Total
4870 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0744 | 1 Answer | 1 Answer | 2025-03-25 | 9.8 Critical |
| Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4. | ||||
| CVE-2022-30564 | 1 Dahuasecurity | 194 Ipc-hf5241f-ze, Ipc-hf5241f-ze Firmware, Ipc-hf5442f-ze and 191 more | 2025-03-25 | 5.3 Medium |
| Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time. | ||||
| CVE-2023-21427 | 1 Samsung | 1 Android | 2025-03-24 | 5.4 Medium |
| Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition. | ||||
| CVE-2023-24688 | 1 Mojoportal | 1 Mojoportal | 2025-03-24 | 5.3 Medium |
| An issue in Mojoportal v2.7.0.0 allows an unauthenticated attacker to register a new user even if the Allow User Registrations feature is disabled. | ||||
| CVE-2023-21442 | 1 Samsung | 1 Android | 2025-03-24 | 4 Medium |
| Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information. | ||||
| CVE-2023-21445 | 1 Samsung | 1 Android | 2025-03-24 | 5.5 Medium |
| Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent. | ||||
| CVE-2023-21447 | 1 Samsung | 1 Cloud | 2025-03-24 | 4 Medium |
| Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent. | ||||
| CVE-2023-21438 | 1 Samsung | 1 Android | 2025-03-24 | 2.1 Low |
| Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder. | ||||
| CVE-2022-46676 | 1 Dell | 1 Wyse Management Suite | 2025-03-24 | 4.9 Medium |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users under administration and unassigned admins for which the group admin is not authorized. | ||||
| CVE-2022-46678 | 1 Dell | 1 Wyse Management Suite | 2025-03-24 | 4.9 Medium |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. | ||||
| CVE-2022-46677 | 1 Dell | 1 Wyse Management Suite | 2025-03-24 | 6.8 Medium |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroup under a group for which the admin is not authorized. | ||||
| CVE-2022-46755 | 1 Dell | 1 Wyse Management Suite | 2025-03-24 | 4.9 Medium |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. | ||||
| CVE-2024-1343 | 1 Laborofficefree | 1 Laborofficefree | 2025-03-24 | 4.7 Medium |
| A weak permission was found in the backup directory in LaborOfficeFree affecting version 19.10. This vulnerability allows any authenticated user to read backup files in the directory '%programfiles(x86)% LaborOfficeFree BackUp'. | ||||
| CVE-2022-46754 | 1 Dell | 1 Wyse Management Suite | 2025-03-21 | 8.7 High |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities. | ||||
| CVE-2023-31346 | 2 Amd, Redhat | 128 Epyc 7203 Firmware, Epyc 7203p, Epyc 7203p Firmware and 125 more | 2025-03-20 | 6 Medium |
| Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests. | ||||
| CVE-2023-23835 | 1 Mendix | 1 Mendix | 2025-03-20 | 5.9 Medium |
| A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.34), Mendix Applications using Mendix 8 (All versions < V8.18.23), Mendix Applications using Mendix 9 (All versions < V9.22.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.10), Mendix Applications using Mendix 9 (V9.18) (All versions < V9.18.4), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.15). Some of the Mendix runtime API’s allow attackers to bypass XPath constraints and retrieve information using XPath queries that trigger errors. | ||||
| CVE-2024-5691 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2025-03-19 | 4.7 Medium |
| By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. | ||||
| CVE-2024-41243 | 1 Lopalopa | 1 Responsive School Management System | 2025-03-19 | 5.3 Medium |
| An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details. | ||||
| CVE-2023-42957 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-03-19 | 3.3 Low |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10. An app may be able to read sensitive location information. | ||||
| CVE-2023-20927 | 1 Google | 1 Android | 2025-03-19 | 7.8 High |
| In permissions of AndroidManifest.xml, there is a possible way to grant signature permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244216503 | ||||