Total
9398 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45469 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2023-11-17 | N/A | 7.8 HIGH |
| Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-20715 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense | 2023-11-15 | 7.8 HIGH | 8.6 HIGH |
| A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a result of client connections that are made using remote access VPN. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition. | |||||
| CVE-2021-42257 | 1 Check Smart Project | 1 Check Smart | 2023-11-14 | 3.6 LOW | 7.1 HIGH |
| check_smart before 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path (the /dev/bus substring and a number), aka an unanchored regular expression. | |||||
| CVE-2023-42527 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 5.5 MEDIUM |
| Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information. | |||||
| CVE-2023-40062 | 1 Solarwinds | 1 Solarwinds Platform | 2023-11-09 | N/A | 8.8 HIGH |
| SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability would allow a low-privileged user to execute commands with SYSTEM privileges. | |||||
| CVE-2021-20611 | 1 Mitsubishi | 110 Melipc Mi5122-vw, Melipc Mi5122-vw Firmware, Melsec Iq-r R00 Cpu and 107 more | 2023-11-09 | 7.8 HIGH | 7.5 HIGH |
| Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU, MELSEC iQ-R Series R08/16/32/120SFCPU, MELSEC iQ-R Series R08/16/32/120PCPU, MELSEC iQ-R Series R08/16/32/120PSFCPU, MELSEC iQ-R Series R16/32/64MTCPU, MELSEC iQ-R Series R12CCPU-V, MELSEC Q Series Q03UDECPU, MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU, MELSEC Q Series Q03/04/06/13/26UDVCPU, MELSEC Q Series Q04/06/13/26UDPVCPU, MELSEC Q Series Q12DCCPU-V, MELSEC Q Series Q24DHCCPU-V(G), MELSEC Q Series Q24/26DHCCPU-LS, MELSEC Q Series MR-MQ100, MELSEC Q Series Q172/173DCPU-S1, MELSEC Q Series Q172/173DSCPU, MELSEC Q Series Q170MCPU, MELSEC Q Series Q170MSCPU(-S1), MELSEC L Series L02/06/26CPU(-P), MELSEC L Series L26CPU-(P)BT and MELIPC Series MI5122-VW allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery. | |||||
| CVE-2023-37833 | 1 Elenos | 2 Etg150, Etg150 Firmware | 2023-11-08 | N/A | 2.7 LOW |
| Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary configuration edits that are only accessed by privileged users. | |||||
| CVE-2017-17065 | 1 Dlink | 2 Dir-605l Model B, Dir-605l Model B Firmware | 2023-11-08 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for HNAP. An attacker can cause a denial of service (device crash) or possibly have unspecified other impact by sending a sufficiently long string in the password field of the HTTP Basic Authentication section of the HTTP request. | |||||
| CVE-2023-5832 | 1 Mintplexlabs | 1 Anythingllm | 2023-11-08 | N/A | 9.1 CRITICAL |
| Improper Input Validation in GitHub repository mintplex-labs/anything-llm prior to 0.1.0. | |||||
| CVE-2022-48457 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-11-08 | N/A | 5.5 MEDIUM |
| In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | |||||
| CVE-2022-48459 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-11-08 | N/A | 5.5 MEDIUM |
| In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | |||||
| CVE-2022-48458 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-11-08 | N/A | 5.5 MEDIUM |
| In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | |||||
| CVE-2023-46289 | 1 Rockwellautomation | 1 Factorytalk View | 2023-11-07 | N/A | 7.5 HIGH |
| Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send malicious data bringing the product offline. If exploited, the product would become unavailable and require a restart to recover resulting in a denial-of-service condition. | |||||
| CVE-2023-30712 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity. | |||||
| CVE-2023-30690 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-30656 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in LSOItemData prior to SMR Jul-2023 Release 1 allows attackers to launch certain activities. | |||||
| CVE-2023-30663 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write. | |||||
| CVE-2023-30664 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in RegisteredMSISDN prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-30655 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in SCEPProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-30658 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in DataProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||