CVE-2023-30684
Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission.Read More ...
Continue Reading
August 15, 2023
CVE-2023-31135
Dgraph is an open source distributed GraphQL database. Existing Dgraph audit logs are vulnerable to brute force attacks due to nonce collisions. The first 12 bytes come from a baseIv which is initiali ...
Continue Reading
August 15, 2023
CVE-2023-2827
SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent ...
Continue Reading
August 15, 2023
CVE-2023-35134
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding accountâs JWT token only.Read More ...
Continue Reading
August 15, 2023
CVE-2023-28768
Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticate ...
Continue Reading
August 14, 2023
CVE-2023-3569
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an authenticated remote attacker with admin privileges could upload ...
Continue Reading
August 08, 2023
CVE-2023-3669
A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.Read More ...
Continue Reading
August 03, 2023
CVE-2023-3470
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. Â The predictable nature of the password allows an authenticated user wi ...
Continue Reading
August 02, 2023
CVE-2023-36858
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an attacker to modify its configured server list.  Note: Software versions wh ...
Continue Reading
August 02, 2023
CVE-2023-36494
Audit logs on F5OS-A may contain undisclosed sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.Read More ...
Continue Reading
August 02, 2023
