Category: CVSS2 - LOW
CVE-2023-30684

Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission.Read More ...

Continue Reading

15 августа, 2023

CVE-2023-31135

Dgraph is an open source distributed GraphQL database. Existing Dgraph audit logs are vulnerable to brute force attacks due to nonce collisions. The first 12 bytes come from a baseIv which is initiali ...

Continue Reading

15 августа, 2023

CVE-2023-2827

SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent ...

Continue Reading

15 августа, 2023

CVE-2023-35134

Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only.Read More ...

Continue Reading

15 августа, 2023

CVE-2023-28768

Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticate ...

Continue Reading

14 августа, 2023

CVE-2023-3569

In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an authenticated remote attacker with admin privileges could upload ...

Continue Reading

08 августа, 2023

CVE-2023-3669

A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.Read More ...

Continue Reading

03 августа, 2023

CVE-2023-3470

Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account.  The predictable nature of the password allows an authenticated user wi ...

Continue Reading

02 августа, 2023

CVE-2023-36858

An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an attacker to modify its configured server list.  Note: Software versions wh ...

Continue Reading

02 августа, 2023

CVE-2023-36494

Audit logs on F5OS-A may contain undisclosed sensitive information.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.Read More ...

Continue Reading

02 августа, 2023

Load more