Total
6213 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-38443 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 7.8 High |
| In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges | ||||
| CVE-2023-38442 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-38441 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-38440 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-38439 | 2 Google, Unisoc | 8 Android, Sc9832e, Sc9863a and 5 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-38438 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-38437 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-38436 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-38395 | 1 Afzalmultani | 1 Wp Clone Menu | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through 1.0.1. | ||||
| CVE-2023-38394 | 1 Artbees | 1 Jupiter X Core | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from 3.0.0 through 3.3.0. | ||||
| CVE-2023-38393 | 1 Ninjaforms | 1 Ninja Forms | 2024-11-21 | 7.6 High |
| Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25. | ||||
| CVE-2023-37965 | 1 Jenkins | 1 Elasticbox Ci | 2024-11-21 | 7.1 High |
| A missing permission check in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-37963 | 1 Jenkins | 1 Benchmark Evaluator | 2024-11-21 | 5.4 Medium |
| A missing permission check in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, `.csv`, and `.ycsb` files on the Jenkins controller file system. | ||||
| CVE-2023-37959 | 1 Jenkins | 1 Sumologic Publisher | 2024-11-21 | 6.5 Medium |
| A missing permission check in Jenkins Sumologic Publisher Plugin 2.2.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | ||||
| CVE-2023-37956 | 1 Jenkins | 1 Test Results Aggregator | 2024-11-21 | 6.5 Medium |
| A missing permission check in Jenkins Test Results Aggregator Plugin 1.2.13 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. | ||||
| CVE-2023-37953 | 1 Jenkins | 1 Mabl | 2024-11-21 | 6.5 Medium |
| A missing permission check in Jenkins mabl Plugin 0.0.46 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-37950 | 1 Jenkins | 1 Mabl | 2024-11-21 | 4.3 Medium |
| A missing permission check in Jenkins mabl Plugin 0.0.46 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | ||||
| CVE-2023-37949 | 1 Jenkins | 1 Orka By Macstadium | 2024-11-21 | 7.1 High |
| A missing permission check in Jenkins Orka by MacStadium Plugin 1.33 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-37945 | 1 Jenkins | 1 Saml Single Sign On | 2024-11-21 | 4.3 Medium |
| A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 through 2.3.0 (both inclusive) allows attackers with Overall/Read permission to download a string representation of the current security realm. | ||||
| CVE-2023-37944 | 1 Jenkins | 1 Datadog | 2024-11-21 | 6.5 Medium |
| A missing permission check in Jenkins Datadog Plugin 5.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||