Search Results (364891 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-42657 1 Progress 1 Ws Ftp Server 2024-11-21 9.9 Critical
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered.  An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path.  Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system.
CVE-2023-42656 1 Progress 1 Moveit Transfer 2024-11-21 6.1 Medium
In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a reflected cross-site scripting (XSS) vulnerability has been identified in MOVEit Transfer's web interface.  An attacker could craft a malicious payload targeting MOVEit Transfer users during the package composition procedure.  If a MOVEit user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
CVE-2023-42655 2 Google, Unisoc 5 Android, S8000, T760 and 2 more 2024-11-21 6.7 Medium
In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed
CVE-2023-42654 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42653 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In faceid service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges
CVE-2023-42652 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42651 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42650 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42649 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42648 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42647 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In Ifaa service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42646 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42645 2 Google, Unisoc 5 Android, S8000, T760 and 2 more 2024-11-21 5.5 Medium
In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42644 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42643 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42642 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42641 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42640 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42639 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42638 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-21 5.5 Medium
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed