ncr terminal_handler CVE 漏洞(9)

CVE 數: 9 CPE versions: View versions table

摘要

本頁列出影響 ncr terminal_handler 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。

顯示 199 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2023-47030 An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists. [email protected] 9.8 0.63% 2025-06-23 2026-06-17
CVE-2023-47029 An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted POST request to the UserService component [email protected] 9.8 0.62% 2025-06-23 2026-06-17
CVE-2023-47031 An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component. [email protected] 9.8 0.52% 2025-06-23 2026-07-05
CVE-2023-47295 A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings. [email protected] 9.8 0.48% 2025-06-23 2026-06-17
CVE-2023-47294 An issue in NCR Terminal Handler v1.5.1 allows low-level privileged authenticated attackers to arbitrarily deactivate, lock, and delete user accounts via a crafted session cookie. [email protected] 8.1 0.28% 2025-06-23 2026-06-17
CVE-2023-47032 Password Vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the UserService SOAP API function. [email protected] 9.8 0.70% 2025-06-23 2026-06-17
CVE-2023-47298 An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses. [email protected] 4.3 0.19% 2025-06-23 2026-06-17
CVE-2023-47297 A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations. [email protected] 9.8 0.45% 2025-06-23 2026-06-17
CVE-2023-47022 Insecure Direct Object Reference in NCR Terminal Handler v.1.5.1 allows an unprivileged user to edit the audit logs for any user and can lead to CSV injection. [email protected] 6.5 0.34% 2024-02-05 2026-06-17
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence