Uncategorized CVEs — 2023 (Page 3/24)

2023-11-30

Medium

CVE-2023-48894

Incorrect Access Control vulnerability in jshERP V3.3 allows attackers to obtain sensitive information via the doFilter function.

CVSS: 6.5CWE: N/A

Critical

CVE-2023-47418

Remote Code Execution (RCE) vulnerability in o2oa version 8.1.2 and before, allows attackers to create a new interface in the service management function to execute JavaScript.

CVSS: 9.8CWE: N/A

2023-11-29

Critical

CVE-2022-42540

Elevation of privilege

CVSS: 9.8CWE: N/A

High

CVE-2022-42539

Information disclosure

CVSS: 7.5CWE: N/A

Critical

CVE-2022-42538

Elevation of privilege

CVSS: 9.8CWE: N/A

Critical

CVE-2022-42537

Remote code execution

CVSS: 9.8CWE: N/A

Critical

CVE-2022-42536

Remote code execution

CVSS: 9.8CWE: N/A

High

CVE-2023-48950

An issue in the box_col_len function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

CVSS: 7.5CWE: N/A

High

CVE-2023-48949

An issue in the box_add function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

CVSS: 7.5CWE: N/A

High

CVE-2023-48948

An issue in the box_div function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

CVSS: 7.5CWE: N/A

High

CVE-2023-48947

An issue in the cha_cmp function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

CVSS: 7.5CWE: N/A

High

CVE-2023-48946

An issue in the box_mpy function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

CVSS: 7.5CWE: N/A

High

CVE-2023-40626

The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information.

CVSS: 7.5CWE: N/A

2023-11-28

High

CVE-2023-46944

An issue in GitKraken GitLens before v.14.0.0 allows an attacker to execute arbitrary code via a crafted file to the Visual Studio Codes workspace trust component.

CVSS: 7.8CWE: N/A

Critical

CVE-2023-48193

Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command…

CVSS: 9.8CWE: N/A

High

CVE-2023-30590

The generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet, but the functi…

CVSS: 7.5CWE: N/A

Medium

CVE-2023-30588

When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could fo…

CVSS: 5.3CWE: N/A

Medium

CVE-2023-34055

In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifi…

CVSS: 5.3CWE: N/A

Medium

CVE-2023-34054

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-servic…

CVSS: 5.3CWE: N/A

Medium

CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is…

CVSS: 5.3CWE: N/A

Medium

CVE-2023-24023

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key lengt…

CVSS: 6.8CWE: N/A

Critical

CVE-2023-47503

An issue in jflyfox jfinalCMS v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp component in the template management module.

CVSS: 9.8CWE: N/A

High

CVE-2023-30585

A vulnerability has been identified in the Node.js (.msi version) installation process, specifically affecting Windows users who install Node.js using the .msi installer. This vulnerability emerges d…

CVSS: 7.5CWE: N/A

2023-11-27

Medium

CVE-2023-46355

In the module "CSV Feeds PRO" (csvfeeds) < 2.6.1 from Bl Modules for PrestaShop, a guest can download personal information without restriction. Due to too permissive access control which does not for…

CVSS: 5.3CWE: N/A

High

CVE-2023-5906

The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users.…

CVSS: 7.5CWE: N/A

Medium

CVE-2023-5845

The Simple Social Media Share Buttons WordPress plugin before 5.1.1 leaks password-protected post content to unauthenticated visitors in some meta tags

CVSS: 5.3CWE: N/A

Critical

CVE-2023-5559

The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJAX actions, allowing unauthenticated users to delete arbitrary options from the database, leading t…

CVSS: 9.1CWE: N/A

High

CVE-2023-5239

The Security & Malware scan by CleanTalk WordPress plugin before 2.121 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used…

CVSS: 7.5CWE: N/A

Critical

CVE-2023-4922

The WPB Show Core WordPress plugin through 2.2 is vulnerable to a local file inclusion via the `path` parameter.

