| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-3334 | USB Security Feature Bypass in Digital Guardian Windows Agent Prior to version 8.2.0 | Fortra | Digital Guardian Agent | Medium | 4.3 | 2024-11-15 19:57:28 | Deep Dive |
| CVE-2024-4465 | Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0 | Nozomi Networks | Guardian | Medium | 6.0 | 2024-09-11 14:45:22 | Deep Dive |
| CVE-2024-0218 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | Nozomi Networks | Guardian | High | 7.5 | 2024-04-10 15:56:00 | Deep Dive |
| CVE-2023-6916 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | Nozomi Networks | Guardian | High | 7.2 | 2024-04-10 15:50:58 | Deep Dive |
| CVE-2023-22836 | In cases where a multi-tenant stack user is operating Foundry’s Linter service, and the user changes the linter name from the default value, the renamed value may be visible to the rest of the stack’s tenants. | Palantir | com.palantir.skywise:guardian | Low | 3.5 | 2024-01-29 18:50:38 | Deep Dive |
| CVE-2023-5253 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | Nozomi Networks | Guardian | Medium | 5.3 | 2024-01-15 10:53:56 | Deep Dive |
| CVE-2023-6253 | Saved Uninstall Key in Digital Guardian Agent Uninstaller | Fortra | Digital Guardian Agent | - | - | 2023-11-22 11:22:58 | Deep Dive |
| CVE-2023-32649 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | Nozomi Networks | Guardian | High | 7.5 | 2023-09-19 10:06:16 | Deep Dive |
| CVE-2023-29245 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | Nozomi Networks | Guardian | High | 8.1 | 2023-09-19 10:04:57 | Deep Dive |
| CVE-2023-2567 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | Nozomi Networks | Guardian | High | 8.8 | 2023-09-19 10:03:04 | Deep Dive |
| CVE-2023-23903 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | Medium | 4.9 | 2023-08-09 09:12:25 | Deep Dive |
| CVE-2023-24015 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | Medium | 4.3 | 2023-08-09 09:05:17 | Deep Dive |
| CVE-2023-24471 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | Medium | 6.5 | 2023-08-09 08:54:28 | Deep Dive |
| CVE-2023-22843 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | Medium | 6.4 | 2023-08-09 08:46:32 | Deep Dive |
| CVE-2023-23574 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | High | 8.8 | 2023-08-09 08:39:13 | Deep Dive |
| CVE-2023-22378 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | High | 8.8 | 2023-08-09 08:01:57 | Deep Dive |
| CVE-2023-24477 | Session Fixation in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | High | 7.0 | 2023-08-09 07:50:57 | Deep Dive |
| CVE-2022-4259 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | Nozomi Networks | CMC | High | 8.8 | 2023-05-04 10:38:25 | Deep Dive |
| CVE-2022-0551 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | Nozomi Networks | Guardian | High | 7.2 | 2022-03-24 14:15:22 | Deep Dive |
| CVE-2022-0550 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 | Nozomi Networks | Guardian | High | 7.2 | 2022-03-24 14:15:20 | Deep Dive |