NVD disclosure day
CVE-2023-4835
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
An external attacker can manipulate CF Software Oil Management Software to access its underlying database. This allows them to steal admin credentials, tamper with inventory and transaction records, or gain unauthorized control over systems managing critical resource distribution.
CVE-2023-4833
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
Besttem Network Marketing Software has a critical flaw allowing attackers to steal or alter sensitive data. This issue is now urgent to fix due to its internet-facing exposure.
CVE-2023-4662
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
An external attacker can target Saphira Connect with malicious commands that run with excessive permissions. This can allow them to gain complete administrative control of the server, potentially exposing sensitive corporate data and allowing unauthorized access to the broader business network.
CVE-2023-4661
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
An external attacker can target Saphira Connect to bypass security and steal sensitive database records, including user credentials. This matters because it could allow the attacker to modify application data and gain full unauthorized control over the system.
CVE-2023-4670
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
An external attacker can exploit a flaw in Innosa Probbys to access and modify sensitive database information. This could allow them to expose credentials and gain administrative control over the system, putting business operations and sensitive data at risk.
CVE-2023-4231
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A critical flaw in Cevik Informatics Online Payment System allows anyone on the internet to steal or corrupt payment data without needing a password. Act now to protect customer information and secure financial transactions.
CVE-2023-4830
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
An external attacker can exploit a flaw in Tura Signalix to bypass security controls and access sensitive database records. This could allow them to steal confidential files and gain full administrative control, threatening critical business operations and network security.
CVE-2023-4673
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A critical flaw in Sanalogy Turasistan lets anyone with internet access steal sensitive customer data or control the system, affecting all older versions.