Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:20 a.m.6 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

7.5CVSS5.8AI score0.00379EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.24 views

CVE-2024-38466

Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password...

9.8CVSS0.00421EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.24 views

CVE-2024-38465

Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...

5.3CVSS0.0025EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.23 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

7.5CVSS0.00379EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.32 views

CVE-2024-38468

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API...

9.8CVSS0.00421EPSS
Exploits0References1
CVE
CVE
added 2024/06/16 12:0 a.m.53 views

CVE-2024-38466

The CVE-2024-38466 issue affects Shenzhen Guoxin Synthesis image system up to version 8.3.0, where a default credential 123456Qw is present. Multiple connected sources confirm the vulnerability stems from a hard-coded/default password, enabling unauthorized access if standard credentials are not ...

9.8CVSS7AI score0.00421EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/16 12:0 a.m.5 views

PT-2024-28021 · Shenzhen Guoxin · Shenzhen Guoxin Synthesis Image System

Name of the Vulnerable Software and Affected Versions: Shenzhen Guoxin Synthesis image system versions prior to 8.3.0 Description: The issue allows unauthorized user information retrieval. This is achieved via the "queryUser API" endpoint. Recommendations: For versions prior to 8.3.0, update to...

7.5CVSS7AI score0.00379EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/16 12:0 a.m.19 views

CVE-2024-38465

Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...

0.0025EPSS
Exploits0References1
CVE
CVE
added 2024/06/16 12:0 a.m.47 views

CVE-2024-38465

The CVE-2024-38465 affects Shenzhen Guoxin Synthesis image system prior to version 8.3.0. The vulnerability arises from a response discrepancy between incorrect and error responses, enabling username enumeration. Affected component is the image system software; root cause is inconsistent error ha...

5.3CVSS7AI score0.0025EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/06/16 12:0 a.m.24 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

0.00379EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/16 12:0 a.m.5 views

Shenzhen Guoxin Synthesis Image System Security Vulnerability

Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in Shenzhen Guoxin Synthesis Image System versions prior to 8.3.0 that originates from allowing unauthorized user information to be retriev...

7.5CVSS6.4AI score0.00379EPSS
Exploits0References2
CVE
CVE
added 2024/06/16 12:0 a.m.92 views

CVE-2024-38468

CVE-2024-38468 affects Shenzhen Guoxin Synthesis Image System prior to version 8.3.0. The vulnerability allows unauthorized password resets via the resetPassword API, exposing high-severity impact (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Affected component is the image system’s resetPass...

9.8CVSS7.2AI score0.00421EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/06/16 12:0 a.m.5 views

Shenzhen Guoxin Synthesis image system security vulnerability

Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in the Shenzhen Guoxin Synthesis image system, version prior to 8.3.0, which stems from a discrepancy in the error response that allows...

5.3CVSS6.7AI score0.0025EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/16 12:0 a.m.4 views

Shenzhen Guoxin Synthesis image system security vulnerability

Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in Shenzhen Guoxin Synthesis image system versions prior to 8.3.0, which stems from a default password of 123456Qw...

9.8CVSS6.8AI score0.00421EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/16 12:0 a.m.19 views

CVE-2024-38466

Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password...

7AI score0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/16 12:0 a.m.23 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

6.7AI score0.00379EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/16 12:0 a.m.25 views

CVE-2024-38468

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API...

7.1AI score0.00421EPSS
Exploits0References1
Rows per page
Query Builder