CVE Tools

ailux

Hardware Firmwareunknown

12

Cumulative CVEs

1

Monthly snapshots

#64

Peak rank

Top products

imx612 imx6 bundle11

Latest CVEs

The 12 most recently published vulnerabilities affecting ailux.

CVE-2023-5457Untitled vulnerability7.5Mar 5, 2024
CVE-2023-45600A CWE-613 “Insufficient Session Expiration” vulnerability in the web application, due to the session cookie “sessionid” lasting two weeks, facilitates session hijacking attacks against vict...5.6Mar 5, 2024
CVE-2023-45599A CWE-646 “Reliance on File Name or Extension of Externally-Supplied File” vulnerability in the “iec61850” functionality of the web application allows a remote authenticated attacker to upl...5.5Mar 5, 2024
CVE-2023-45598A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure in...5.3Mar 5, 2024
CVE-2023-45597A CWE-1236 “Improper Neutralization of Formula Elements in a CSV File” vulnerability in the “file_configuration” functionality of the web application (concerning the function “export_file...5.9Mar 5, 2024
CVE-2023-45596A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “file_configuration” functionality of the web application allows a remote unauthenticated attacker to access confidential...5.3Mar 5, 2024
CVE-2023-45595A CWE-434 “Unrestricted Upload of File with Dangerous Type” vulnerability in the “file_configuration” functionality of the web application allows a remote authenticated attacker to upload a...5.9Mar 5, 2024
CVE-2023-45594A CWE-552 “Files or Directories Accessible to External Parties” vulnerability in the embedded Chromium browser allows a physical attacker to arbitrarily download/upload files to/from the file s...6.8Mar 5, 2024
CVE-2023-45593A CWE-184 “Incomplete List of Disallowed Inputs” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physi...6.8Mar 5, 2024
CVE-2023-45592A CWE-250 “Execution with Unnecessary Privileges” vulnerability in the embedded Chromium browser (due to the binary being executed with the “--no-sandbox” option and with root privileges) e...6.8Mar 5, 2024
CVE-2023-45591A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a remote authenticated attacker to trigger a memory corruption in the...7.5Mar 5, 2024
CVE-2023-5456A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web application allows a remote unauthenticated attacker to access the database service and all included d...8.1Mar 5, 2024