203 matches found
Code injection
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB configuration with signing disabled...
CVE-2023-47578
Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery CSRF attacks due to the absence of CSRF protection in the web interface...
CVE-2023-47575
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. The web interfaces of the Relyum devices are susceptible to reflected XSS...
CVE-2023-47574
The CVE-2023-47574 entry refers to Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices with a weak SMB configuration where signing is disabled. This impacts confidentiality (per CVSS: high) but does not indicate exploitation details in the provided documents. Affected components are the SMB signi...
CVE-2023-47576
CVE-2023-47576 affects Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0. The issue enables authenticated command injection through the devices’ web interface. Root cause details are not provided in the connected documents, so the exact component/flow causing the vulnerability isn’t specified here. The...
CVE-2023-47578
Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery CSRF attacks due to the absence of CSRF protection in the web interface...
CVE-2023-47578
CVE-2023-47578 affects Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0; the web interface lacks CSRF protection, enabling CSRF attacks. CVSSv3.1 base score 8.8 (HIGH). If exploited, impacts to confidentiality, integrity, and availability are high. No exploitation status provided. Remediation guidance...
CVE-2023-47577
CVE-2023-47577 affects Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0. The root cause is lack of current-password verification when changing passwords, enabling unauthorized changes. CVSSv3.1 base score is 9.8 (CRITICAL) with Network attack vector, Low attack complexity, Privileges Required: None, U...
CVE-2023-47575
CVE-2023-47575 affects Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0. The connected documents report a reflected XSS vulnerability in the devices’ web interfaces. Vulnerable component: web UI of RELY-PCIe/RECY-REC; root cause: reflected cross-site scripting. Impact is described as XSS exposure via ...
Relyum RELY-PCIe Security Vulnerability
The Relyum RELY-PCIe is an intelligent pluggable board from the Spanish company Relyum. A security vulnerability exists in Relyum RELY-PCIe version 22.2.1, RELY-REC version 23.1.0. An attacker could exploit this vulnerability to perform cross-site request forgery attacks...
PT-2023-30513 · Relyum · Rely-Rec +1
Name of the Vulnerable Software and Affected Versions: Relyum RELY-PCIe version 22.2.1 Relyum RELY-REC version 23.1.0 Description: The issue is related to Cross Site Request Forgery CSRF attacks, which can be launched against the devices due to the absence of CSRF protection in the web interface...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-38669 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-38673 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-38671 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-38672 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-38673 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-38672 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-38670 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-38671 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-38669 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...