Lista CVE - 2023 / Dicembre
Visualizzazione 201 - 300 di 2673 CVE per Dicembre 2023 (Pagina 3 di 27)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2023-32846 | 2023-12-04 | In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional... |
| CVE-2023-32859 | 2023-12-04 | In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2023-32860 | 2023-12-04 | In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2023-32861 | 2023-12-04 | In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-32862 | 2023-12-04 | In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2023-32863 | 2023-12-04 | In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-32864 | 2023-12-04 | In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-32865 | 2023-12-04 | In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-32866 | 2023-12-04 | In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2023-32867 | 2023-12-04 | In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-32868 | 2023-12-04 | In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-32869 | 2023-12-04 | In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-32870 | 2023-12-04 | In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-49093 | 2023-12-04 | HtmlUnit vulnerable to Remote Code Execution (RCE) via XSTL |
| CVE-2023-49108 | 2023-12-04 | Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a... |
| CVE-2023-49287 | 2023-12-04 | Buffer overflow vulnerabilities in tinydir |
| CVE-2023-5332 | 2023-12-04 | Dependency on Vulnerable Third-Party Component in GitLab |
| CVE-2023-44291 | 2023-12-04 | Dell DM5500 5.14.0.0 contains an OS command injection vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability, leading to the execution of arbitrary OS... |
| CVE-2023-44304 | 2023-12-04 | Dell DM5500 contains a privilege escalation vulnerability in the appliance. A remote attacker with low privileges could potentially exploit this vulnerability to escape the restricted shell and gain root access... |
| CVE-2023-44305 | 2023-12-04 | Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on... |
| CVE-2023-44306 | 2023-12-04 | Dell DM5500 contains a path traversal vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability to overwrite configuration files stored on the server filesystem. |
| CVE-2023-6481 | 2023-12-04 | Logback "receiver" DOS vulnerability CVE-2023-6378 incomplete fix |
| CVE-2023-44300 | 2023-12-04 | Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure of certain service credentials.... |
| CVE-2023-44301 | 2023-12-04 | Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site Scripting Vulnerability. A network attacker with low privileges could potentially exploit this vulnerability, leading to the execution of malicious HTML or... |
| CVE-2023-44302 | 2023-12-04 | Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access of resources or functionality that could possibly lead... |
| CVE-2023-32804 | 2023-12-04 | Mali GPU Userspace Driver can make an Out-of-Bounds access |
| CVE-2023-6460 | 2023-12-04 | Information leak in nodejs-firestore |
| CVE-2023-5767 | 2023-12-04 | A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to an RDT language... |
| CVE-2023-5768 | 2023-12-04 | A vulnerability exists in the HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Incomplete or wrong received APDU frame layout may cause blocking on link layer.... |
| CVE-2023-47124 | 2023-12-04 | Denial of service whith ACME HTTPChallenge in Traefik |
| CVE-2023-47106 | 2023-12-04 | Incorrect processing of fragment in the URL leads to Authorization Bypass in Traefik |
| CVE-2023-47633 | 2023-12-04 | Uncontrolled Resource Consumption in Traefik |
| CVE-2023-49080 | 2023-12-04 | Jupyter Server errors include tracebacks with path information |
| CVE-2023-5979 | 2023-12-04 | eCommerce Product Catalog Plugin for WordPress < 3.3.26 - Products Deletion via CSRF |
| CVE-2023-5105 | 2023-12-04 | Frontend File Manager < 22.6 - Editor+ Arbitrary File Download |
| CVE-2023-5952 | 2023-12-04 | Welcart e-Commerce < 2.9.5 - Unauthenticated PHP Object Injection |
| CVE-2023-5953 | 2023-12-04 | Welcart e-Commerce < 2.9.5 - Subscriber+ Arbitrary File Upload |
| CVE-2023-5874 | 2023-12-04 | Popup box < 3.8.6 - Admin+ Stored XSS in Popup Settings |
| CVE-2023-5762 | 2023-12-04 | Filr – Secure document library < 1.2.3.6 - Author+ RCE via file upload with phar ext |
| CVE-2023-5137 | 2023-12-04 | Simply Excerpts <= 1.4 - Admin+ Stored XSS |
| CVE-2023-5951 | 2023-12-04 | Welcart e-Commerce < 2.9.5 - Reflected XSS |
| CVE-2023-4460 | 2023-12-04 | Uploading SVG, WEBP and ICO files <= 1.2.1 - Author+ Stored XSS via SVG |
| CVE-2023-5210 | 2023-12-04 | AMP+ Plus <= 3.0 - Reflected Cross Site Scripting |
| CVE-2023-5990 | 2023-12-04 | Funnelforms Free < 3.4.2 - Form Deletion/Duplication via CSRF |
| CVE-2023-5108 | 2023-12-04 | Easy Newsletter Signups <= 1.0.4 - Admin+ SQLi |
| CVE-2023-5884 | 2023-12-04 | Word Balloon < 4.20.3 - Avatar Removal via CSRF |
| CVE-2023-6063 | 2023-12-04 | WP Fastest Cache < 1.2.2 - Unauthenticated SQL Injection |
| CVE-2023-5141 | 2023-12-04 | BSK Contact Form 7 Blacklist <= 1.0.1 - Reflected Cross-Site Scripting |
| CVE-2023-5809 | 2023-12-04 | Popup box < 3.8.6 - Admin+ Stored XSS in Categories |
| CVE-2023-49280 | 2023-12-04 | Data leak of password hash through xwiki change request |
| CVE-2023-21162 | 2023-12-04 | In RGXUnbackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no... |
| CVE-2023-21163 | 2023-12-04 | In PMR_ReadBytes of pmr.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no... |
| CVE-2023-21164 | 2023-12-04 | In DevmemIntMapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no... |
