Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-54282

Malicious code in bioql PyPI...

9.8CVSS8.6AI score0.00914EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-54281

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00142EPSS
Exploits0References3
NVD
NVDadded 2023/08/24 7:15 p.m.11 views

CVE-2023-4419

The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device...

9.8CVSS9.6AI score0.00914EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2023/08/24 7:15 p.m.3 views

CVE-2023-4419

The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device...

9.8CVSS7.3AI score0.00914EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2023/08/24 7:15 p.m.3 views

CVE-2023-4420

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security TLS in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can...

9.8CVSS7.2AI score0.00083EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2023/08/24 7:15 p.m.2 views

CVE-2023-4418

A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its availability through a TCP SYN-based denial-of-service DDoS attack. By exploiting this vulnerability, an attacker can flood the targeted LMS5xx with a high volume of TCP SYN requests, overwhelming its resources...

7.5CVSS7.2AI score0.00142EPSS
Exploits0References4
NVD
NVDadded 2023/08/24 7:15 p.m.8 views

CVE-2023-31412

The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password...

7.5CVSS7.5AI score0.00109EPSS
Exploits0References3
Prion
Prionadded 2023/08/24 7:15 p.m.10 views

Design/Logic Flaw

The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password...

5CVSS7.4AI score0.00109EPSS
Exploits0References3
Prion
Prionadded 2023/08/24 7:15 p.m.10 views

Hardcoded credentials

The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device...

6.5CVSS8.6AI score0.00914EPSS
Exploits0References3
Prion
Prionadded 2023/08/24 7:15 p.m.17 views

Design/Logic Flaw

A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its availability through a TCP SYN-based denial-of-service DDoS attack. By exploiting this vulnerability, an attacker can flood the targeted LMS5xx with a high volume of TCP SYN requests, overwhelming its resources...

5CVSS7.6AI score0.00142EPSS
Exploits0References3
CVE
CVEadded 2023/08/24 6:15 p.m.27 views

CVE-2023-31412

The CVE-2023-31412 issue affects the LMS5xx family, where weak hash generation produces insecure hashes. If an attacker obtains a hash, a collision attack could enable password retrieval. Documents from NVD/Red Hat/SICK PSIRT confirm the vulnerability and indicate risk components (network exposur...

7.5CVSS7.4AI score0.00109EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2023/08/24 6:15 p.m.10 views

CVE-2023-31412

The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password...

7.5CVSS7.7AI score0.00109EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2023/08/24 6:15 p.m.9 views

CVE-2023-31412

The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password...

7.5CVSS7.1AI score0.00109EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2023/08/24 6:11 p.m.12 views

CVE-2023-4420

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security TLS in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can...

9.8CVSS6.8AI score0.00083EPSS
Exploits0References3
CVE
CVEadded 2023/08/24 6:11 p.m.46 views

CVE-2023-4420

CVE-2023-4420 affects SICK LMS5xx devices. The vulnerability arises from the absence of Transport Layer Security, leaving the communication channel unencrypted and allowing a remote unprivileged attacker to eavesdrop and potentially manipulate data between LMS5xx and the client. Impacts include c...

9.8CVSS7.2AI score0.00083EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2023/08/24 6:11 p.m.11 views

CVE-2023-4420

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security TLS in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can...

9.8CVSS9.4AI score0.00083EPSS
Exploits0References3
Cvelist
Cvelistadded 2023/08/24 6:8 p.m.12 views

CVE-2023-4419

The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device...

9.8CVSS9.7AI score0.00914EPSS
Exploits0References3
CVE
CVEadded 2023/08/24 6:8 p.m.36 views

CVE-2023-4419

CVE-2023-4419 affects the SICK LMS5xx family, stemming from hard-coded credentials that could allow a remote, unauthenticated attacker to reconfigure settings or disrupt device functionality. Root cause: hard-coded credentials enabling privileged access. Impact per sources: high/critical confiden...

9.8CVSS8.6AI score0.00914EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2023/08/24 6:8 p.m.11 views

CVE-2023-4419

The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device...

9.8CVSS7.1AI score0.00914EPSS
Exploits0References3
CVE
CVEadded 2023/08/24 6:5 p.m.49 views

CVE-2023-4418

The CVE-2023-4418 issue affects the SICK LMS5xx family, where a remote unauthenticated attacker can induce a TCP SYN flood to exhaust resources and render the LMS5xx unavailable. Several connected documents confirm a network-based DoS via TCP SYN requests impacting availability, with PT-2023-2914...

7.5CVSS7.5AI score0.00142EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder