‼ CVE-2023-20755 ‼
📖 Read
via "National Vulnerability Database".
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07509605.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-20768 ‼
📖 Read
via "National Vulnerability Database".
In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07559800.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-20774 ‼
📖 Read
via "National Vulnerability Database".
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292228; Issue ID: ALPS07292228.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-20775 ‼
📖 Read
via "National Vulnerability Database".
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-20756 ‼
📖 Read
via "National Vulnerability Database".
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07549928.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-20754 ‼
📖 Read
via "National Vulnerability Database".
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07588343.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-20773 ‼
📖 Read
via "National Vulnerability Database".
In vow, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07611449; Issue ID: ALPS07441735.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-20772 ‼
📖 Read
via "National Vulnerability Database".
In vow, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441796; Issue ID: ALPS07441796.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-20767 ‼
📖 Read
via "National Vulnerability Database".
In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629584.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-30990 ‼
📖 Read
via "National Vulnerability Database".
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a remote attacker to execute CL commands as QUSER, caused by an exploitation of DDM architecture. IBM X-Force ID: 254036.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-20771 ‼
📖 Read
via "National Vulnerability Database".
In display, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07671046; Issue ID: ALPS07671046.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32666 ‼
📖 Read
via "National Vulnerability Database".
In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-21641 ‼
📖 Read
via "National Vulnerability Database".
An app with non-privileged access can change global system brightness and cause undesired system behavior.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-3133 ‼
📖 Read
via "National Vulnerability Database".
The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-28541 ‼
📖 Read
via "National Vulnerability Database".
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-21629 ‼
📖 Read
via "National Vulnerability Database".
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-2320 ‼
📖 Read
via "National Vulnerability Database".
The CF7 Google Sheets Connector WordPress plugin before 5.0.2, cf7-google-sheets-connector-pro WordPress plugin through 5.0.2 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin📖 Read
via "National Vulnerability Database".
‼ CVE-2023-24854 ‼
📖 Read
via "National Vulnerability Database".
Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-2324 ‼
📖 Read
via "National Vulnerability Database".
The Elementor Forms Google Sheet Connector WordPress plugin before 1.0.7, gsheetconnector-for-elementor-forms-pro WordPress plugin through 1.0.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin📖 Read
via "National Vulnerability Database".
‼ CVE-2023-21640 ‼
📖 Read
via "National Vulnerability Database".
Memory corruption in Linux when the file upload API is called with parameters having large buffer.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-2010 ‼
📖 Read
via "National Vulnerability Database".
The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. This leads to a Race Condition that may allow a single user to vote multiple times on a poll.📖 Read
via "National Vulnerability Database".