Lucene search
+L

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-37534

Malicious code in bioql PyPI...

9.8CVSS7.3AI score0.0085EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 2:2 a.m.11 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...

9.8CVSS7AI score0.0085EPSS
Exploits0References1
Prion
Prion
added 2023/08/04 6:15 p.m.30 views

Authentication flaw

Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication using MQTT. An attacker who gained access to these credentials is able to connect to the MQTT broker and send messages on behalf of devices, impersonating them...

7.5CVSS9.4AI score0.00759EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/08/03 1:15 a.m.21 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...

9.8CVSS9.6AI score0.0085EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/03 12:0 a.m.28 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...

9.7AI score0.0085EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/03 12:0 a.m.12 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...

7AI score0.0085EPSS
Exploits0References2
CVE
CVE
added 2023/08/03 12:0 a.m.2524 views

CVE-2023-33371

CVE-2023-33371 affects Control ID IDSecure 4.7.26.0 and earlier. The vulnerability arises from a hardcoded cryptographic key used to sign and verify JWT session tokens, enabling an attacker to forge tokens and bypass authentication. Exploitation details are not provided in these documents, but th...

9.8CVSS9.3AI score0.0085EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder