Total
3079 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-47579 | 1 Relyum | 2 Rely-pcie, Rely-pcie Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system. | |||||
| CVE-2023-47536 | 1 Fortinet | 2 Fortios, Fortiproxy | 2024-11-21 | N/A | 3.1 LOW |
| An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update. | |||||
| CVE-2023-47034 | 1 Uniswapfrontrunbot Project | 1 Uniswapfrontrunbot | 2024-11-21 | N/A | 7.5 HIGH |
| A vulnerability in UniswapFrontRunBot 0xdB94c allows attackers to cause financial losses via unspecified vectors. | |||||
| CVE-2023-46759 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 7.5 HIGH |
| Permission control vulnerability in the call module. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-46755 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 5.3 MEDIUM |
| Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart. | |||||
| CVE-2023-46712 | 1 Fortinet | 1 Fortiportal | 2024-11-21 | N/A | 7.2 HIGH |
| A improper access control in Fortinet FortiPortal version 7.0.0 through 7.0.6, Fortinet FortiPortal version 7.2.0 through 7.2.1 allows attacker to escalate its privilege via specifically crafted HTTP requests. | |||||
| CVE-2023-46501 | 1 Boltwire | 1 Boltwire | 2024-11-21 | N/A | 9.1 CRITICAL |
| An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a crafted payload to the view and change admin password function. | |||||
| CVE-2023-46033 | 1 Dlink | 4 Dsl-2730u, Dsl-2730u Firmware, Dsl-2750u and 1 more | 2024-11-21 | N/A | 6.8 MEDIUM |
| D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control. | |||||
| CVE-2023-44794 | 2 Dromara, Vmware | 3 Sa-token, Spring Boot, Spring Framework | 2024-11-21 | N/A | 9.8 CRITICAL |
| An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL. | |||||
| CVE-2023-44283 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2024-11-21 | N/A | 7.8 HIGH |
| In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concern has been identified, impacting locally authenticated users on their respective PCs. This issue may potentially enable privilege escalation and the execution of arbitrary code, in the Windows system context, and confined to that specific local PC. | |||||
| CVE-2023-44118 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 9.1 CRITICAL |
| Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this vulnerability will affect availability and confidentiality. | |||||
| CVE-2023-43901 | 1 Emsigner | 1 Emsigner | 2024-11-21 | N/A | 5.9 MEDIUM |
| Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user. | |||||
| CVE-2023-43487 | 2024-11-21 | N/A | 4.7 MEDIUM | ||
| Improper access control in some Intel(R) CST before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-43336 | 1 Sangoma | 1 Freepbx | 2024-11-21 | N/A | 8.8 HIGH |
| Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101. | |||||
| CVE-2023-43141 | 1 Totolink | 4 A3700r, A3700r Firmware, N600r and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control. | |||||
| CVE-2023-43119 | 1 Extremenetworks | 1 Exos | 2024-11-21 | N/A | 9.8 CRITICAL |
| An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server. | |||||
| CVE-2023-43079 | 1 Dell | 1 Emc Openmanage Server Administrator | 2024-11-21 | N/A | 7.3 HIGH |
| Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system. Exploitation may lead to a complete system compromise. | |||||
| CVE-2023-43072 | 1 Dell | 1 Smartfabric Storage Software | 2024-11-21 | N/A | 4.4 MEDIUM |
| Dell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands. | |||||
| CVE-2023-41882 | 1 Vantage6 | 1 Vantage6 | 2024-11-21 | N/A | 5.4 MEDIUM |
| vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/{id}/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should have permission to view the collaboration and to view the tasks in it. However, prior to version 4.0.0, it is only checked if the user has permission to view the collaboration. Version 4.0.0 contains a patch. There are no known workarounds. | |||||
| CVE-2023-41772 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2024-11-21 | N/A | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||