Total
2157 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-48902 | 2024-11-21 | 9.8 Critical | ||
| An issue was discovered in tramyardg autoexpress version 1.3.0, allows unauthenticated remote attackers to escalate privileges, update car data, delete vehicles, and upload car images via authentication bypass in uploadCarImages.php. | ||||
| CVE-2023-48757 | 2024-11-21 | 8.8 High | ||
| Improper Privilege Management vulnerability in Crocoblock JetEngine allows Privilege Escalation.This issue affects JetEngine: from n/a through 3.2.4. | ||||
| CVE-2023-48419 | 1 Google | 8 Home, Home Firmware, Home Mini and 5 more | 2024-11-21 | 10 Critical |
| An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege | ||||
| CVE-2023-48406 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-48319 | 2024-11-21 | 6.8 Medium | ||
| Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation.This issue affects Salon booking system: from n/a through 8.6. | ||||
| CVE-2023-47837 | 2024-11-21 | 8.3 High | ||
| Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10. | ||||
| CVE-2023-47782 | 2024-11-21 | 8.8 High | ||
| Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0. | ||||
| CVE-2023-47715 | 1 Ibm | 1 Storage Protect Plus | 2024-11-21 | 4.3 Medium |
| IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with read-only permissions to add or delete entries from an existing HyperVisor configuration. IBM X-Force ID: 271538. | ||||
| CVE-2023-47683 | 2024-11-21 | 8 High | ||
| Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Privilege Escalation.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.6. | ||||
| CVE-2023-47682 | 2024-11-21 | 7.2 High | ||
| Improper Privilege Management vulnerability in weDevs WP User Frontend allows Privilege Escalation.This issue affects WP User Frontend: from n/a through 3.6.5. | ||||
| CVE-2023-47629 | 1 Datahub Project | 1 Datahub | 2024-11-21 | 7.1 High |
| DataHub is an open-source metadata platform. In affected versions sign-up through an invite link does not properly restrict users from signing up as privileged accounts. If a user is given an email sign-up link they can potentially create an admin account given certain preconditions. If the default datahub user has been removed, then the user can sign up for an account that leverages the default policies giving admin privileges to the datahub user. All DataHub instances prior to the patch that have removed the datahub user, but not the default policies applying to that user are affected. Users are advised to update to version 0.12.1 which addresses the issue. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-47611 | 1 Telit | 20 Bgs5, Bgs5 Firmware, Ehs5 and 17 more | 2024-11-21 | 7.8 High |
| A CWE-269: Improper Privilege Management vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to elevate privileges to "manufacturer" level on the targeted system. | ||||
| CVE-2023-47267 | 1 Thegreenbow | 3 Windows Enterprise Certified Vpn, Windows Enterprise Vpn, Windows Standard Vpn | 2024-11-21 | 9.8 Critical |
| An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87, and Windows Enterprise VPN Client 6.87 allows attackers to gain escalated privileges via crafted changes to memory mapped file. | ||||
| CVE-2023-47201 | 1 Trendmicro | 1 Apex One | 2024-11-21 | 7.8 High |
| A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47200. | ||||
| CVE-2023-47132 | 1 N-able | 1 N-central | 2024-11-21 | 9.8 Critical |
| An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain escalated privileges via API calls. | ||||
| CVE-2023-47101 | 1 Securepoint | 1 Openvpn-client | 2024-11-21 | 7.8 High |
| The installer (aka openvpn-client-installer) in Securepoint SSL VPN Client before 2.0.40 allows local privilege escalation during installation or repair. | ||||
| CVE-2023-46813 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 7.0 High |
| An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it. | ||||
| CVE-2023-46771 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2023-46758 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device. | ||||
| CVE-2023-46756 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 5.3 Medium |
| Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows. | ||||