CVSS: 9.8CWE: N/A

Medium

CVE-2023-4297

The Mmm Simple File List WordPress plugin through 2.3 does not validate the generated path to list files from, allowing any authenticated users, such as subscribers, to list the content of arbitrary…

CVSS: 4.3CWE: N/A

Medium

CVE-2023-4252

The EventPrime WordPress plugin through 3.2.9 specifies the price of a booking in the client request, allowing an attacker to purchase bookings without payment.

CVSS: 5.3CWE: N/A

Medium

CVE-2023-6302

A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is some unknown functionality of the file \views\templates of the component File Manager Page. The manipul…

CVSS: 4.7CWE: CWE-275

High

CVE-2023-49322

Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server…

CVSS: 7.5CWE: N/A

Medium

CVE-2023-49321

Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server…

CVSS: 5.3CWE: N/A

2023-11-24

High

CVE-2023-44303

RVTools, Version 3.9.2 and above, contain a sensitive data exposure vulnerability in the password encryption utility (RVToolsPasswordEncryption.exe) and main application (RVTools.exe). A remote unaut…

CVSS: 7.5CWE: CWE-310

2023-11-23

High

CVE-2023-28813

An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious…

CVSS: 8.1CWE: N/A

2023-11-22

High

CVE-2023-49102

NZBGet 21.1 allows authenticated remote code execution because the unarchive programs (7za and unrar) preserve executable file permissions. An attacker with the Control capability can execute a file…

CVSS: 8.8CWE: N/A

High

CVE-2023-48646

Zoho ManageEngine RecoveryManager Plus before 6070 allows admin users to execute arbitrary commands via proxy settings.

CVSS: 7.2CWE: N/A

High

CVE-2023-6009

The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.4 due to insufficient restriction on the 'userpro_update_user_profile' function. This make…

CVSS: 8.8CWE: N/A

High

CVE-2023-5815

The News & Blog Designer Pack – WordPress Blog Plugin — (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry) plugin for WordPress is vulnerable to Remote Code E…

CVSS: 8.1CWE: N/A

Medium

CVE-2023-5314

The WP EXtra plugin for WordPress is vulnerable to unauthorized access to restricted functionality due to a missing capability check on the 'test-email' section of the register() function in versions…

CVSS: 4.3CWE: N/A

Medium

CVE-2023-4686

The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via the ajax_enabled_posts function. This can allow authenticated…

CVSS: 4.3CWE: N/A

Critical

CVE-2023-2449

The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 5.1.1. This is due to the plugin using native password reset functionality, with insuff…

CVSS: 9.8CWE: N/A

Medium

CVE-2023-2446

The UserPro plugin for WordPress is vulnerable to sensitive information disclosure via the 'userpro' shortcode in versions up to, and including 5.1.1. This is due to insufficient restriction on sensi…

CVSS: 6.5CWE: N/A

Medium

CVE-2023-41146

Autodesk Customer Support Portal allows cases created by users under an account to see cases created by other users on the same account.

CVSS: 4.3CWE: N/A

Medium

CVE-2023-41145

Autodesk users who no longer have an active license for an account can still access cases for that account.

CVSS: 5.3CWE: N/A

2023-11-21

High

CVE-2023-22521

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8…

CVSS: 8.8CWE: N/A

High

CVE-2023-22516

This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0, and 9.3.0 of Bamboo Data Center and Server. This RCE (Remote Code Executi…

CVSS: 8.8CWE: N/A

Medium

CVE-2023-6210

When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Fi…

CVSS: 6.5CWE: N/A

High

CVE-2023-6208

When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X1…

CVSS: 8.8CWE: N/A

Critical

CVE-2023-49060

An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the `referrerpolicy` attribute. This vulnerability affects Firefox for iOS < 120.

CVSS: 9.8CWE: N/A

High

CVE-2023-45886

The BGP daemon (bgpd) in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute.

CVSS: 7.5CWE: N/A

2023-11-20

Critical

CVE-2023-48176

An Insecure Permissions issue in WebsiteGuide v.0.2 allows a remote attacker to gain escalated privileges via crafted jwt (JSON web token).

