Vulnerabilities (CVE)

Filtered by CWE-284
Total 4417 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-21777 1 Microsoft 1 Azure App Service On Azure Stack 2026-06-17 N/A 8.7 HIGH
Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2023-21752 1 Microsoft 3 Windows 10, Windows 11, Windows 7 2026-06-17 N/A 7.1 HIGH
Windows Backup Service Elevation of Privilege Vulnerability
CVE-2023-21751 1 Microsoft 1 Azure Devops Server 2026-06-17 N/A 6.5 MEDIUM
Azure DevOps Server Spoofing Vulnerability
CVE-2023-21750 1 Microsoft 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more 2026-06-17 N/A 7.1 HIGH
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21742 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2026-06-17 N/A 8.8 HIGH
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-21717 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2026-06-17 N/A 8.8 HIGH
Microsoft SharePoint Server Elevation of Privilege Vulnerability
CVE-2023-21531 1 Microsoft 1 Azure Service Fabric 2026-06-17 N/A 7.0 HIGH
Azure Service Fabric Container Elevation of Privilege Vulnerability
CVE-2023-20927 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In permissions of AndroidManifest.xml, there is a possible way to grant signature permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244216503
CVE-2023-20587 2026-06-17 N/A 7.1 HIGH
Improper Access Control in System Management Mode (SMM) may allow an attacker access to the SPI flash potentially leading to arbitrary code execution.
CVE-2023-20579 1 Amd 258 Ryzen 3 3200u, Ryzen 3 3200u Firmware, Ryzen 3 3250c and 255 more 2026-06-17 N/A 6.0 MEDIUM
Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.
CVE-2023-1883 1 Phpmyfaq 1 Phpmyfaq 2026-06-17 N/A 5.4 MEDIUM
Improper Access Control in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1647 1 Cal 1 Cal.com 2026-06-17 N/A 8.8 HIGH
Improper Access Control in GitHub repository calcom/cal.com prior to 2.7.
CVE-2023-1557 1 E-commerce System Project 1 E-commerce System 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /ecommerce/admin/user/controller.php?action=edit of the component Username Handler. The manipulation of the argument USERID leads to improper access controls. The attack may be launched remotely. VDB-223550 is the identifier assigned to this vulnerability.
CVE-2023-1491 1 Maxpcsecure 1 Anti Virus Plus 2026-06-17 3.2 LOW 4.4 MEDIUM
A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been classified as critical. This affects the function 0x220020 in the library MaxCryptMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-223377 was assigned to this vulnerability.
CVE-2023-1490 1 Maxpcsecure 1 Anti Virus Plus 2026-06-17 3.2 LOW 4.4 MEDIUM
A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1 and classified as critical. Affected by this issue is the function 0x220020 in the library SDActMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223376.
CVE-2023-1489 1 Wisecleaner 1 Wise System Monitor 2026-06-17 6.8 MEDIUM 7.8 HIGH
A vulnerability has been found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54 and classified as critical. Affected by this vulnerability is the function 0x9C402088 in the library WiseHDInfo64.dll of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223375.
CVE-2023-1486 1 Wisecleaner 1 Wise Force Deleter 2026-06-17 3.2 LOW 4.4 MEDIUM
A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372.
CVE-2023-1453 1 Watchdog 1 Anti-virus 2026-06-17 3.2 LOW 4.4 MEDIUM
A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. It has been rated as critical. Affected by this issue is the function 0x80002008 in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-223298 is the identifier assigned to this vulnerability.
CVE-2023-1432 1 Oretnom23 1 Online Food Ordering System 2026-06-17 7.5 HIGH 7.3 HIGH
A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /fos/admin/ajax.php?action=save_settings of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be launched remotely. VDB-223214 is the identifier assigned to this vulnerability.
CVE-2023-1007 1 Filseclab 1 Twister Antivirus 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221740.