Our findings

Publicly disclosed vulnerabilities discovered by STM team.

Vulnerability ID	CVSS3.1	Product / Vulnerability name
CVE-2024-20251	4.8 (Medium)	CVE-2024-20251 Cisco Identity Services Engine Stored Cross-Site Scripting
CVE-2023-44286	8.8 (High)	CVE-2023-44286 Dell PowerProtect DD DOM-based Cross-Site Scripting
CVE-2023-44284	4.3 (Medium)	CVE-2023-44284 Dell PowerProtect DD SQL Injection
CVE-2023-44277	7.8 (High)	CVE-2023-44277 Dell PowerProtect DD OS command injection vulnerability in the CLI
CVE-2023-42474	6.8 (Medium)	CVE-2023-42474 SAP Business Objects DOM-Based Cross-Site Scripting
CVE-2023-42137	8.8 (High)	CVE-2023-42137 Android-based PAX POS devices Privilege escalation from system/shell user to root via insecure systool_server daemon
CVE-2023-42136	8.8 (High)	CVE-2023-42136 Android-based PAX POS devices Privilege escalation from any user/application to system via shell injection binder-exposed service
CVE-2023-42135	7.6 (High)	CVE-2023-42135 POS terminals PAX A920Pro / A50 / A77 Local code execution as root via kernel parameter injection in fastboot
CVE-2023-42134	7.6 (High)	CVE-2023-42134 POS terminals PAX A920Pro / A50 / A77 Signed partition overwrite and subsequently local code execution as root via hidden bootloader command
CVE-2023-28083	5.4 (Medium)	CVE-2023-28083 HPE Integrated Lights-Out Remote Stored Cross-Site Scripting
CVE-2023-20248	5.4 (Medium)	CVE-2023-20248 Cisco TelePresence Management Suite Stored Cross-Site Scripting vulnerability in "Video address" parameter
CVE-2023-20211	8.1 (High)	CVE-2023-20211 Cisco Unified Communications Manager Multiple Authenticated SQL Injection Vulnerabilities
CVE-2023-20110	6.5 (Medium)	CVE-2023-20110 Cisco Smart Software Manager On-Prem Authenticated SQL Injection in 'filter_by' parameter
CVE-2023-4818	7.3 (High)	CVE-2023-4818 POS terminal PAX A920 Bootloader downgrade via improper tokenization
CVE-2022-30874	4.8 (Medium)	CVE-2022-30874 NukeViet CMS Stored XSS in menu item link
CVE-2022-22323	5.7 (Medium)	CVE-2022-22323 IBM Security Identity Manager Windows Password Synch Plug-in Incorrect size of buffers used to store XML-sanitized credentials leading to Heap Overflow
CVE-2022-22312	5.7 (Medium)	CVE-2022-22312 IBM Security Identity Manager Windows Password Synch Plug-in Incorrect size of buffer used to store LDAP-sanitized username leading to Heap Overflow
CVE-2021-37424	9.0 (Critical)	CVE-2021-37424 ManageEngine ADSelfService Plus Domain administrator takeover via machine account creation
CVE-2021-37423	8.2 (High)	CVE-2021-37423 ManageEngine ADSelfService Plus Linked applications account takeover via fake password sync agent
CVE-2021-37422	7.7 (High)	CVE-2021-37422 ManageEngine ADSelfService Plus SQL Injection in linked Oracle Database
CVE-2021-37421	5.3 (Medium)	CVE-2021-37421 ManageEngine ADSelfService Plus Admin portal access restriction bypass via X-Forwarded-For header
CVE-2021-37420	6.5 (Medium)	CVE-2021-37420 ManageEngine ADSelfService Plus E-mail MIME injection in /RestAPI/PasswordSelfServiceAPI endpoint
CVE-2021-37419	8.6 (High)	CVE-2021-37419 ManageEngine ADSelfService Plus SSRF vulnerability in /servlet/ADSHACluster endpoint
CVE-2021-37417	5.3 (Medium)	CVE-2021-37417 ManageEngine ADSelfService Plus CAPTCHA bypass in login form via EXCLUDE_CAPTCHA parameter
CVE-2021-37416	6.1 (Medium)	CVE-2021-37416 ManageEngine ADSelfService Plus Reflected XSS in LoadFrame page via single_signout parameter
CVE-2021-33055	8.1 (High)	CVE-2021-33055 ManageEngine ADSelfService Plus Unauthenticated and authenticated RCE via PowerShell injection - system locale dependant
CVE-2021-31874	9.1 (Critical)	CVE-2021-31874 ManageEngine ADSelfService Plus Retrieval of linked databases credentials via HOST_NAME parameter manipulation
CVE-2021-28958	9.8 (Critical)	CVE-2021-28958 ManageEngine ADSelfService Plus Unauthenticated RCE in password change function
CVE-2021-20574	8.7 (High)	CVE-2021-20574 IBM Security Identity Manager Windows Password Synch Plug-in LDAP Injection leading to account takeover
CVE-2021-20573	5.7 (Medium)	CVE-2021-20573 IBM Security Identity Manager Windows Password Synch Plug-in Heap overflow leading to domain controller denial of service
CVE-2021-20572	5.7 (Medium)	CVE-2021-20572 IBM Security Identity Manager Windows Password Synch Plug-in Stack overflow leading to domain controller denial of service
CVE-2021-2053	6.1 (Medium)	CVE-2021-2053 Oracle Enterprise Manager Reflected Cross-Site Scripting in "target" query parameter
CVE-2020-4702	6.4 (Medium)	CVE-2020-4702 IBM InfoSphere (Metadata Asset Manager) Stored cross-site scripting
CVE-2020-4632	5.7 (Medium)	CVE-2020-4632 IBM InfoSphere (Metadata Asset Manager) Server-side request forgery
CVE-2023-42472	TBA	CVE-2023-42472 TBA
CVE-2023-42133	TBA	CVE-2023-42133 TBA
CVE-2023-32336	TBA	CVE-2023-32336 TBA