Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-42571 |
Description: Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.
CVSS: HIGH (7.6) EPSS Score: 0.05%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-42564 |
Description: Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to send broadcast with system privilege.
CVSS: MEDIUM (6.6) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-42558 |
Description: Out of bounds write vulnerability in HDCP in HAL prior to SMR Dec-2023 Release 1 allows attacker to perform code execution.
CVSS: MEDIUM (6.0) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-4223 |
Description: Unrestricted file upload in `/main/inc/ajax/document.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files.
CVSS: HIGH (8.8) EPSS Score: 0.45%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-41808 |
Description: Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows an unauthorised user to escalate and read sensitive files as if they were root. This issue affects Pandora FMS: from 700 through 773.
CVSS: HIGH (8.5) EPSS Score: 0.14%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-41268 |
Description: Improper input validation vulnerability in Samsung Open Source Escargot allows stack overflow and segmentation fault. This issue affects Escargot: from 3.0.0 through 4.0.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.16%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-40655 |
Description: A reflected XSS vulnerability was discovered in the Proforms Basic component for Joomla.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-40626 |
Description: The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information.
CVSS: LOW (0.0) EPSS Score: 0.18%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-40095 |
Description: In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-40082 |
Description: In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS: LOW (0.0) EPSS Score: 0.16%
December 3rd, 2024 (5 months ago)
|