Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-42700 |
Description: In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-42687 |
Description: In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-42675 |
Description: In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-40655 |
Description: A reflected XSS vulnerability was discovered in the Proforms Basic component for Joomla.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-40626 |
Description: The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information.
CVSS: LOW (0.0) EPSS Score: 0.18%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-40095 |
Description: In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-40082 |
Description: In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS: LOW (0.0) EPSS Score: 0.16%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-39548 |
Description: CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-39547 |
Description: CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
CVSS: LOW (0.0) EPSS Score: 0.09%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-3741 |
Description: An OS Command injection vulnerability in NEC Platforms DT900 and DT900S Series all versions allows an attacker to execute any command on the device.
CVSS: LOW (0.0) EPSS Score: 0.13%
December 3rd, 2024 (5 months ago)
|