Lucene search
K

37 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-44750

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-49520

Malicious code in bioql PyPI...

6.6CVSS6.6AI score0.0037EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-50024

Malicious code in bioql PyPI...

8CVSS7.8AI score0.00514EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/20 12:0 a.m.6 views

Westermo L210-F2G Lynx Security Vulnerability

The Westermo L210-F2G Lynx is an industrial switch from Westermo Sweden. A security vulnerability exists in the Westermo L210-F2G Lynx. An attacker could exploit the vulnerability to cause a denial of service by repeatedly sending a large number of packets...

8.7CVSS6.6AI score0.00478EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.19 views

Westermo Lynx Cross-site Scripting (CVE-2023-42765)

An attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the 'username' parameter in the SNMP configuration. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

5.4CVSS5.9AI score0.00294EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.17 views

Westermo Lynx 206-F2G Cleartext Transmission of Sensitive Information (CVE-2023-40544)

An attacker with access to the network where the affected devices are located could maliciously actions to obtain, via a sniffer, sensitive information exchanged via TCP communications. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

5.7CVSS6AI score0.00168EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.20 views

Westermo Lynx 206-F2G Improper Neutralization of Input During Web Page Generation (CVE-2023-45222)

An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the 'autorefresh' parameter. This plugin only works with Tenable.ot. Please visit...

5.4CVSS6AI score0.00294EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.17 views

Westermo Lynx 206-F2G Improper Neutralization of Input During Web Page Generation (CVE-2023-40143)

An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the 'forward.0.domain' parameter. This plugin only works with Tenable.ot. Please visit...

5.4CVSS6AI score0.00294EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.24 views

Westermo Lynx 206-F2G Improper Control of Generation of Code (CVE-2023-45735)

A potential attacker with access to the device would be able to execute malicious code that could affect the correct functioning of the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

8CVSS7.4AI score0.00514EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.19 views

Westermo Lynx 206-F2G Cross-Site Request Forgery (CVE-2023-38579)

The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally...

8.8CVSS7.6AI score0.00232EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.13 views

Westermo Lynx 206-F2G Improper Neutralization of Input During Web Page Generation (CVE-2023-45227)

An attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the 'dns.0.server' parameter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

5.4CVSS6AI score0.00294EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.17 views

Westermo Lynx 206-F2G Permissive Cross-Domain Policy with Untrusted Domains (CVE-2023-45213)

A potential attacker with access to the device would be able to execute malicious code that could affect the correct functioning of the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

6.6CVSS6.7AI score0.0037EPSS
Exploits0References2
OSV
OSV
added 2024/02/06 10:16 p.m.5 views

CVE-2023-45735

A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device...

8CVSS5.9AI score0.00514EPSS
Exploits0References1
NVD
NVD
added 2024/02/06 10:16 p.m.11 views

CVE-2023-40143

An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter...

5.4CVSS5.7AI score0.00294EPSS
Exploits0References1
OSV
OSV
added 2024/02/06 10:16 p.m.2 views

CVE-2023-45213

A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device...

6.5CVSS6.7AI score0.0037EPSS
Exploits0References1
OSV
OSV
added 2024/02/06 10:16 p.m.4 views

CVE-2023-40143

An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter...

5.4CVSS5.8AI score0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/06 9:51 p.m.13 views

CVE-2023-40143 Westermo Lynx

An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter...

5.4CVSS6.2AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2024/02/06 9:48 p.m.31 views

CVE-2023-45735

CVE-2023-45735 affects Westermo Lynx devices (206-F2G) running Westermo WeOS. The vulnerability is classified as Code Injection (CWE-94) with improper input handling in web interface, allowing a remote attacker with network access and low attack complexity to execute malicious code and potentiall...

8CVSS7.8AI score0.00514EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/06 9:48 p.m.12 views

CVE-2023-45735 Westermo Lynx Code Injection

A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device...

8CVSS7.1AI score0.00514EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/06 9:39 p.m.10 views

CVE-2023-45213 Westermo Lynx Permissive Cross-domain Policy with Untrusted Domains

A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device...

6.6CVSS6.6AI score0.0037EPSS
Exploits0References1
Rows per page
Query Builder