CVSS: 9.8CWE: N/A

High

CVE-2023-47172

Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elemen…

CVSS: 7.8CWE: N/A

Critical

CVE-2023-38880

The Community Edition version 9.0 of OS4ED's openSIS Classic has a broken access control vulnerability in the database backup functionality. Whenever an admin generates a database backup, the backup…

CVSS: 9.8CWE: N/A

2023-11-17

Medium

CVE-2023-38324

An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence (and directly authenticate) when it is using the default FAS key and OpenNDS is configured as FAS. A…

CVSS: 5.3CWE: N/A

Critical

CVE-2023-48659

An issue was discovered in MISP before 2.4.176. app/Controller/AppController.php mishandles parameter parsing.

CVSS: 9.8CWE: N/A

Critical

CVE-2023-48658

An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space.

CVSS: 9.8CWE: N/A

Critical

CVE-2023-48657

An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.

CVSS: 9.8CWE: N/A

Critical

CVE-2023-48656

An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.

CVSS: 9.8CWE: N/A

2023-11-16

Medium

CVE-2023-36026

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVSS: 4.3CWE: N/A

High

CVE-2023-48134

nagayama_copabowl Line 13.6.1 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor.

CVSS: 7.5CWE: N/A

High

CVE-2023-6017

H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL.

CVSS: 7.1CWE: CWE-840

High

CVE-2023-47263

Certain WithSecure products allow a Denial of Service (DoS) in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSe…

CVSS: 7.5CWE: N/A

2023-11-15

Medium

CVE-2023-4723

The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.12.7 via the ajax_eae_post_data function. This can allow unauthen…

CVSS: 5.3CWE: N/A

High

CVE-2023-48089

xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution (RCE) via /xxl-job-admin/jobcode/save.

CVSS: 8.8CWE: N/A

Critical

CVE-2023-47678

An improper access control vulnerability exists in RT-AC87U all versions. An attacker may read or write files that are not intended to be accessed by connecting to a target device via tftp.

CVSS: 9.1CWE: N/A

Medium

CVE-2023-38544

A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security…

CVSS: 5.5CWE: N/A

2023-11-14

Medium

CVE-2023-45627

An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affect…

CVSS: 4.3CWE: N/A

High

CVE-2023-45624

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the soft ap daemon accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt…

CVSS: 7.5CWE: N/A

High

CVE-2023-45623

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to int…

CVSS: 7.5CWE: N/A

High

CVE-2023-45620

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt th…

CVSS: 7.5CWE: N/A

High

CVE-2023-45619

There is an arbitrary file deletion vulnerability in the RSSI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability…

CVSS: 8.2CWE: N/A

High

CVE-2023-45618

There are arbitrary file deletion vulnerabilities in the AirWave client service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in…

CVSS: 8.2CWE: N/A

High

CVE-2023-45617

There are arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the abilit…

CVSS: 8.2CWE: N/A

Medium

CVE-2023-36558

ASP.NET Core Security Feature Bypass Vulnerability

CVSS: 6.2CWE: N/A

Medium

CVE-2023-40220

Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

CVSS: 5.3CWE: CWE-92

Medium

CVE-2023-33878

Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege v…

CVSS: 6.7CWE: CWE-249

Medium

CVE-2023-32655

Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an authenticated us…

CVSS: 6.7CWE: CWE-249

Medium

CVE-2023-32278

Path transversal in some Intel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation software before version 1.0.1.7 for Intel(R) NU…

CVSS: 6.7CWE: CWE-249

Low

CVE-2023-22313

Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access.

CVSS: 2.3CWE: CWE-92

Critical

CVE-2023-20596

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.

CVSS: 9.8CWE: N/A

Medium

CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential l…

CVSS: 6.5CWE: N/A

Medium

CVE-2023-20566

Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.

CVSS: 5.3CWE: N/A

Medium

CVE-2023-20533

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.

CVSS: 6.1CWE: N/A

Low

CVE-2023-20526

Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.

