Total
688 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24476 | 1 Ptc | 1 Vuforia Studio | 2024-08-02 | 1.8 Low |
| An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid. | ||||
| CVE-2023-23696 | 1 Dell | 1 Command \| Intel Vpro Out Of Band | 2024-08-02 | 7 High |
| Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization vulnerability. A locally authenticated malicious users could potentially exploit this vulnerability in order to write arbitrary files to the system. | ||||
| CVE-2023-22480 | 1 Fit2cloud | 1 Kubeoperator | 2024-08-02 | 7.3 High |
| KubeOperator is an open source Kubernetes distribution focused on helping enterprises plan, deploy and operate production-level K8s clusters. In KubeOperator versions 3.16.3 and below, API interfaces with unauthorized entities and can leak sensitive information. This vulnerability could be used to take over the cluster under certain conditions. This issue has been patched in version 3.16.4. | ||||
| CVE-2023-22348 | 2 Checkmk, Tribe29 | 2 Checkmk, Checkmk | 2024-08-02 | 4.3 Medium |
| Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs. | ||||
| CVE-2023-21549 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2024-08-02 | 8.8 High |
| Windows SMB Witness Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-21505 | 1 Samsung | 1 Samsung Core Services | 2024-08-02 | 4 Medium |
| Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox. | ||||
| CVE-2023-21432 | 1 Samsung | 1 Smart Things | 2024-08-02 | 4.2 Medium |
| Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner. | ||||
| CVE-2023-21454 | 1 Samsung | 1 Android | 2024-08-02 | 2.4 Low |
| Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen. | ||||
| CVE-2023-21452 | 1 Samsung | 1 Android | 2024-08-02 | 3.3 Low |
| Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device. | ||||
| CVE-2023-21461 | 1 Samsung | 1 Android | 2024-08-02 | 4 Medium |
| Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity. | ||||
| CVE-2023-21436 | 1 Samsung | 1 Android | 2024-08-02 | 3.3 Low |
| Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. | ||||
| CVE-2023-21423 | 1 Samsung | 1 Android | 2024-08-02 | 5.1 Medium |
| Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action. | ||||
| CVE-2023-21440 | 1 Samsung | 1 Android | 2024-08-02 | 6.2 Medium |
| Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture. | ||||
| CVE-2023-21429 | 1 Samsung | 1 Android | 2024-08-02 | 4 Medium |
| Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID. | ||||
| CVE-2023-21422 | 1 Samsung | 1 Android | 2024-08-02 | 5.7 Medium |
| Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService. | ||||
| CVE-2023-21433 | 1 Samsung | 1 Galaxy Store | 2024-08-02 | 7.8 High |
| Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. | ||||
| CVE-2023-21424 | 1 Samsung | 1 Android | 2024-08-02 | 5.1 Medium |
| Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand. | ||||
| CVE-2023-6538 | 1 Hitachi | 2 System Management Unit, System Management Unit Firmware | 2024-08-02 | 7.6 High |
| SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles. | ||||
| CVE-2023-3805 | 1 Four-faith | 1 Video Surveillance Management System | 2024-08-02 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video Surveillance Management System up to 20230712. This issue affects some unknown processing in the library UserInfoAction.class of the component Login. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235073 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-2950 | 1 Open-emr | 1 Openemr | 2024-08-02 | 8.1 High |
| Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1. | ||||