| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.4, macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A sandboxed process may be able to circumvent sandbox restrictions. |
| Input verification vulnerability in the call module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Input verification vulnerability in the log module.
Impact: Successful exploitation of this vulnerability can affect integrity. |
| Input verification vulnerability in the power module.
Impact: Successful exploitation of this vulnerability will affect availability. |
| Vulnerability of data verification errors in the kernel module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Permission verification vulnerability in the system module.
Impact: Successful exploitation of this vulnerability will affect availability. |
| Vulnerability of data verification errors in the kernel module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of data verification errors in the kernel module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Installed Base accessible data as well as unauthorized read access to a subset of Oracle Installed Base accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). |
| A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127. |
| An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service (DoS) via excessive file uploads. |
| Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection. |
| ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant('{autopf}\Proton\Drive') + '"' in Setup/setup.iss. |
| there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. |
| In multiple locations, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
| Vulnerability of starting activities in the background in the ActivityManagerService (AMS) module.
Impact: Successful exploitation of this vulnerability will affect availability. |
| Vulnerability of improper access control in the email module.Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of input parameter verification in the motor module.Successful exploitation of this vulnerability may affect availability. |
| Input verification vulnerability in the account module.Successful exploitation of this vulnerability may cause features to perform abnormally. |