Search Results (363384 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-26756 1 Revive 1 Adserver 2024-11-21 7.5 High
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. NOTE: The vendor's position is that this is effectively mitigated by rate limits and password-quality features.
CVE-2023-26596 1 Intel 1 Thunderbolt Dch Driver 2024-11-21 2.5 Low
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-26592 1 Intel 1 Thunderbolt Dch Driver 2024-11-21 3.8 Low
Deserialization of untrusted data in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2023-26591 1 Intel 1 Thunderbolt Dch Driver 2024-11-21 2 Low
Unchecked return value in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an unauthenticated user to potentially enable denial of service via physical access.
CVE-2023-26589 3 Intel, Linux, Microsoft 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows 2024-11-21 6.5 Medium
Use after free in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allowed an authenticated user to potentially enable denial of service via local access.
CVE-2023-26587 1 Intel 1 Easy Streaming Wizard 2024-11-21 7.8 High
Improper input validation for the Intel(R) Easy Streaming Wizard software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-26586 1 Intel 7 Killer, Killer Wi-fi 6e Ax1675, Killer Wi-fi 6e Ax1690 and 4 more 2024-11-21 4.3 Medium
Uncaught exception for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-26585 1 Intel 1 Thunderbolt Dch Driver 2024-11-21 5 Medium
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-26584 1 Idattend 1 Idweb 2024-11-21 9.8 Critical
Unauthenticated SQL injection in the GetStudentInconsistencies method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.
CVE-2023-26583 1 Idattend 1 Idweb 2024-11-21 9.8 Critical
Unauthenticated SQL injection in the GetCurrentPeriod method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.
CVE-2023-26582 1 Idattend 1 Idweb 2024-11-21 9.8 Critical
Unauthenticated SQL injection in the GetExcursionDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.
CVE-2023-26581 1 Idattend 1 Idweb 2024-11-21 9.8 Critical
Unauthenticated SQL injection in the GetVisitors method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.
CVE-2023-26580 1 Idattend 1 Idweb 2024-11-21 7.5 High
Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the retrieval of any file present on the web server by unauthenticated attackers.
CVE-2023-26579 1 Idattend 1 Idweb 2024-11-21 5.3 Medium
Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows deletion of staff information by unauthenticated attackers.
CVE-2023-26578 1 Idattend 1 Idweb 2024-11-21 8.8 High
Arbitrary file upload to web root in the IDAttend’s IDWeb application 3.1.013 allows authenticated attackers to upload dangerous files to web root such as ASP or ASPX, gaining command execution on the affected server.
CVE-2023-26577 1 Idattend 1 Idweb 2024-11-21 7.5 High
Stored cross-site scripting in the IDAttend’s IDWeb application 3.1.052 and earlier allows attackers to hijack the browsing session of the logged in user.
CVE-2023-26576 1 Idattend 1 Idweb 2024-11-21 7.5 High
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers.
CVE-2023-26575 1 Idattend 1 Idweb 2024-11-21 7.5 High
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student and teacher data by unauthenticated attackers.
CVE-2023-26574 1 Idattend 1 Idweb 2024-11-21 7.5 High
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers.
CVE-2023-26573 1 Idattend 1 Idweb 2024-11-21 8.2 High
Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials.