Total
4643 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-42642 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42641 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42640 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42639 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42638 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42637 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42636 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42635 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42634 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42633 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42632 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42631 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42473 | 1 Sap | 1 S\/4hana | 2024-11-21 | N/A | 5.4 MEDIUM |
| S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges which has low impact on the confidentiality and integrity of the application. | |||||
| CVE-2023-42469 | 1 Fulldive | 1 Full Dialer | 2024-11-21 | N/A | 3.3 LOW |
| The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.full.dialer.top.secure.encrypted.activities.DialerActivity component. | |||||
| CVE-2023-42358 | 1 O-ran-sc | 1 Ric-plt-e2mgr | 2024-11-21 | N/A | 7.7 HIGH |
| An issue was discovered in O-RAN Software Community ric-plt-e2mgr in the G-Release environment, allows remote attackers to cause a denial of service (DoS) via a crafted request to the E2Manager API component. | |||||
| CVE-2023-41947 | 1 Jenkins | 1 Frugal Testing | 2024-11-21 | N/A | 4.3 MEDIUM |
| A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials. | |||||
| CVE-2023-41945 | 1 Jenkins | 1 Assembla Auth | 2024-11-21 | N/A | 8.8 HIGH |
| Jenkins Assembla Auth Plugin 1.14 and earlier does not verify that the permissions it grants are enabled, resulting in users with EDIT permissions to be granted Overall/Manage and Overall/SystemRead permissions, even if those permissions are disabled and should not be granted. | |||||
| CVE-2023-41943 | 1 Jenkins | 1 Aws Codecommit Trigger | 2024-11-21 | N/A | 6.5 MEDIUM |
| Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue. | |||||
| CVE-2023-41941 | 1 Jenkins | 1 Aws Codecommit Trigger | 2024-11-21 | N/A | 4.3 MEDIUM |
| A missing permission check in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins. | |||||
| CVE-2023-41908 | 1 Cerebrate-project | 1 Cerebrate | 2024-11-21 | N/A | 5.3 MEDIUM |
| Cerebrate before 1.15 lacks the Secure attribute for the session cookie. | |||||