CVE List - 2023 / June
Showing 2101 - 2200 of 2395 CVEs for June 2023 (Page 22 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-44276 | 2023-06-28 | In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE. |
| CVE-2023-20006 | 2023-06-28 | A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow... |
| CVE-2023-20028 | 2023-06-28 | Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities |
| CVE-2023-20105 | 2023-06-28 | A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with Read-only credentials to elevate privileges... |
| CVE-2023-20108 | 2023-06-28 | A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to cause a temporary... |
| CVE-2023-20116 | 2023-06-28 | A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow... |
| CVE-2023-20119 | 2023-06-28 | A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated,... |
| CVE-2023-20120 | 2023-06-28 | Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities |
| CVE-2023-20136 | 2023-06-28 | A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges.... |
| CVE-2023-20178 | 2023-06-28 | A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker... |
| CVE-2023-20188 | 2023-06-28 | A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed... |
| CVE-2023-20192 | 2023-06-28 | Cisco Expressway Series and Cisco TelePresence Video Communication Server Privilege Escalation Vulnerabilities |
| CVE-2023-20199 | 2023-06-28 | Cisco Duo Two-Factor Authentication for macOS Authentication Bypass Vulnerability |
| CVE-2023-21066 | 2023-06-28 | In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges... |
| CVE-2023-21146 | 2023-06-28 | there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2023-21147 | 2023-06-28 | In lwis_i2c_device_disable of lwis_device_i2c.c, there is a possible UAF due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2023-21148 | 2023-06-28 | In BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-21149 | 2023-06-28 | In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission check. This could lead to local escalation of privilege with no additional... |
| CVE-2023-21150 | 2023-06-28 | In handle_set_parameters_ctrl of hal_socket.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-21151 | 2023-06-28 | In the Google BMS kernel module, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System... |
| CVE-2023-21152 | 2023-06-28 | In FaceStatsAnalyzer::InterpolateWeightList of face_stats_analyzer.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed.... |
| CVE-2023-21153 | 2023-06-28 | In Do_AIMS_SET_CALL_WAITING of imsservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2023-21154 | 2023-06-28 | In StoreAdbSerialNumber of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-21155 | 2023-06-28 | In BuildSetRadioNode of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2023-21156 | 2023-06-28 | In BuildGetRadioNode of protocolmiscbulider.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the modem with System execution... |
| CVE-2023-21157 | 2023-06-28 | In encode of wlandata.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2023-21158 | 2023-06-28 | In encode of miscdata.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-21159 | 2023-06-28 | In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2023-21160 | 2023-06-28 | In BuildSetTcsFci of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2023-21161 | 2023-06-28 | In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2023-21167 | 2023-06-28 | In setProfileName of DevicePolicyManagerService.java, there is a possible way to crash the SystemUI menu due to a missing bounds check. This could lead to local denial of service with no... |
| CVE-2023-21168 | 2023-06-28 | In convertCbYCrY of ColorConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2023-21169 | 2023-06-28 | In inviteInternal of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-21170 | 2023-06-28 | In executeSetClientTarget of ComposerCommandEngine.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-21171 | 2023-06-28 | In verifyInputEvent of InputDispatcher.cpp, there is a possible way to conduct click fraud due to side channel information disclosure. This could lead to local escalation of privilege with System execution... |
| CVE-2023-21172 | 2023-06-28 | In multiple functions of WifiCallingSettings.java, there is a possible way to change calling preferences for the admin user due to a permissions bypass. This could lead to local escalation of... |
| CVE-2023-21173 | 2023-06-28 | In multiple methods of DataUsageList.java, there is a possible way to learn about admin user's network activities due to a missing permission check. This could lead to local information disclosure... |
| CVE-2023-21174 | 2023-06-28 | In isPageSearchEnabled of BillingCycleSettings.java, there is a possible way for the guest user to change data limits due to a permissions bypass. This could lead to local escalation of privilege... |
| CVE-2023-21175 | 2023-06-28 | In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or disable mobile data due to a permissions bypass. This could lead to local escalation... |
| CVE-2023-21176 | 2023-06-28 | In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed.... |
| CVE-2023-21177 | 2023-06-28 | In requestAppKeyboardShortcuts of WindowManagerService.java, there is a possible way to infer the app a user is interacting with due to a missing permission check. This could lead to local information... |
| CVE-2023-21178 | 2023-06-28 | In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User... |
| CVE-2023-21179 | 2023-06-28 | In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no... |
| CVE-2023-21180 | 2023-06-28 | In xmlParseTryOrFinish of parser.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2023-21181 | 2023-06-28 | In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-21182 | 2023-06-28 | In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-21183 | 2023-06-28 | In ForegroundUtils of ForegroundUtils.java, there is a possible way to read NFC tag data while the app is still in the background due to a logic error in the code.... |
| CVE-2023-21184 | 2023-06-28 | In getCurrentPrivilegedPackagesForAllUsers of CarrierPrivilegesTracker.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution... |
