Search Results (367003 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-30779 1 Daggerheart 1 Query Wrangler 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jonathan Daggerhart Query Wrangler plugin <= 1.5.51 versions.
CVE-2023-30778 1 Blubrry 1 Powerpress 2024-11-21 5.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry plugin <= 10.0.1 versions.
CVE-2023-30776 1 Apache 1 Superset 2024-11-21 4.9 Medium
An authenticated user with specific data permissions could access database connections stored passwords by requesting a specific REST API. This issue affects Apache Superset version 1.3.0 up to 2.0.1.
CVE-2023-30760 1 Intel 2 Realsense 450 Fa, Realsense 450 Fa Firmware 2024-11-21 3.3 Low
Out-of-bounds read in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2023-30753 1 Ip Metaboxes Project 1 Ip Metaboxes 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Phan Chuong IP Metaboxes plugin <= 2.1.1.
CVE-2023-30752 1 Gingertech 1 External Videos 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin <= 2.0.1 versions.
CVE-2023-30751 1 Icontrolwp 1 Article Directory Redux 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <= 1.0.2 versions.
CVE-2023-30749 1 Ihomefinder 1 Optima Express \+ Marketboost Idx 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihomefinder Optima Express + MarketBoost IDX Plugin plugin <= 7.3.0 versions.
CVE-2023-30747 1 Wpgem 1 Woocommerce Easy Duplicate Product 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPGem WooCommerce Easy Duplicate Product plugin <= 0.3.0.0 versions.
CVE-2023-30745 1 Ip Metaboxes Project 1 Ip Metaboxes 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Phan Chuong IP Metaboxes plugin <= 2.1.1 versions.
CVE-2023-30739 1 Samsung 1 Android 2024-11-21 6.7 Medium
Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
CVE-2023-30738 1 Samsung 8 Galaxy Book, Galaxy Book Firmware, Galaxy Book Odyssey and 5 more 2024-11-21 5.5 Medium
An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption.
CVE-2023-30737 1 Samsung 1 Health 2024-11-21 4 Medium
Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent.
CVE-2023-30736 1 Samsung 1 Samsung Assistant 2024-11-21 4.4 Medium
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required.
CVE-2023-30735 1 Samsung 1 Sassistant 2024-11-21 5.1 Medium
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant.
CVE-2023-30734 1 Samsung 1 Health 2024-11-21 4 Medium
Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent.
CVE-2023-30733 1 Samsung 1 Android 2024-11-21 7.8 High
Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows local privileged attackers to perform code execution.
CVE-2023-30732 1 Samsung 1 Android 2024-11-21 5.5 Medium
Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number.
CVE-2023-30731 1 Samsung 1 Android 2024-11-21 5.7 Medium
Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type.
CVE-2023-30730 2 Google, Samsung 2 Android, Camera 2024-11-21 3.3 Low
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file.