Security Vulnerabilities - CVEs Published In October 2023
IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11.1 could allow a privileged user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 266016.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-10-25
EisBaer Scada - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS Score
7.5
EPSS Score
0.003
Published
2023-10-25
EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource
CVSS Score
7.5
EPSS Score
0.002
Published
2023-10-25
EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Score
7.5
EPSS Score
0.002
Published
2023-10-25
EisBaer Scada - CWE-285: Improper Authorization
CVSS Score
8.8
EPSS Score
0.002
Published
2023-10-25
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key
CVSS Score
7.1
EPSS Score
0.001
Published
2023-10-25
EisBaer Scada - CWE-256: Plaintext Storage of a Password
CVSS Score
7.1
EPSS Score
0.001
Published
2023-10-25
EisBaer Scada - CWE-749: Exposed Dangerous Method or Function
CVSS Score
7.5
EPSS Score
0.002
Published
2023-10-25
Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-10-25
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Top Directory parameter in the File Picker Menu component.
CVSS Score
5.4
EPSS Score
0.004
Published
2023-10-25