| CVE-2023-21185 | 2023-06-28 | In multiple functions of WifiNetworkFactory.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User... |
| CVE-2023-21186 | 2023-06-28 | In LogResponse of Dns.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution... |
| CVE-2023-21187 | 2023-06-28 | In onCreate of UsbAccessoryUriActivity.java, there is a possible way to escape the Setup Wizard due to a logic error in the code. This could lead to local escalation of privilege... |
| CVE-2023-21188 | 2023-06-28 | In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-21189 | 2023-06-28 | In startLockTaskMode of LockTaskController.java, there is a possible bypass of lock task mode due to a logic error in the code. This could lead to local escalation of privilege with... |
| CVE-2023-21190 | 2023-06-28 | In btm_acl_encrypt_change of btm_acl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This... |
| CVE-2023-21191 | 2023-06-28 | In fixNotification of NotificationManagerService.java, there is a possible bypass of notification hide preference due to a logic error in the code. This could lead to local escalation of privilege with... |
| CVE-2023-21192 | 2023-06-28 | In setInputMethodWithSubtypeIdLocked of InputMethodManagerService.java, there is a possible way to setup input methods that are not enabled due to improper input validation. This could lead to local escalation of privilege... |
| CVE-2023-21193 | 2023-06-28 | In VideoFrame of VideoFrame.h, there is a possible abort due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is... |
| CVE-2023-21194 | 2023-06-28 | In gatt_dbg_op_name of gatt_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with... |
| CVE-2023-21195 | 2023-06-28 | In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth, if the firmware... |
| CVE-2023-21196 | 2023-06-28 | In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with... |
| CVE-2023-21197 | 2023-06-28 | In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2023-21198 | 2023-06-28 | In remove_sdp_record of btif_sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2023-21199 | 2023-06-28 | In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2023-21200 | 2023-06-28 | In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed.... |
| CVE-2023-21201 | 2023-06-28 | In on_create_record_event of btif_sdp_server.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution... |
| CVE-2023-21202 | 2023-06-28 | In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution... |
| CVE-2023-21203 | 2023-06-28 | In startWpsPbcInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-21204 | 2023-06-28 | In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System... |
| CVE-2023-21205 | 2023-06-28 | In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User... |
| CVE-2023-21206 | 2023-06-28 | In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-21207 | 2023-06-28 | In initiateTdlsSetupInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2023-21208 | 2023-06-28 | In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User... |
| CVE-2023-21209 | 2023-06-28 | In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2023-21210 | 2023-06-28 | In initiateHs20IconQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User... |
| CVE-2023-21211 | 2023-06-28 | In multiple files, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed.... |
| CVE-2023-21212 | 2023-06-28 | In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System... |
| CVE-2023-21213 | 2023-06-28 | In initiateTdlsTeardownInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with... |
| CVE-2023-21214 | 2023-06-28 | In addGroupWithConfigInternal of p2p_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-21219 | 2023-06-28 | there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed.... |
| CVE-2023-21220 | 2023-06-28 | there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed.... |
| CVE-2023-21222 | 2023-06-28 | In load_dt_data of storage.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2023-21223 | 2023-06-28 | In LPP_ConvertGNSS_DataBitAssistance of LPP_CommonUtil.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2023-21224 | 2023-06-28 | In ss_ProcessReturnResultComponent of ss_MmConManagement.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2023-21225 | 2023-06-28 | there is a possible way to bypass the protected confirmation screen due to Failure to lock display power. This could lead to local escalation of privilege with no additional execution... |
| CVE-2023-21226 | 2023-06-28 | In SAEMM_RetrieveTaiList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2023-21236 | 2023-06-28 | In aoc_service_set_read_blocked of aoc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2023-21512 | 2023-06-28 | Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission. |
| CVE-2023-21513 | 2023-06-28 | Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC... |
| CVE-2023-21517 | 2023-06-28 | Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. |
| CVE-2023-21518 | 2023-06-28 | Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity. |
| CVE-2023-2232 | 2023-06-28 | An issue has been discovered in GitLab affecting all versions starting from 15.10 before 16.1, leading to a ReDoS vulnerability in the Jira prefix |
| CVE-2023-26615 | 2023-06-28 | D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password. |
| CVE-2023-30259 | 2023-06-28 | A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file. |
| CVE-2023-3138 | 2023-06-28 | A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error... |
| CVE-2023-32222 | 2023-06-28 | D-Link DSL-G256DG firmware version vBZ_1.00.27 Authentication Bypass |
| CVE-2023-32223 | 2023-06-28 | D-Link DSL-224 firmware version 3.0.10 post authentication command execution |
| CVE-2023-32224 | 2023-06-28 | D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts |
| CVE-2023-33570 | 2023-06-28 | Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI). |
| CVE-2023-33592 | 2023-06-28 | Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via the component /php-lfis/admin/?page=system_info/contact_information. |
| CVE-2023-33661 | 2023-06-28 | Multiple cross-site scripting (XSS) vulnerabilities were discovered in Church CRM v4.5.3 in GroupReports.php via GroupRole, ReportModel, and OnlyCart parameters. |