Filtered by vendor
Subscriptions
Total
390 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-47373 | 1 Linecorp | 1 Line | 2024-11-21 | 6.5 Medium |
The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send malicious notifications to victims. | ||||
CVE-2023-47372 | 1 Linecorp | 1 Line | 2024-11-21 | 6.5 Medium |
The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers to send malicious notifications to victims. | ||||
CVE-2023-47370 | 1 Linecorp | 1 Line | 2024-11-21 | 6.5 Medium |
The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims. | ||||
CVE-2023-47369 | 1 Linecorp | 1 Line | 2024-11-21 | 6.5 Medium |
The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers to send malicious notifications. | ||||
CVE-2023-47368 | 1 Linecorp | 1 Line | 2024-11-21 | 6.5 Medium |
The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send malicious notifications to victims. | ||||
CVE-2023-47367 | 1 Linecorp | 1 Line | 2024-11-21 | 6.5 Medium |
The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to send malicious notifications to victims. | ||||
CVE-2023-47366 | 1 Linecorp | 1 Line | 2024-11-21 | 6.5 Medium |
The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send malicious notifications to victims. | ||||
CVE-2023-47365 | 1 Linecorp | 1 Line | 2024-11-21 | 6.5 Medium |
The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to send malicious notifications to victims. | ||||
CVE-2023-47363 | 1 Linecorp | 1 Line | 2024-11-21 | 6.5 Medium |
The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send malicious notifications to victims. | ||||
CVE-2023-46894 | 1 Espressif | 1 Esptool | 2024-11-21 | 7.5 High |
An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm. | ||||
CVE-2023-44690 | 1 Dbcli | 1 Mycli | 2024-11-21 | 7.5 High |
Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py | ||||
CVE-2023-43776 | 1 Eaton | 44 Easy-box-e4-ac1, Easy-box-e4-ac1 Firmware, Easy-box-e4-dc1 and 41 more | 2024-11-21 | 6.8 Medium |
Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access. It was observed that the device password was stored with a weak encoding algorithm in the easyE4 program file when exported to SD card (*.PRG file ending). | ||||
CVE-2023-43757 | 1 Elecom | 68 Lan-w300n\/p, Lan-w300n\/p Firmware, Lan-w300n\/rs and 65 more | 2024-11-21 | 6.5 Medium |
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section. | ||||
CVE-2023-41305 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS message module. Successful exploitation of this vulnerability may affect confidentiality. | ||||
CVE-2023-3243 | 1 Honeywell | 2 Alerton Bcm-web, Alerton Bcm-web Firmware | 2024-11-21 | 8.3 High |
** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash and utilize it to create new sessions. The hash is also a poorly salted MD5 hash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X. Recommended fix: Upgrade to a supported product such as Alerton ACM.] Out of an abundance of caution, this CVE ID is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. | ||||
CVE-2023-37397 | 1 Ibm | 1 Aspera Faspex | 2024-11-21 | 3.6 Low |
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. IBM X-Force ID: 259672. | ||||
CVE-2023-36539 | 1 Zoom | 14 Meetings, Poly Ccx 600, Poly Ccx 600 Firmware and 11 more | 2024-11-21 | 5.3 Medium |
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information. | ||||
CVE-2023-35332 | 1 Microsoft | 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more | 2024-11-21 | 6.8 Medium |
Windows Remote Desktop Protocol Security Feature Bypass | ||||
CVE-2023-34971 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | 7.1 High |
An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to decrypt the data using brute force attacks via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later | ||||
CVE-2023-34337 | 1 Ami | 1 Megarac Sp-x | 2024-11-21 | 7.6 High |
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. |