Search Results (363086 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-49004 1 Dlink 2 Dir-850l, Dir-850l Firmware 2024-11-21 9.8 Critical
An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter.
CVE-2023-49003 1 Simplemobiletools 1 Simple Dialer 2024-11-21 5.3 Medium
An issue in simplemobiletools Simple Dialer 5.18.1 allows an attacker to bypass intended access restrictions via interaction with com.simplemobiletools.dialer.activities.DialerActivity.
CVE-2023-49002 1 Xenomtechnologies 1 Phone Dialer-voice Call Dialer 2024-11-21 7.5 High
An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity.
CVE-2023-49001 1 Indibrowser 1 Indi Browser 2024-11-21 9.8 Critical
An issue in Indi Browser (aka kvbrowser) v.12.11.23 allows an attacker to bypass intended access restrictions via interaction with the com.example.gurry.kvbrowswer.webview component.
CVE-2023-49000 1 Artistscope 1 Artisbrowser 2024-11-21 9.8 Critical
An issue in ArtistScope ArtisBrowser v.34.1.5 and before allows an attacker to bypass intended access restrictions via interaction with the com.artis.browser.IntentReceiverActivity component. NOTE: this is disputed by the vendor, who indicates that ArtisBrowser 34 does not support CSS3.
CVE-2023-48987 1 Cusg 1 Content Management System 2024-11-21 7.5 High
Blind SQL Injection vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component.
CVE-2023-48967 1 Noear 1 Solon 2024-11-21 9.8 Critical
Ssolon <= 2.6.0 and <=2.5.12 is vulnerable to Deserialization of Untrusted Data.
CVE-2023-48966 1 Thinkadmin 1 Thinkadmin 2024-11-21 8.8 High
An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file.
CVE-2023-48964 1 Tenda 2 I6, I6 Firmware 2024-11-21 7.5 High
Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/WifiMacFilterSet.
CVE-2023-48963 1 Tenda 2 I6, I6 Firmware 2024-11-21 7.5 High
Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/wifiSSIDget.
CVE-2023-48958 1 Gpac 1 Gpac 2024-11-21 5.5 Medium
gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589.
CVE-2023-48952 1 Openlinksw 1 Virtuoso 2024-11-21 7.5 High
An issue in the box_deserialize_reusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48950 1 Openlinksw 1 Virtuoso 2024-11-21 7.5 High
An issue in the box_col_len function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48949 1 Openlinksw 1 Virtuoso 2024-11-21 7.5 High
An issue in the box_add function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48948 1 Openlinksw 1 Virtuoso 2024-11-21 7.5 High
An issue in the box_div function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48947 1 Openlinksw 1 Virtuoso 2024-11-21 7.5 High
An issue in the cha_cmp function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48946 1 Openlinksw 1 Virtuoso 2024-11-21 7.5 High
An issue in the box_mpy function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48945 1 Openlinksw 1 Virtuoso 2024-11-21 7.5 High
A stack overflow in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-48940 1 Daicuo 1 Daicuo 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in /admin.php of DaiCuo v2.5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVE-2023-48929 1 Franklin-electric 1 System Sentinel Anyware 2024-11-21 9.8 Critical
Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information.