Total
640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21317 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In ContentService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21316 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21306 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In ContentService, there is a possible way to read installed sync content providers due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21305 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21304 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Content Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21303 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Content, here is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21302 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21301 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In ActivityManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21300 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21299 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21298 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In Slice, there is a possible disclosure of installed applications due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21296 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Permission, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2023-21293 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In PackageManagerNative, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-20583 | 1 Amd | 1 * | 2024-11-21 | N/A | 4.7 MEDIUM |
| A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. | |||||
| CVE-2023-20569 | 4 Amd, Debian, Fedoraproject and 1 more | 296 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 293 more | 2024-11-21 | N/A | 4.7 MEDIUM |
| A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure. | |||||
| CVE-2023-1540 | 1 Answer | 1 Answer | 2024-11-21 | N/A | 5.3 MEDIUM |
| Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-1538 | 1 Answer | 1 Answer | 2024-11-21 | N/A | 5.3 MEDIUM |
| Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-0440 | 1 Healthchecks | 1 Healthchecks | 2024-11-21 | N/A | 5.3 MEDIUM |
| Observable Discrepancy in GitHub repository healthchecks/healthchecks prior to v2.6. | |||||
| CVE-2022-4823 | 1 Instedd | 1 Nuntium | 2024-11-21 | N/A | 3.1 LOW |
| A vulnerability, which was classified as problematic, was found in InSTEDD Nuntium. Affected is an unknown function of the file app/controllers/geopoll_controller.rb. The manipulation of the argument signature leads to observable timing discrepancy. It is possible to launch the attack remotely. The name of the patch is 77236f7fd71a0e2eefeea07f9866b069d612cf0d. It is recommended to apply a patch to fix this issue. VDB-217002 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-4087 | 1 Ipxe | 1 Ipxe | 2024-11-21 | N/A | 2.6 LOW |
| A vulnerability was found in iPXE. It has been declared as problematic. This vulnerability affects the function tls_new_ciphertext of the file src/net/tls.c of the component TLS. The manipulation of the argument pad_len leads to information exposure through discrepancy. The name of the patch is 186306d6199096b7a7c4b4574d4be8cdb8426729. It is recommended to apply a patch to fix this issue. VDB-214054 is the identifier assigned to this vulnerability. | |||||