🚨 CVE-2023-52343
In SecurityCommand message after as security has been actived., there is a possible improper input validation. This could lead to remote information disclosure no additional execution privileges needed
🎖@cveNotify
In SecurityCommand message after as security has been actived., there is a possible improper input validation. This could lead to remote information disclosure no additional execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52344
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed
🎖@cveNotify
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52345
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
🎖@cveNotify
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52346
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
🎖@cveNotify
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52347
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52348
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52349
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52350
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52351
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52352
In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
🎖@cveNotify
In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52533
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed
🎖@cveNotify
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52534
In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed
🎖@cveNotify
In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52535
In vsp driver, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed
🎖@cveNotify
In vsp driver, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed
🎖@cveNotify
🚨 CVE-2023-52536
In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
🚨 CVE-2024-23658
In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
🎖@cveNotify
🚨 CVE-2024-1292
The wpb-show-core WordPress plugin before 2.6 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
🎖@cveNotify
The wpb-show-core WordPress plugin before 2.6 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
🎖@cveNotify
WPScan
WPB Show Core < 2.6 - Reflected XSS
See details on WPB Show Core < 2.6 - Reflected XSS CVE 2024-1292. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2024-1588
The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
🎖@cveNotify
The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
🎖@cveNotify
WPScan
SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Settings
See details on SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Settings CVE 2024-1588. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2024-1589
The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
🎖@cveNotify
The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
🎖@cveNotify
WPScan
SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Form Settings
See details on SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Form Settings CVE 2024-1589. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2024-1752
The Font Farsi WordPress plugin through 1.6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
🎖@cveNotify
The Font Farsi WordPress plugin through 1.6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
🎖@cveNotify
WPScan
Font Farsi <= 1.6.6 - Admin+ Stored XSS in Settings
See details on Font Farsi <= 1.6.6 - Admin+ Stored XSS in Settings CVE 2024-1752. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2024-1956
The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape the parameters before outputting it back in the response of an unauthenticated request, leading to a Reflected Cross-Site Scripting
🎖@cveNotify
The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape the parameters before outputting it back in the response of an unauthenticated request, leading to a Reflected Cross-Site Scripting
🎖@cveNotify
WPScan
WPB Show Core < 2.7 - Reflected XSS
See details on WPB Show Core < 2.7 - Reflected XSS CVE 2024-1956. View the latest Plugin Vulnerabilities on WPScan.
🚨 CVE-2024-1958
The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users
🎖@cveNotify
The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users
🎖@cveNotify
WPScan
WPB Show Core < 2.7 - Reflected XSS
See details on WPB Show Core < 2.7 - Reflected XSS CVE 2024-1958. View the latest Plugin Vulnerabilities on WPScan.