Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23168 | 2024-08-19 | N/A | 9.8 CRITICAL | ||
| Vulnerability in Xiexe XSOverlay before build 647 allows non-local websites to send the malicious commands to the WebSocket API, resulting in the arbitrary code execution. | |||||
| CVE-2024-1657 | 2024-04-25 | N/A | 8.1 HIGH | ||
| A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system. | |||||
| CVE-2023-32264 | 2024-03-08 | N/A | 5.8 MEDIUM | ||
| CWE-1385 vulnerability in OpenText Documentum D2 affecting versions16.5.1 to CE 23.2. The vulnerability could allow upload arbitrary code and execute it on the client's computer. | |||||
| CVE-2023-2886 | 1 Cbot | 2 Cbot Core, Cbot Panel | 2024-02-28 | N/A | 4.3 MEDIUM |
| Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. | |||||