Search Results (363690 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-40082 1 Google 1 Android 2024-12-02 9.8 Critical
In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-40095 1 Google 1 Android 2024-12-02 7.8 High
In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-45774 1 Google 1 Android 2024-12-02 7.8 High
In fixUpIncomingShortcutInfo of ShortcutService.java, there is a possible way to view another user's image due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-42558 1 Samsung 1 Android 2024-12-02 6 Medium
Out of bounds write vulnerability in HDCP in HAL prior to SMR Dec-2023 Release 1 allows attacker to perform code execution.
CVE-2023-36368 1 Monetdb 1 Monetdb 2024-12-02 7.5 High
An issue in the cs_bind_ubat component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-36367 1 Monetdb 1 Monetdb 2024-12-02 7.5 High
An issue in the BLOBcmp component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-36366 1 Monetdb 1 Monetdb 2024-12-02 7.5 High
An issue in the log_create_delta component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause Denial of Service (DoS) via crafted SQL statements.
CVE-2023-36365 1 Monetdb 1 Monetdb 2024-12-02 7.5 High
An issue in the sql_trans_copy_key component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-36364 1 Monetdb 1 Monetdb 2024-12-02 7.5 High
An issue in the rel_deps component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-36363 1 Monetdb 1 Monetdb 2024-12-02 7.5 High
An issue in the __nss_database_lookup component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-36362 1 Monetdb 1 Monetdb 2024-12-02 7.5 High
An issue in the rel_sequences component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-42564 1 Samsung 1 Android 2024-12-02 6.6 Medium
Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to send broadcast with system privilege.
CVE-2023-42571 1 Samsung 1 Find My Mobile 2024-12-02 7.6 High
Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.
CVE-2023-33083 1 Qualcomm 230 Ar8035, Ar8035 Firmware, Ar9380 and 227 more 2024-12-02 9.8 Critical
Memory corruption in WLAN Host while processing RRM beacon on the AP.
CVE-2023-45084 1 Softiron 1 Hypercloud 2024-12-02 7 High
An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue only impacts SoftIron HyperCloud "density" storage nodes running HyperCloud software versions 1.0 to before 2.0.3.
CVE-2023-48399 1 Google 1 Android 2024-12-02 5.5 Medium
In ProtocolMiscATCommandAdapter::Init() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.
CVE-2023-48412 1 Google 1 Android 2024-12-02 5.5 Medium
In private_handle_t of mali_gralloc_buffer.h, there is a possible information leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-45847 1 Mattermost 1 Mattermost Server 2024-12-02 4.3 Medium
Mattermost fails to to check the length when setting the title in a run checklist in Playbooks, allowing an attacker to send a specially crafted request and crash the Playbooks plugin
CVE-2023-41268 1 Samsung 1 Escargot 2024-12-02 5.3 Medium
Improper input validation vulnerability in Samsung Open Source Escargot allows stack overflow and segmentation fault. This issue affects Escargot: from 3.0.0 through 4.0.0.
CVE-2023-49239 1 Huawei 2 Emui, Harmonyos 2024-12-02 7.5 High
Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.