Total
29019 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-4583 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2024-09-19 | 7.5 High |
When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. | ||||
CVE-2023-43284 | 1 Dlink | 2 Dir-846, Dir-846 Firmware | 2024-09-19 | 8.8 High |
D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter. | ||||
CVE-2023-0506 | 1 Bydemes | 1 Airspace Cctv Web Service | 2024-09-19 | 8.8 High |
The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access. | ||||
CVE-2023-36537 | 1 Zoom | 1 Rooms | 2024-09-19 | 7.3 High |
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. | ||||
CVE-2023-34121 | 2 Microsoft, Zoom | 4 Windows, Rooms, Virtual Desktop Infrastructure and 1 more | 2024-09-19 | 4.1 Medium |
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access. | ||||
CVE-2023-34120 | 2 Microsoft, Zoom | 2 Windows, Virtual Desktop Infrastructure | 2024-09-19 | 8.7 High |
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Users may potentially utilize higher level system privileges maintained by the Zoom client to spawn processes with escalated privileges. | ||||
CVE-2023-34118 | 1 Zoom | 1 Rooms | 2024-09-19 | 7.3 High |
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. | ||||
CVE-2023-34116 | 1 Zoom | 1 Zoom | 2024-09-19 | 8.2 High |
Improper input validation in the Zoom Desktop Client for Windows before version 5.15.0 may allow an unauthorized user to enable an escalation of privilege via network access. | ||||
CVE-2023-4577 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2024-09-19 | 6.5 Medium |
When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. | ||||
CVE-2023-4885 | 1 Open5gs | 1 Open5gs | 2024-09-19 | 6.5 Medium |
Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information. | ||||
CVE-2023-42508 | 1 Jfrog | 1 Artifactory | 2024-09-19 | 6.5 Medium |
JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body. | ||||
CVE-2023-30692 | 1 Samsung | 1 Android | 2024-09-19 | 8.5 High |
Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities. | ||||
CVE-2023-30727 | 1 Samsung | 1 Android | 2024-09-19 | 6.7 Medium |
Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction. | ||||
CVE-2023-30731 | 1 Samsung | 1 Android | 2024-09-19 | 5.7 Medium |
Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type. | ||||
CVE-2023-30732 | 1 Samsung | 1 Android | 2024-09-19 | 5.5 Medium |
Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number. | ||||
CVE-2023-30736 | 1 Samsung | 1 Samsung Assistant | 2024-09-19 | 4.4 Medium |
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required. | ||||
CVE-2022-22447 | 1 Ibm | 1 Disconnected Log Collector | 2024-09-19 | 4 Medium |
IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security misconfigurations that could disclose unintended information. IBM X-Force ID: 224648. | ||||
CVE-2023-37404 | 1 Ibm | 1 Observability With Instana | 2024-09-19 | 6.4 Medium |
IBM Observability with Instana 1.0.243 through 1.0.254 could allow an attacker on the network to execute arbitrary code on the host after a successful DNS poisoning attack. IBM X-Force ID: 259789. | ||||
CVE-2023-30738 | 1 Samsung | 8 Galaxy Book, Galaxy Book Firmware, Galaxy Book Odyssey and 5 more | 2024-09-19 | 5.5 Medium |
An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption. | ||||
CVE-2023-26238 | 1 Watchguard | 8 Edr, Edr Firmware, Epdr and 5 more | 2024-09-19 | 5.5 Medium |
An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe. |