35 matches found
EUVD-2023-37909
Malicious code in bioql PyPI...
EUVD-2023-37910
Malicious code in bioql PyPI...
CVE-2023-33758
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33760
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
CVE-2023-33757
A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...
CVE-2023-33758
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33758
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33760
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
CVE-2023-33760
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...
CVE-2023-33757
A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...
CVE-2023-33757
A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...
Design/Logic Flaw
A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...
Design/Logic Flaw
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...
Authentication flaw
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
Cross site scripting
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33760
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...
SpliceCom Maximiser Soft PBX Security Breach
Splicecom Maximiser Soft PBX is an IP phone. A security vulnerability exists in SpliceCom Maximiser Soft PBX v1.5 version and prior versions, which stems from Unrestricted Excessive Authentication Attempts UEAL, which allows an attacker to bypass authentication via brute force attack...