NVD disclosure day

Published threat advisories for November 23, 2023

CVE-2023-3631

SQL Injection in Medart Notification Panel lets attackers take control or disrupt services.

Halo Surface Signal: 3 out of 5 — possibly public-facing.

An external attacker can gain unauthorized access to the Medart Notification Panel to view, change, or delete sensitive patient records. This poses a significant risk of a data privacy breach and potential loss of control over critical communication systems.

NVD published: November 23, 2023

CVE advisoryCRITICAL

CVE-2023-3377

Veribase SQL injection flaw allows attackers to steal data or take control.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical flaw in Veribase software lets attackers steal data or disrupt services remotely, and the vendor hasn't responded to the issue.

NVD published: November 23, 2023