Vulnerabilities in Insignia
3 resultsCVE-2023-1384MEDIUMThe setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to bEPSS 0.4%CVE-2023-1385HIGHImproper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to uEPSS 0.3%CVE-2023-1383MEDIUMAn Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attaEPSS 0.3%