CVE-2023-33368

Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes.Read More ...

Continue Reading

August 03, 2023

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication. ...

Continue Reading

August 03, 2023

CVE-2023-33370

An uncaught exception vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to cause the main web server of IDSecure to fault and crash, causing a denial of service.Read M ...

Continue Reading

August 03, 2023

CVE-2023-26979

Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to decrease or increase the intensity of the s ...

Continue Reading

August 03, 2023

CVE-2023-38958

An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request.Read ...

Continue Reading

August 03, 2023

CVE-2023-38954

ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.Read More ...

Continue Reading

August 03, 2023

CVE-2023-36212

File Upload vulnerability in Total CMS v.1.7.4 allows a remote attacker to execute arbitrary code via a crafted PHP file to the edit page function.Read More ...

Continue Reading

August 03, 2023

CVE-2023-38956

A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload.Read More ...

Continue Reading

August 03, 2023

1 254 255 256 257 258 3,551

Back to Main
Subscribe for the latest news: