Search Results (37210 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-47492 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 5.5 Medium
In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
CVE-2022-47490 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 5.5 Medium
In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
CVE-2024-3620 1 Mayurik 1 Advocate Office Management System 2025-01-28 4.7 Medium
A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /control/adds.php. The manipulation of the argument name/gender/dob/email/mobile/address leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260276.
CVE-2024-3619 1 Mayurik 1 Advocate Office Management System 2025-01-28 4.7 Medium
A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /control/addcase_stage.php. The manipulation of the argument cname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260275.
CVE-2024-3618 1 Mayurik 1 Advocate Office Management System 2025-01-28 4.7 Medium
A vulnerability, which was classified as critical, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file /control/activate_case.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-260274 is the identifier assigned to this vulnerability.
CVE-2024-3617 1 Mayurik 1 Advocate Office Management System 2025-01-28 4.7 Medium
A vulnerability, which was classified as critical, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This issue affects some unknown processing of the file /control/deactivate_case.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260273 was assigned to this vulnerability.
CVE-2022-48245 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 7.8 High
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2022-48244 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 7.8 High
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2022-48243 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 7.8 High
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2022-48368 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 7.8 High
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2022-48250 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 7.8 High
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2022-48249 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 7.8 High
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2022-48248 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 7.8 High
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2022-48247 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 7.8 High
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2022-48246 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 7.8 High
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2023-1979 1 Google 1 Web Stories 2025-01-28 4.9 Medium
The Web Stories for WordPress plugin supports the WordPress built-in functionality of protecting content with a password. The content is then only accessible to website visitors after entering the password. In WordPress, users with the "Author" role can create stories, but don't have the ability to edit password protected stories. The vulnerability allowed users with said role to bypass this permission check when trying to duplicate the protected story in the plugin's own dashboard, giving them access to the seemingly protected content. We recommend upgrading to version 1.32 or beyond commit  ad49781c2a35c5c92ef704d4b621ab4e5cb77d68 https://github.com/GoogleForCreators/web-stories-wp/commit/ad49781c2a35c5c92ef704d4b621ab4e5cb77d68
CVE-2023-2590 1 Answer 1 Answer 2025-01-28 3.5 Low
Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9.
CVE-2022-48371 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 5.5 Medium
In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.
CVE-2022-48370 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 5.5 Medium
In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.
CVE-2022-48369 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 7.8 High
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.