Sharpe-nl/CVEs

Releases0

A list of my collected CVE's

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-43024 ↗	Sep 18, 2024Wednesday, 18 September 2024, 20:15	6.1 MEDIUM	—
Multiple stored cross-site scripting (XSS) vulnerabilities in RWS MultiTrans v7.0.23324.2 and earlier allow attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVE-2024-43025 ↗	Sep 18, 2024Wednesday, 18 September 2024, 20:15	6.1 MEDIUM	—
An HTML injection vulnerability in RWS MultiTrans v7.0.23324.2 and earlier allows attackers to alter the HTML-layout and possibly execute a phishing attack via a crafted payload injected into a sent e-mail.
CVE-2023-33468 ↗	Aug 9, 2023Wednesday, 9 August 2023, 20:15	9.1 CRITICAL	—
KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the physical screen.
CVE-2023-33469 ↗	Aug 9, 2023Wednesday, 9 August 2023, 20:15	7.8 HIGH	—
In instances where the screen is visible and remote mouse connection is enabled, KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 can be exploited to achieve local code execution at the root level.