CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-35136
https://notcve.org/view.php?id=CVE-2022-35136
Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests. Boodskap IoT Platform versión v4.4.9-02, permite a atacantes realizar peticiones de API no autenticadas • https://securityblog101.blogspot.com/2022/10/cve-id-cve-2022-35135-cve-2022-35136.html • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-35134
https://notcve.org/view.php?id=CVE-2022-35134
Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting (XSS) vulnerability. Boodskap IoT Platform versión v4.4.9-02, contiene una vulnerabilidad de cross-site scripting (XSS) • https://securityblog101.blogspot.com/2022/10/cve-id-cve-2022-35134.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-35135
https://notcve.org/view.php?id=CVE-2022-35135
Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/<uuid>. Boodskap IoT Platform versión v4.4.9-02, permite a atacantes escalar privilegios por medio de una petición diseñada enviada a /api/user/upsert/(uuid) • https://securityblog101.blogspot.com/2022/10/cve-id-cve-2022-35135-cve-2022-35136.html • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-13325
https://notcve.org/view.php?id=CVE-2018-13325
The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow. La función _sell de una implementación de contrato inteligente para GROWCHAIN (GROW), un token de Ethereum, tiene un desbordamiento de enteros. • https://github.com/safecomet/EtherTokens/blob/master/GROWCHAIN%20%28GROW%29/GROWCHAIN%20%28GROW%29.md • CWE-190: Integer Overflow or Wraparound •