Lucene search
K

35 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-37909

Malicious code in bioql PyPI...

5.9CVSS6.1AI score0.00287EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-37910

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.0037EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.7 views

CVE-2023-33758

Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...

6.1CVSS6.2AI score0.0037EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.9 views

CVE-2023-33760

SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...

5.3CVSS7.1AI score0.00276EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.8 views

CVE-2023-33759

SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...

9.8CVSS7.2AI score0.00799EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.7 views

CVE-2023-33757

A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...

5.9CVSS6.8AI score0.00287EPSS
Exploits1References1
NVD
NVD
added 2024/01/25 8:15 a.m.26 views

CVE-2023-33758

Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...

6.1CVSS6.1AI score0.0037EPSS
Exploits1References1
OSV
OSV
added 2024/01/25 8:15 a.m.4 views

CVE-2023-33758

Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...

6.1CVSS5.7AI score0.0037EPSS
Exploits1References1
NVD
NVD
added 2024/01/25 8:15 a.m.29 views

CVE-2023-33760

SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...

5.3CVSS5.2AI score0.00276EPSS
Exploits1References1
NVD
NVD
added 2024/01/25 8:15 a.m.16 views

CVE-2023-33759

SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...

9.8CVSS9.5AI score0.00799EPSS
Exploits1References1
OSV
OSV
added 2024/01/25 8:15 a.m.2 views

CVE-2023-33759

SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...

9.8CVSS5.8AI score0.00799EPSS
Exploits1References1
OSV
OSV
added 2024/01/25 8:15 a.m.4 views

CVE-2023-33760

SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...

5.3CVSS5.8AI score0.00276EPSS
Exploits1References1
NVD
NVD
added 2024/01/25 8:15 a.m.23 views

CVE-2023-33757

A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...

5.9CVSS5.6AI score0.00287EPSS
Exploits1References1
OSV
OSV
added 2024/01/25 8:15 a.m.6 views

CVE-2023-33757

A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...

5.9CVSS5.8AI score0.00287EPSS
Exploits1References1
Prion
Prion
added 2024/01/25 8:15 a.m.20 views

Design/Logic Flaw

A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...

2.6CVSS7AI score0.00287EPSS
Exploits1References1Affected Software2
Prion
Prion
added 2024/01/25 8:15 a.m.21 views

Design/Logic Flaw

SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...

2.6CVSS7.3AI score0.00276EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2024/01/25 8:15 a.m.17 views

Authentication flaw

SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...

7.5CVSS7.4AI score0.00799EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2024/01/25 8:15 a.m.18 views

Cross site scripting

Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...

5.8CVSS6.4AI score0.0037EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/25 12:0 a.m.13 views

CVE-2023-33760

SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...

7.1AI score0.00276EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/01/25 12:0 a.m.3 views

SpliceCom Maximiser Soft PBX Security Breach

Splicecom Maximiser Soft PBX is an IP phone. A security vulnerability exists in SpliceCom Maximiser Soft PBX v1.5 version and prior versions, which stems from Unrestricted Excessive Authentication Attempts UEAL, which allows an attacker to bypass authentication via brute force attack...

9.8CVSS7AI score0.00799EPSS
Exploits1References2
Rows per page
Query Builder