Total
791 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-5948 | 1 Teamamaze | 1 Amaze File Utilities | 2024-11-21 | 5.5 Medium |
| Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91. | ||||
| CVE-2023-5808 | 2 Hitachi, Microsoft | 2 Vantara Hitachi Network Attached Storage, Windows | 2024-11-21 | 7.6 High |
| SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role. | ||||
| CVE-2023-5654 | 1 Facebook | 1 React-devtools | 2024-11-21 | 6.5 Medium |
| The React Developer Tools extension registers a message listener with window.addEventListener('message', <listener>) in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received message via fetch(). The URL is not validated or sanitised before it is fetched, thus allowing a malicious web page to arbitrarily fetch URL’s via the victim's browser. | ||||
| CVE-2023-52160 | 6 Debian, Fedoraproject, Google and 3 more | 7 Debian Linux, Fedora, Android and 4 more | 2024-11-21 | 6.5 Medium |
| The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. | ||||
| CVE-2023-52139 | 1 Misskey | 1 Misskey | 2024-11-21 | 9.1 Critical |
| Misskey is an open source, decentralized social media platform. Third-party applications may be able to access some endpoints or Websocket APIs that are incorrectly specified as [kind](https://github.com/misskey-dev/misskey/blob/406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258/packages/backend/src/server/api/endpoints.ts#L811) or [secure](https://github.com/misskey-dev/misskey/blob/406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258/packages/backend/src/server/api/endpoints.ts#L805) without the user's permission and perform operations such as reading or adding non-public content. As a result, if the user who authenticated the application is an administrator, confidential information such as object storage secret keys and SMTP server passwords will be leaked, and general users can also create invitation codes without permission and leak non-public user information. This is patched in version [2023.12.1](https://github.com/misskey-dev/misskey/commit/c96bc36fedc804dc840ea791a9355d7df0748e64). | ||||
| CVE-2023-50871 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 4.3 Medium |
| In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed | ||||
| CVE-2023-50363 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | 7.4 High |
| An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | ||||
| CVE-2023-48309 | 1 Nextauth.js | 1 Next-auth | 2024-11-21 | 5.3 Medium |
| NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an interrupted OAuth sign-in flow (state, PKCE or nonce). Manually overriding the `next-auth.session-token` cookie value with this non-related JWT would let the user simulate a logged in user, albeit having no user information associated with it. (The only property on this user is an opaque randomly generated string). This vulnerability does not give access to other users' data, neither to resources that require proper authorization via scopes or other means. The created mock user has no information associated with it (ie. no name, email, access_token, etc.) This vulnerability can be exploited by bad actors to peek at logged in user states (e.g. dashboard layout). `next-auth` `v4.24.5` contains a patch for the vulnerability. As a workaround, using a custom authorization callback for Middleware, developers can manually do a basic authentication. | ||||
| CVE-2023-48252 | 1 Bosch | 21 Nexo-os, Nexo Cordless Nutrunner Nxa011s-36v-b \(0608842012\), Nexo Cordless Nutrunner Nxa011s-36v \(0608842011\) and 18 more | 2024-11-21 | 8.8 High |
| The vulnerability allows an authenticated remote attacker to perform actions exceeding their authorized access via crafted HTTP requests. | ||||
| CVE-2023-48241 | 1 Xwiki | 1 Xwiki | 2024-11-21 | 7.5 High |
| XWiki Platform is a generic wiki platform. Starting in version 6.3-milestone-2 and prior to versions 14.10.15, 15.5.1, and 15.6RC1, the Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all documents of all wikis to anybody who has access to it, by default it is public. This exposes all information stored in the wiki (but not some protected information like password hashes). While there is a right check normally, the right check can be circumvented by explicitly requesting fields from Solr that don't include the data for the right check. This has been fixed in XWiki 15.6RC1, 15.5.1 and 14.10.15 by not listing documents whose rights cannot be checked. No known workarounds are available. | ||||
| CVE-2023-47166 | 2024-11-21 | 8.8 High | ||
| A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability. | ||||
| CVE-2023-47109 | 1 Prestashop | 1 Customer Reassurance Block | 2024-11-21 | 5.5 Medium |
| PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image. When deleting the block from the BO, the file will be deleted. It is possible to make the website completely unavailable by removing index.php for example. This issue has been patched in version 5.1.4. | ||||
| CVE-2023-44410 | 1 D-link | 1 D-view | 2024-11-21 | N/A |
| D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUsers method. The issue results from the lack of proper authorization before accessing a privileged endpoint. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. . Was ZDI-CAN-19535. | ||||
| CVE-2023-44125 | 2 Google, Lg | 2 Android, V60 Thin Q 5g | 2024-11-21 | 6.1 Medium |
| The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. The attacker's app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the `android:grantUriPermissions="true"` flag. | ||||
| CVE-2023-44123 | 2 Google, Lg | 2 Android, V60 Thin Q 5g | 2024-11-21 | 6.1 Medium |
| The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth ("com.lge.bluetoothsetting") app. The attacker's app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the `android:grantUriPermissions="true"` flag. | ||||
| CVE-2023-43609 | 1 Emerson | 6 Gc1500xa, Gc1500xa Firmware, Gc370xa and 3 more | 2024-11-21 | 6.9 Medium |
| In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could obtain access to sensitive information or cause a denial-of-service condition. | ||||
| CVE-2023-42491 | 1 Busbaer | 1 Eisbaer Scada | 2024-11-21 | 8.8 High |
| EisBaer Scada - CWE-285: Improper Authorization | ||||
| CVE-2023-41841 | 1 Fortinet | 1 Fortios | 2024-11-21 | 7.4 High |
| An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4 allows an attacker belonging to the prof-admin profile to perform elevated actions. | ||||
| CVE-2023-41819 | 2024-11-21 | 6.1 Medium | ||
| A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers. | ||||
| CVE-2023-41673 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | 6.9 Medium |
| An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS requests. | ||||