Total
646 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-39056 | 1 Coffee-jumbo Project | 1 Coffee-jumbo | 2024-08-02 | 6.5 Medium |
| An information leak in Coffee-jumbo v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39043 | 1 Ykc | 1 Tokushima Awayokocho | 2024-08-02 | 6.5 Medium |
| An information leak in YKC Tokushima_awayokocho Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39049 | 1 Youmart-tokunaga Project | 1 Youmart-tokunaga | 2024-08-02 | 6.5 Medium |
| An information leak in youmart-tokunaga v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39040 | 1 Cheese Cafe Line Project | 1 Cheese Cafe Line | 2024-08-02 | 6.5 Medium |
| An information leak in Cheese Cafe Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39039 | 1 Camp Style Project Line Project | 1 Camp Style Project Line | 2024-08-02 | 6.5 Medium |
| An information leak in Camp Style Project Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39058 | 1 The B Members Card Project | 1 The B Members Card | 2024-08-02 | 6.5 Medium |
| An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-38994 | 1 Univention | 1 Univention Corporate Server | 2024-08-02 | 7.9 High |
| The 'check_univention_joinstatus' prometheus monitoring script (and other scripts) in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuration of UCS does not allow local ssh access for regular users. | ||||
| CVE-2023-38955 | 1 Zkteco | 1 Bioaccess Ivs | 2024-08-02 | 7.5 High |
| ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names. | ||||
| CVE-2023-38830 | 1 Phpjabbers | 1 Yacht Listing Script | 2024-08-02 | 7.5 High |
| An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module. | ||||
| CVE-2023-38558 | 1 Siemens | 1 Simatic Pcs Neo | 2024-08-02 | 5.5 Medium |
| A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration Console) V4.0 Update 1 (All versions). The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems. | ||||
| CVE-2023-38152 | 1 Microsoft | 8 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 5 more | 2024-08-02 | 5.3 Medium |
| DHCP Server Service Information Disclosure Vulnerability | ||||
| CVE-2023-38160 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2024-08-02 | 5.5 Medium |
| Windows TCP/IP Information Disclosure Vulnerability | ||||
| CVE-2023-37645 | 1 Eyoucms | 1 Eyoucms | 2024-08-02 | 5.3 Medium |
| eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custom_model_path/recruit.filelist.txt. | ||||
| CVE-2023-37599 | 1 Issabel | 1 Pbx | 2024-08-02 | 7.5 High |
| An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory | ||||
| CVE-2023-36596 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2024-08-02 | 7.5 High |
| Remote Procedure Call Information Disclosure Vulnerability | ||||
| CVE-2023-36429 | 1 Microsoft | 1 Dynamics 365 | 2024-08-02 | 6.5 Medium |
| Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | ||||
| CVE-2023-36043 | 1 Microsoft | 1 System Center Operations Manager | 2024-08-02 | 6.5 Medium |
| Open Management Infrastructure Information Disclosure Vulnerability | ||||
| CVE-2023-36013 | 1 Microsoft | 1 Powershell | 2024-08-02 | 6.5 Medium |
| PowerShell Information Disclosure Vulnerability | ||||
| CVE-2023-35696 | 1 Sick | 2 Icr890-4, Icr890-4 Firmware | 2024-08-02 | 7.5 High |
| Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests. | ||||
| CVE-2023-35151 | 1 Xwiki | 1 Xwiki | 2024-08-02 | 7.5 High |
| XWiki Platform is a generic wiki platform. Starting in version 7.3-milestone-1 and prior to versions 14.4.8, 14.10.6, and 15.1, ny user can call a REST endpoint and obtain the obfuscated passwords, even when the mail obfuscation is activated. The issue has been patched in XWiki 14.4.8, 14.10.6, and 15.1. There is no known workaround. | ||||