Export limit exceeded: 367192 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35583 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20881 | 1 Samsung | 1 Android | 2025-02-10 | 6.4 Medium |
| Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code execution. | ||||
| CVE-2024-20879 | 1 Samsung | 1 Android | 2025-02-10 | 4 Medium |
| Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds memory. | ||||
| CVE-2023-27645 | 1 Powerampapp | 1 Poweramp | 2025-02-10 | 9.8 Critical |
| An issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote attacker to gain privileges via the reverb and EQ preset parameters. | ||||
| CVE-2022-3375 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 3.1 Low |
| An issue has been discovered in GitLab affecting all versions starting from 11.10 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible to disclose the branch names when attacker has a fork of a project that was switched to private. | ||||
| CVE-2024-20835 | 1 Samsung | 1 Android | 2025-02-10 | 4 Medium |
| Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors. | ||||
| CVE-2024-20834 | 1 Samsung | 1 Android | 2025-02-10 | 3.3 Low |
| The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission. | ||||
| CVE-2024-20875 | 1 Samsung | 1 Android | 2025-02-10 | 4 Medium |
| Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files. | ||||
| CVE-2024-20876 | 1 Samsung | 1 Android | 2025-02-10 | 6.1 Medium |
| Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption. | ||||
| CVE-2024-20874 | 1 Samsung | 1 Android | 2025-02-10 | 7.9 High |
| Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged activities. | ||||
| CVE-2024-20866 | 1 Samsung | 1 Android | 2025-02-10 | 5.7 Medium |
| Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step. | ||||
| CVE-2024-20865 | 1 Samsung | 1 Android | 2025-02-10 | 6.6 Medium |
| Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical attackers to flash arbitrary images. | ||||
| CVE-2023-27496 | 2 Envoyproxy, Redhat | 2 Envoy, Service Mesh | 2025-02-10 | 6.5 Medium |
| Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the OAuth filter assumes that a `state` query param is present on any response that looks like an OAuth redirect response. Sending it a request with the URI path equivalent to the redirect path, without the `state` parameter, will lead to abnormal termination of Envoy process. Versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9 contain a patch. The issue can also be mitigated by locking down OAuth traffic, disabling the filter, or by filtering traffic before it reaches the OAuth filter (e.g. via a lua script). | ||||
| CVE-2024-20859 | 1 Samsung | 1 Android | 2025-02-10 | 5.5 Medium |
| Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without privilege. | ||||
| CVE-2023-28368 | 1 Tp-link | 2 T2600g-28sq, T2600g-28sq Firmware | 2025-02-10 | 5.7 Medium |
| TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQ(UN)_V1_1.0.6 Build 20230227' uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential information for the affected device may be obtained. | ||||
| CVE-2023-1787 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 4.3 Medium |
| An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description. | ||||
| CVE-2023-1733 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 5.8 Medium |
| A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1. | ||||
| CVE-2023-1710 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 5.3 Medium |
| A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue. | ||||
| CVE-2023-1098 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 5.8 Medium |
| An information disclosure vulnerability has been discovered in GitLab EE/CE affecting all versions starting from 11.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 will allow an admin to leak password from repository mirror configuration. | ||||
| CVE-2023-0838 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 5.5 Medium |
| An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplete fix for CVE-2022-4342. | ||||
| CVE-2024-20857 | 1 Samsung | 1 Android | 2025-02-10 | 4 Medium |
| Improper access control vulnerability in startListening of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application. | ||||