Export limit exceeded: 363682 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 11607 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11607 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-48444 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 5.9 Medium |
| In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48443 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 5.9 Medium |
| In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48442 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 6.2 Medium |
| In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48441 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 6.2 Medium |
| In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48440 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 6.2 Medium |
| In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48390 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 7.3 High |
| In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | ||||
| CVE-2023-21670 | 1 Qualcomm | 364 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 361 more | 2025-01-07 | 7.8 High |
| Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. | ||||
| CVE-2023-1779 | 1 Mbconnectline | 2 Mbconnect24, Mymbconnect24 | 2025-01-07 | 4.3 Medium |
| Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual in versions <=2.13.3 allow an authorized remote attacker with low privileges to view a limited amount of another accounts contact information. | ||||
| CVE-2023-30948 | 1 Palantir | 1 Foundry Comments | 2025-01-07 | 6.5 Medium |
| A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's content. This defect was fixed in Foundry Comments 2.249.0, and a patch was rolled out to affected Foundry environments. No further intervention is required at this time. | ||||
| CVE-2023-22833 | 1 Palantir | 1 Foundry | 2025-01-07 | 7.6 High |
| Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandatory access controls under certain circumstances. | ||||
| CVE-2023-34958 | 1 Chamilo | 1 Chamilo Lms | 2025-01-06 | 4.3 Medium |
| Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID. | ||||
| CVE-2023-32749 | 1 Pydio | 1 Cells | 2025-01-06 | 8.8 High |
| Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all cells and non-personal workspaces is granted. | ||||
| CVE-2023-29766 | 1 Appcrossx | 1 Crossx | 2025-01-06 | 7.8 High |
| An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause an escalation of Privileges via the database files. | ||||
| CVE-2023-29761 | 1 Urbanandroid | 1 Sleep | 2025-01-06 | 5.5 Medium |
| An issue found in Sleep v.20230303 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files. | ||||
| CVE-2023-29759 | 1 Flightaware | 1 Flightaware | 2025-01-06 | 5.5 Medium |
| An issue found in FlightAware v.5.8.0 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the database files. | ||||
| CVE-2023-29758 | 1 Leap | 1 Blue Light Filter | 2025-01-06 | 5.5 Medium |
| An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files. | ||||
| CVE-2023-27716 | 1 Kafkaui-lite Project | 1 Kafkaui-lite | 2025-01-06 | 9.8 Critical |
| An issue was discovered in freakchicken kafkaUI-lite 1.2.11 allows attackers on the same network to gain escalated privileges for the nodes running on it. | ||||
| CVE-2023-32220 | 1 Milesight | 2 Ncr\/camera, Ncr\/camera Firmware | 2025-01-06 | 8.2 High |
| Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. | ||||
| CVE-2023-32219 | 1 Mazda | 2 Mazda, Mazda Firmware | 2025-01-06 | 6.5 Medium |
| A Mazda model (2015-2016) can be unlocked via an unspecified method. | ||||
| CVE-2023-21245 | 1 Google | 1 Android | 2025-01-06 | 7.8 High |
| In showNextSecurityScreenOrFinish of KeyguardSecurityContainerController.java, there is a possible way to access the lock screen during device setup due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||