 2024/05/03 12:0 a.m.•1 views

Visualware MyConnection Server 安全漏洞

7.2CVSS7.3AI score0.01606EPSS

Exploits0References3

CNNVD•added 2024/05/03 12:0 a.m.•2 views

Visualware MyConnection Server 安全漏洞

8.8CVSS8.5AI score0.0037EPSS

Exploits0References3

Positive Technologies•added 2023/09/08 12:0 a.m.•2 views

PT-2023-28223 · Visualware · Visualware Myconnection Server

Name of the Vulnerable Software and Affected Versions: Visualware MyConnection Server affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to...

6.5CVSS6.5AI score0.00332EPSS

Exploits0References4

Positive Technologies•added 2023/09/08 12:0 a.m.•1 views

PT-2023-4977 · Visualware · Visualware Myconnection Server

Name of the Vulnerable Software and Affected Versions: Visualware MyConnection Server affected versions not specified Description: This issue allows remote attackers to bypass authentication on affected installations of Visualware MyConnection Server. Minimal user interaction is required to explo...

10CVSS7.4AI score0.0037EPSS

Exploits0References7

Zero Day Initiative•added 2023/09/08 12:0 a.m.•16 views

Visualware MyConnection Server doRTAAccessCTConfig Cross-Site Scripting Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Visualware MyConnection Server. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the doRTAAccessCTConfig method. The issue results from the lack of...

8.8CVSS7.4AI score0.0037EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by