Total
3289 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28216 | 2024-09-06 | 5.4 Medium | ||
| nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of access control, which could be the cause of information disclosure and limited Server-Side Request Forgery. | ||||
| CVE-2024-28215 | 2024-09-06 | 7.5 High | ||
| nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of access control, which could be the cause of information disclosure and limited Server-Side Request Forgery. | ||||
| CVE-2023-4198 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-09-05 | 6.5 Medium |
| Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows an unauthorized authenticated user to read a database table containing customer data | ||||
| CVE-2023-42631 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42641 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42642 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42643 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42644 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42646 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42648 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42650 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-5331 | 1 Mattermost | 1 Mattermost Server | 2024-09-05 | 4.3 Medium |
| Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing unauthorized file information. | ||||
| CVE-2023-42651 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42652 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42654 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-05 | 5.5 Medium |
| In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-5862 | 1 Hamza417 | 1 Inure | 2024-09-05 | 3.3 Low |
| Missing Authorization in GitHub repository hamza417/inure prior to Build95. | ||||
| CVE-2024-8289 | 1 Multivendorx | 1 Multivendorx | 2024-09-05 | 9.8 Critical |
| The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to privilege escalation/de-escalation and account takeover due to an insufficient capability check on the update_item_permissions_check and create_item_permissions_check functions in all versions up to, and including, 4.2.0. This makes it possible for unauthenticated attackers to change the password of any user with the vendor role, create new users with the vendor role, and demote other users like administrators to the vendor role. | ||||
| CVE-2023-42655 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-09-05 | 6.7 Medium |
| In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed | ||||
| CVE-2024-41108 | 1 Fogproject | 1 Fogproject | 2024-09-05 | 7.5 High |
| FOG is a free open-source cloning/imaging/rescue suite/inventory management system. The hostinfo page has missing/improper access control since only the host's mac address is required to obtain the configuration information. This data can only be retrieved if a task is pending on that host. Otherwise, an error message containing "Invalid tasking!" will be returned. The domainpassword in the hostinfo dump is hidden even to authenticated users, as it is displayed as a row of asterisks when navigating to the host's Active Directory settings. This vulnerability is fixed in 1.5.10.41. | ||||
| CVE-2023-36621 | 1 Nationaledtech | 1 Boomerang | 2024-09-05 | 9.1 Critical |
| An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing. | ||||