Export limit exceeded: 11731 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 11353 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11353 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-34003 | 1 Woocommerce | 1 Box Office | 2024-11-21 | 6.5 Medium |
| Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51. | ||||
| CVE-2023-33992 | 1 Sap | 2 Business Warehouse, Bw\/4hana | 2024-11-21 | 4.5 Medium |
| The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level. | ||||
| CVE-2023-33922 | 1 Elementor | 1 Website Builder | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in Elementor Elementor Website Builder.This issue affects Elementor Website Builder: from n/a through 3.13.2. | ||||
| CVE-2023-33918 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33917 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33916 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33915 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-11-21 | 7.5 High |
| In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed | ||||
| CVE-2023-33912 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33911 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33910 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33909 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33908 | 2 Google, Unisoc | 13 Android, S8000, Sc9832e and 10 more | 2024-11-21 | 5.5 Medium |
| In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33907 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In Contacts Service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33906 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33902 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
| CVE-2023-33901 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
| CVE-2023-33468 | 1 Kramerav | 4 Via Connect2, Via Connect2 Firmware, Via Go2 and 1 more | 2024-11-21 | 9.1 Critical |
| KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the physical screen. | ||||
| CVE-2023-33237 | 1 Moxa | 2 Tn-5900, Tn-5900 Firmware | 2024-11-21 | 8.8 High |
| TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs are allowed This presents a potential risk of unauthorized exploitation by malicious actors. | ||||
| CVE-2023-33190 | 2 Sealos, Sealos Project | 2 Sealos, Sealos | 2024-11-21 | 10 Critical |
| Sealos is an open source cloud operating system distribution based on the Kubernetes kernel. In versions of Sealos prior to 4.2.1-rc4 an improper configuration of role based access control (RBAC) permissions resulted in an attacker being able to obtain cluster control permissions, which could control the entire cluster deployed with Sealos, as well as hundreds of pods and other resources within the cluster. This issue has been addressed in version 4.2.1-rc4. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-32967 | 1 Qnap | 2 Qts, Qutscloud | 2024-11-21 | 5 Medium |
| An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. QTS 5.x, QuTS hero are not affected. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651 and later QTS 4.5.4.2627 build 20231225 and later | ||||