CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

6.8CVSS6.8AI score0.00214EPSS

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from improperly restricting excessive...

CNNVD•added 2024/08/02 12:0 a.m.•3 views

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405, which stems from insufficient protection against capture replay...

8.4CVSS6.7AI score0.00214EPSS

Exploits0References2

Vulnrichment•added 2024/08/02 12:0 a.m.•11 views

CVE-2024-38890

An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and possibly later versions allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks...

7AI score0.00214EPSS

Exploits0References2

CVE•added 2024/08/02 12:0 a.m.•29 views

CVE-2024-38890

CVE-2024-38890 affects Horizon Business Services Inc. Caterease Software versions 16.0.1.1663 through 24.0.1.2405 (potentially later) and enables a local attacker to bypass authentication via a capture-replay attack due to insufficient protection against capture-replay. The Red Hat, NVD, CVE reco...

8.4CVSS6.8AI score0.00214EPSS

Exploits0References2Affected Software1

CVE•added 2024/08/02 12:0 a.m.•35 views

CVE-2024-38889

Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 (and possibly later) are affected by CVE-2024-38889 due to improper neutralization of SQL elements, enabling remote SQL Injection. The issue is documented across multiple sources (NVD/Red Hat/CVE lists and PT Securi...

9.8CVSS8.3AI score0.00899EPSS

9.8CVSS7AI score0.01676EPSS

Horizon Business Services Caterease 安全漏洞

Exploits1References4

7.5CVSS6.9AI score0.00525EPSS

Horizon Business Services Caterease 安全漏洞

CNNVD•added 2024/08/02 12:0 a.m.•4 views

Horizon Business Services Caterease 安全漏洞

9.8CVSS7AI score0.00959EPSS

9.1CVSS6.8AI score0.0041EPSS

Horizon Business Services Caterease 安全漏洞

CNNVD•added 2024/08/02 12:0 a.m.•3 views

Horizon Business Services Caterease 安全漏洞

9.8CVSS7.3AI score0.00764EPSS

CVE•added 2024/08/02 12:0 a.m.•34 views

CVE-2024-38883

Summary (CVE-2024-38883): Horizon Business Services Inc. Caterease v16.0.1.1663–v24.0.1.2405 (and possibly later) may be vulnerable to a remote, network-based attack due to negotiating with a less-secure encryption algorithm, enabling a Drop Encryption Level attack. The issue is described across ...

9.1CVSS7.1AI score0.0041EPSS

Positive Technologies•added 2024/08/02 12:0 a.m.•3 views

PT-2024-28255 · Horizon Business Services Inc. · Caterease

Name of the Vulnerable Software and Affected Versions: Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 Description: The issue allows a local attacker to perform an Authentication Bypass attack due to improperly implemented security checks for standard...

7.8CVSS6.9AI score0.00197EPSS

Exploits0References6

Vulnrichment•added 2024/08/02 12:0 a.m.•15 views

CVE-2024-38885

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application...

7.9AI score0.00613EPSS

Exploits0References3

Cvelist•added 2024/08/02 12:0 a.m.•15 views

CVE-2024-38886

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel...

0.00764EPSS

CVE•added 2024/08/02 12:0 a.m.•39 views

CVE-2024-38882

CVE-2024-38882 affects Horizon Business Services Inc. Caterease versions 16.0.1.1663–24.0.1.2405 (and possibly later). The issue is a remote command execution via SQL Injection caused by improper neutralization of special elements used in an OS command. Impact is high (remote, with high confident...

9.8CVSS8.4AI score0.00959EPSS

CNNVD•added 2024/08/02 12:0 a.m.•3 views

Horizon Business Services Caterease 安全漏洞

9.8CVSS7.5AI score0.00899EPSS

Vulnrichment•added 2024/08/02 12:0 a.m.•14 views

CVE-2024-38891

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information...

7.2AI score0.00526EPSS

Cvelist•added 2024/08/02 12:0 a.m.•18 views

CVE-2024-38884

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform an Authentication Bypass attack due to improperly implemented security checks for standard authentication mechanisms...

0.00197EPSS

CVE•added 2024/08/02 12:0 a.m.•34 views

CVE-2024-38881

CVE-2024-38881 affects Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 and possibly later. The root cause is the storage of user passwords using one-way hashes without salts, enabling rainbow-table password cracking by a remote attacker. Reported across multiple ...

7.5CVSS7.3AI score0.00525EPSS