Total
6050 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-35045 | 2024-11-21 | 4.3 Medium | ||
| Missing Authorization vulnerability in Fat Rat Fat Rat Collect.This issue affects Fat Rat Collect: from n/a through 2.6.7. | ||||
| CVE-2023-34463 | 1 Dataease | 1 Dataease | 2024-11-21 | 8.1 High |
| DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions Unauthorized users can delete an application erroneously. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-34003 | 1 Woocommerce | 1 Box Office | 2024-11-21 | 6.5 Medium |
| Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51. | ||||
| CVE-2023-33992 | 1 Sap | 2 Business Warehouse, Bw\/4hana | 2024-11-21 | 4.5 Medium |
| The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level. | ||||
| CVE-2023-33948 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2024-11-21 | 5.3 Medium |
| The Dynamic Data Mapping module in Liferay Portal 7.4.3.67, and Liferay DXP 7.4 update 67 does not limit Document and Media files which can be downloaded from a Form, which allows remote attackers to download any file from Document and Media via a crafted URL. | ||||
| CVE-2023-33922 | 1 Elementor | 1 Website Builder | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in Elementor Elementor Website Builder.This issue affects Elementor Website Builder: from n/a through 3.13.2. | ||||
| CVE-2023-33918 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33917 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33916 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33915 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-11-21 | 7.5 High |
| In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed | ||||
| CVE-2023-33912 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33911 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2024-11-21 | 5.5 Medium |
| In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33910 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33909 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33908 | 2 Google, Unisoc | 13 Android, S8000, Sc9832e and 10 more | 2024-11-21 | 5.5 Medium |
| In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33907 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In Contacts Service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33906 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
| CVE-2023-33902 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
| CVE-2023-33901 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
| CVE-2023-32855 | 5 Google, Linuxfoundation, Mediatek and 2 more | 36 Android, Yocto, Mt2735 and 33 more | 2024-11-21 | 6.7 Medium |
| In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204. | ||||