CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47369
https://notcve.org/view.php?id=CVE-2023-47369
09 Nov 2023 — The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers to send malicious notifications. La fuga del token de acceso al canal en best_training_member Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas. • https://github.com/syz913/CVE-reports/blob/main/best_training_member.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47370
https://notcve.org/view.php?id=CVE-2023-47370
09 Nov 2023 — The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en bluetrick Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/bluetrick.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47372
https://notcve.org/view.php?id=CVE-2023-47372
09 Nov 2023 — The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en UPDATESALON C-LOUNGE Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/UPDATESALON%20C-LOUNGE.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47373
https://notcve.org/view.php?id=CVE-2023-47373
09 Nov 2023 — The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en DRAGON FAMILY Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/DRAGON%20FAMILY.md • CWE-326: Inadequate Encryption Strength •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38845
https://notcve.org/view.php?id=CVE-2023-38845
25 Oct 2023 — An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en Anglaise Company Anglaise.Company v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38845.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38846
https://notcve.org/view.php?id=CVE-2023-38846
25 Oct 2023 — An issue in Marbre Lapin Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en Marbre Lapin Line v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38846.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38847
https://notcve.org/view.php?id=CVE-2023-38847
25 Oct 2023 — An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en CHRISTINA JAPAN Line v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38847.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38848
https://notcve.org/view.php?id=CVE-2023-38848
25 Oct 2023 — An issue in rmc R Beauty CLINIC Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en rmc R Beauty CLINIC Line v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38848.md • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38849
https://notcve.org/view.php?id=CVE-2023-38849
25 Oct 2023 — An issue in tire-sales Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en Tire-Sales Line v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38849.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5554
https://notcve.org/view.php?id=CVE-2023-5554
12 Oct 2023 — Lack of TLS certificate verification in log transmission of a financial module within LINE Client for iOS prior to 13.16.0. Falta de verificación del certificado TLS en la transmisión de registros de un módulo financiero dentro de LINE Client para iOS anterior a 13.16.0. • https://hackerone.com/reports/2106827 • CWE-295: Improper Certificate Validation •