Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:20 a.m.6 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

7.5CVSS5.8AI score0.00379EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.23 views

CVE-2024-38465

Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...

5.3CVSS0.0025EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.21 views

CVE-2024-38466

Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password...

9.8CVSS0.00421EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.23 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

7.5CVSS0.00379EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.30 views

CVE-2024-38468

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API...

9.8CVSS0.00421EPSS
Exploits0References1
CVE
CVE
added 2024/06/16 12:0 a.m.53 views

CVE-2024-38466

The CVE-2024-38466 issue affects Shenzhen Guoxin Synthesis image system up to version 8.3.0, where a default credential 123456Qw is present. Multiple connected sources confirm the vulnerability stems from a hard-coded/default password, enabling unauthorized access if standard credentials are not ...

9.8CVSS7AI score0.00421EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/06/16 12:0 a.m.3 views

Shenzhen Guoxin Synthesis Image System Security Vulnerability

Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in Shenzhen Guoxin Synthesis Image System versions prior to 8.3.0 that originates from allowing unauthorized user information to be retriev...

7.5CVSS6.4AI score0.00379EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/16 12:0 a.m.5 views

PT-2024-28021 · Shenzhen Guoxin · Shenzhen Guoxin Synthesis Image System

Name of the Vulnerable Software and Affected Versions: Shenzhen Guoxin Synthesis image system versions prior to 8.3.0 Description: The issue allows unauthorized user information retrieval. This is achieved via the "queryUser API" endpoint. Recommendations: For versions prior to 8.3.0, update to...

7.5CVSS7AI score0.00379EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/16 12:0 a.m.19 views

CVE-2024-38465

Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...

0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/16 12:0 a.m.24 views

CVE-2024-38468

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API...

7.1AI score0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/16 12:0 a.m.22 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

6.7AI score0.00379EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/16 12:0 a.m.24 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

0.00379EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/16 12:0 a.m.3 views

Shenzhen Guoxin Synthesis image system security vulnerability

Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in Shenzhen Guoxin Synthesis image system versions prior to 8.3.0, which stems from a default password of 123456Qw...

9.8CVSS6.8AI score0.00421EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/16 12:0 a.m.18 views

CVE-2024-38466

Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password...

7AI score0.00421EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/16 12:0 a.m.5 views

Shenzhen Guoxin Synthesis image system security vulnerability

Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in the Shenzhen Guoxin Synthesis image system, version prior to 8.3.0, which stems from a discrepancy in the error response that allows...

5.3CVSS6.7AI score0.0025EPSS
Exploits0References2
CVE
CVE
added 2024/06/16 12:0 a.m.92 views

CVE-2024-38468

CVE-2024-38468 affects Shenzhen Guoxin Synthesis Image System prior to version 8.3.0. The vulnerability allows unauthorized password resets via the resetPassword API, exposing high-severity impact (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Affected component is the image system’s resetPass...

9.8CVSS7.2AI score0.00421EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/06/16 12:0 a.m.47 views

CVE-2024-38465

The CVE-2024-38465 affects Shenzhen Guoxin Synthesis image system prior to version 8.3.0. The vulnerability arises from a response discrepancy between incorrect and error responses, enabling username enumeration. Affected component is the image system software; root cause is inconsistent error ha...

5.3CVSS7AI score0.0025EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder