Export limit exceeded: 10695 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10695 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-43961 | 1 Dromara | 1 Sa-token | 2024-11-21 | 8.8 High |
| An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | ||||
| CVE-2023-43885 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2024-11-21 | 8.1 High |
| Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device. | ||||
| CVE-2023-43700 | 1 Sick | 3 Apu0200, Apu0200 Firmware, Rdt400 | 2024-11-21 | 7.7 High |
| Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication. | ||||
| CVE-2023-43508 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-11-21 | 6.3 Medium |
| Vulnerabilities in the web-based management interface of ClearPass Policy Manager allow an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of these vulnerabilities allow an attacker to complete state-changing actions in the web-based management interface that should not be allowed by their current level of authorization on the platform. | ||||
| CVE-2023-43501 | 1 Jenkins | 1 Build Failure Analyzer | 2024-11-21 | 6.5 Medium |
| A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password. | ||||
| CVE-2023-43488 | 1 Boschrexroth | 6 Ctrlx Hmi Web Panel Wr2107, Ctrlx Hmi Web Panel Wr2107 Firmware, Ctrlx Hmi Web Panel Wr2110 and 3 more | 2024-11-21 | 7.9 High |
| The vulnerability allows a low privileged (untrusted) application to modify a critical system property that should be denied, in order to enable the ADB (Android Debug Bridge) protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without requiring the physical access through USB. | ||||
| CVE-2023-43194 | 1 Rcos | 1 Submitty | 2024-11-21 | 5.3 Medium |
| Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter. | ||||
| CVE-2023-43135 | 1 Tp-link | 3 Er5120g, Tl-er5120g, Tl-er5120g Firmware | 2024-11-21 | 9.8 Critical |
| There is an unauthorized access vulnerability in TP-LINK ER5120G 4.0 2.0.0 Build 210817 Rel.80868n, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management. | ||||
| CVE-2023-43134 | 1 Netis-systems | 3 360r, 360r Firmware, 360rac1200 | 2024-11-21 | 9.8 Critical |
| There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management. | ||||
| CVE-2023-43119 | 1 Extremenetworks | 1 Exos | 2024-11-21 | 9.8 Critical |
| An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server. | ||||
| CVE-2023-43090 | 2 Fedoraproject, Gnome | 2 Fedora, Gnome-shell | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool. | ||||
| CVE-2023-42749 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In enginnermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42748 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 7.8 High |
| In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | ||||
| CVE-2023-42746 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 7.8 High |
| In power manager, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | ||||
| CVE-2023-42745 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 7.8 High |
| In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | ||||
| CVE-2023-42743 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 7.8 High |
| In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | ||||
| CVE-2023-42741 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed | ||||
| CVE-2023-42740 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 7.8 High |
| In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | ||||
| CVE-2023-42739 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 7.8 High |
| In engineermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | ||||
| CVE-2023-42738 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 7.8 High |
| In telocom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | ||||