Total
3285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40648 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-09-19 | 5.5 Medium |
| In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-40649 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-09-19 | 5.5 Medium |
| In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-45242 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2024-09-19 | 5.5 Medium |
| Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | ||||
| CVE-2023-45243 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2024-09-19 | 5.5 Medium |
| Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | ||||
| CVE-2023-21291 | 1 Google | 1 Android | 2024-09-19 | 5.5 Medium |
| In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-44210 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2024-09-19 | 5.5 Medium |
| Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 29258. | ||||
| CVE-2023-40634 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-19 | 7.8 High |
| In phasechecksercer, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | ||||
| CVE-2023-40635 | 2 Google, Unisoc | 11 Android, S8000, Sc9863a and 8 more | 2024-09-19 | 7.8 High |
| In linkturbo, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | ||||
| CVE-2023-40636 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-09-19 | 4.4 Medium |
| In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with System execution privileges needed | ||||
| CVE-2023-40637 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-19 | 5.5 Medium |
| In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-40638 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-09-19 | 4.4 Medium |
| In Telecom service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-40639 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-19 | 5.5 Medium |
| In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-40640 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-19 | 5.5 Medium |
| In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-40641 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-09-19 | 5.5 Medium |
| In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-40642 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-09-19 | 5.5 Medium |
| In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-40376 | 1 Ibm | 1 Urbancode Deploy | 2024-09-19 | 5.3 Medium |
| IBM UrbanCode Deploy (UCD) 7.1 - 7.1.2.12, 7.2 through 7.2.3.5, and 7.3 through 7.3.2.0 under certain configurations could allow an authenticated user to make changes to environment variables due to improper authentication controls. IBM X-Force ID: 263581. | ||||
| CVE-2023-45247 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2024-09-19 | 7.1 High |
| Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36497. | ||||
| CVE-2023-43700 | 1 Sick | 3 Apu0200, Apu0200 Firmware, Rdt400 | 2024-09-19 | 7.7 High |
| Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication. | ||||
| CVE-2024-1804 | 1 Themeum | 1 Tutor Lms - Migration Tool | 2024-09-19 | 4.3 Medium |
| The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tutor_import_from_xml function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to import courses. | ||||
| CVE-2024-1798 | 1 Themeum | 1 Tutor Lms - Migration Tool | 2024-09-19 | 5.3 Medium |
| The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the tutor_lp_export_xml function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to export courses, including private and password protected courses. | ||||