| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-4465 | Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0 | Nozomi Networks | Guardian | Medium | 6.0 | 2024-09-11 14:45:22 | Deep Dive |
| CVE-2023-5938 | Path traversal via 'zip slip' in Arc before v1.6.0 | Nozomi Networks | Arc | High | 8.0 | 2024-05-15 16:08:42 | Deep Dive |
| CVE-2023-5937 | Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0 | Nozomi Networks | Arc | Low | 3.8 | 2024-05-15 16:06:52 | Deep Dive |
| CVE-2023-5936 | Unsafe temporary data privileges on Unix systems in Arc before v1.6.0 | Nozomi Networks | Arc | High | 7.8 | 2024-05-15 16:04:59 | Deep Dive |
| CVE-2023-5935 | Missing authentication for local web interface in Arc before v1.6.0 | Nozomi Networks | Arc | High | 7.4 | 2024-05-15 16:02:35 | Deep Dive |
| CVE-2024-0218 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | Nozomi Networks | Guardian | High | 7.5 | 2024-04-10 15:56:00 | Deep Dive |
| CVE-2023-6916 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | Nozomi Networks | Guardian | High | 7.2 | 2024-04-10 15:50:58 | Deep Dive |
| CVE-2023-5253 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | Nozomi Networks | Guardian | Medium | 5.3 | 2024-01-15 10:53:56 | Deep Dive |
| CVE-2023-32649 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | Nozomi Networks | Guardian | High | 7.5 | 2023-09-19 10:06:16 | Deep Dive |
| CVE-2023-29245 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | Nozomi Networks | Guardian | High | 8.1 | 2023-09-19 10:04:57 | Deep Dive |
| CVE-2023-2567 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | Nozomi Networks | Guardian | High | 8.8 | 2023-09-19 10:03:04 | Deep Dive |
| CVE-2023-23903 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | Medium | 4.9 | 2023-08-09 09:12:25 | Deep Dive |
| CVE-2023-24015 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | Medium | 4.3 | 2023-08-09 09:05:17 | Deep Dive |
| CVE-2023-24471 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | Medium | 6.5 | 2023-08-09 08:54:28 | Deep Dive |
| CVE-2023-22843 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | Medium | 6.4 | 2023-08-09 08:46:32 | Deep Dive |
| CVE-2023-23574 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | High | 8.8 | 2023-08-09 08:39:13 | Deep Dive |
| CVE-2023-22378 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | High | 8.8 | 2023-08-09 08:01:57 | Deep Dive |
| CVE-2023-24477 | Session Fixation in Guardian/CMC before 22.6.2 | Nozomi Networks | Guardian | High | 7.0 | 2023-08-09 07:50:57 | Deep Dive |
| CVE-2022-4259 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | Nozomi Networks | CMC | High | 8.8 | 2023-05-04 10:38:25 | Deep Dive |
| CVE-2022-0551 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | Nozomi Networks | Guardian | High | 7.2 | 2022-03-24 14:15:22 | Deep Dive |