| CVE-2023-21166 | 2023-12-04 | In RGXBackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no... |
| CVE-2023-21215 | 2023-12-04 | In DevmemIntAcquireRemoteCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional... |
| CVE-2023-21216 | 2023-12-04 | In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no... |
| CVE-2023-21217 | 2023-12-04 | In PMRWritePMPageList of TBD, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2023-21218 | 2023-12-04 | In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with... |
| CVE-2023-21227 | 2023-12-04 | In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure. This could lead to local information disclosure in the kernel with no additional execution privileges... |
| CVE-2023-21228 | 2023-12-04 | In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with... |
| CVE-2023-21263 | 2023-12-04 | In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no... |
| CVE-2023-21401 | 2023-12-04 | In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no... |
| CVE-2023-21402 | 2023-12-04 | In MMU_UnmapPages of mmu_common.c, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege in the kernel with no... |
| CVE-2023-21403 | 2023-12-04 | In RGXDestroyZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional... |
| CVE-2023-35668 | 2023-12-04 | In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional... |
| CVE-2023-35690 | 2023-12-04 | In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional... |
| CVE-2023-40073 | 2023-12-04 | In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction... |
| CVE-2023-40074 | 2023-12-04 | In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. |
| CVE-2023-40075 | 2023-12-04 | In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check. This could lead to local denial of service which results in... |
| CVE-2023-40076 | 2023-12-04 | In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials from other users due to a permissions bypass. This could lead to local escalation of privilege with no... |
| CVE-2023-40077 | 2023-12-04 | In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed.... |
| CVE-2023-40078 | 2023-12-04 | In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional... |
| CVE-2023-40079 | 2023-12-04 | In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2023-40080 | 2023-12-04 | In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with... |
| CVE-2023-40081 | 2023-12-04 | In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution... |
| CVE-2023-40082 | 2023-12-04 | In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution... |
| CVE-2023-40083 | 2023-12-04 | In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed.... |
| CVE-2023-40084 | 2023-12-04 | In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2023-40087 | 2023-12-04 | In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to paired device escalation of privilege with no additional... |
| CVE-2023-40088 | 2023-12-04 | In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible memory corruption due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed.... |
| CVE-2023-40089 | 2023-12-04 | In getCredentialManagerPolicy of DevicePolicyManagerService.java, there is a possible method for users to select credential managers without permission due to a missing permission check. This could lead to local escalation of... |
| CVE-2023-40090 | 2023-12-04 | In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional... |
| CVE-2023-40091 | 2023-12-04 | In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2023-40092 | 2023-12-04 | In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's image due to a confused deputy. This could lead to local information disclosure with no additional execution... |
| CVE-2023-40094 | 2023-12-04 | In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2023-40095 | 2023-12-04 | In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2023-40096 | 2023-12-04 | In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio from the background due to a missing flag. This could lead to local escalation of privilege with User... |
| CVE-2023-40097 | 2023-12-04 | In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User... |
| CVE-2023-40098 | 2023-12-04 | In mOnDone of NotificationConversationInfo.java, there is a possible way to access app notification data of another user due to a logic error in the code. This could lead to local... |
| CVE-2023-40103 | 2023-12-04 | In multiple locations, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2023-45773 | 2023-12-04 | In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution... |
| CVE-2023-45774 | 2023-12-04 | In fixUpIncomingShortcutInfo of ShortcutService.java, there is a possible way to view another user's image due to a confused deputy. This could lead to local escalation of privilege with no additional... |
| CVE-2023-45775 | 2023-12-04 | In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2023-45776 | 2023-12-04 | In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2023-45777 | 2023-12-04 | In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to launch arbitrary activities using system privileges due to Parcel Mismatch. This could lead to local escalation of privilege with no... |
| CVE-2023-45779 | 2023-12-04 | In the APEX module framework of AOSP, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with... |
| CVE-2023-45781 | 2023-12-04 | In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed.... |
| CVE-2023-40459 | 2023-12-04 | Improper input leads to DoS |
| CVE-2023-49288 | 2023-12-04 | Denial of Service in HTTP Collapsed Forwarding in Squid |
| CVE-2023-40460 | 2023-12-04 | Improper input leads to DoS |