CVSS: 1.9CWE: N/A

High

CVE-2022-29510

Improper buffer restrictions in some Intel(R) Server Board M10JNP2SB BIOS firmware before version 7.219 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS: 7.5CWE: CWE-92

High

CVE-2022-29262

Improper buffer restrictions in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS: 7.9CWE: CWE-92

Medium

CVE-2022-27229

Path transversal in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of…

CVSS: 6.7CWE: CWE-249

Low

CVE-2022-23830

SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.

CVSS: 1.9CWE: N/A

Critical

CVE-2022-23821

Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.

CVSS: 9.8CWE: N/A

Medium

CVE-2021-46774

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.

CVSS: 6.7CWE: N/A

Medium

CVE-2021-46758

Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of avail…

CVSS: 6.1CWE: N/A

High

CVE-2023-36560

ASP.NET Security Feature Bypass Vulnerability

CVSS: 8.8CWE: N/A

High

CVE-2023-36427

Windows Hyper-V Elevation of Privilege Vulnerability

CVSS: 7.0CWE: N/A

Medium

CVE-2023-36413

Microsoft Office Security Feature Bypass Vulnerability

CVSS: 6.5CWE: N/A

High

CVE-2023-36037

Microsoft Excel Security Feature Bypass Vulnerability

CVSS: 7.8CWE: N/A

High

CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability

CVSS: 8.8CWE: N/A

Medium

CVE-2023-47262

The startup process and device configurations of the Abbott ID NOW device, before v7.1, can be interrupted and/or modified via physical access to an internal serial port. Direct physical access is re…

CVSS: 5.2CWE: N/A

High

CVE-2023-45558

An issue in Golden v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.

CVSS: 7.5CWE: N/A

2023-11-13

Medium

CVE-2023-38363

IBM CICS TX Advanced 10.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planti…

CVSS: 4.3CWE: N/A

2023-11-10

High

CVE-2023-36027

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVSS: 7.1CWE: N/A

2023-11-09

Medium

CVE-2023-45284

On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by supe…

CVSS: 5.3CWE: N/A

High

CVE-2023-47489

CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components.

CVSS: 7.8CWE: N/A

2023-11-08

Medium

CVE-2023-5078

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware.

CVSS: 6.7CWE: N/A

High

CVE-2023-46774

Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability.

CVSS: 7.5CWE: N/A

2023-11-07

Medium

CVE-2023-42555

Use of implicit intent for sensitive communication vulnerability in EasySetup prior to version 11.1.13 allows attackers to get the bluetooth address of user device.

CVSS: 6.3CWE: N/A

Medium

CVE-2023-42552

Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper…

CVSS: 4.4CWE: N/A

Medium

CVE-2023-42550

Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVSS: 5.5CWE: N/A

Medium

CVE-2023-42548

Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Ac…

CVSS: 5.5CWE: N/A

Medium

CVE-2023-42545

Use of implicit intent for sensitive communication vulnerability in Phone prior to versions 12.7.20.12 in Android 11, 13.1.48, 13.5.28 in Android 12, and 14.7.38 in Android 13 allows attackers to acc…

CVSS: 5.5CWE: N/A

Medium

CVE-2023-42544

Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to access local files.

CVSS: 5.5CWE: N/A

Medium

CVE-2023-42543

Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege.

CVSS: 6.2CWE: N/A

Medium

CVE-2023-42539

PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to version 6.25 allows local attackers to access data.

CVSS: 4.7CWE: N/A

Medium

CVE-2023-42533

Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in Kernel.

CVSS: 6.6CWE: N/A

Medium

CVE-2023-42530

Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction.

CVSS: 6.7CWE: N/A

Medium

CVE-2023-30739

Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.

CVSS: 6.7CWE: N/A

Medium

CVE-2023-36409

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVSS: 6.5CWE: N/A

2023-11-06

High

CVE-2023-38407

bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.

CVSS: 7.5CWE: N/A

High

CVE-2023-20702

In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution p…

CVSS: 7.5CWE: N/A