CVE List - 2023 / July
Showing 301 - 400 of 2295 CVEs for July 2023 (Page 4 of 23)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-46894 | 2023-07-06 | Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation. |
| CVE-2023-37238 | 2023-07-06 | Vulnerability of apps' permission to access a certain API being incompletely verified in the wireless projection module. Successful exploitation of this vulnerability may affect some wireless projection features. |
| CVE-2023-37239 | 2023-07-06 | Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program. |
| CVE-2023-37240 | 2023-07-06 | Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read. |
| CVE-2023-37241 | 2023-07-06 | Input verification vulnerability in the WMS API. Successful exploitation of this vulnerability may cause the device to restart. |
| CVE-2023-37242 | 2023-07-06 | Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers may exploit this vulnerability to rewrite the non-volatile random-access memory (NVRAM), or facilitate the exploitation of other... |
| CVE-2023-37245 | 2023-07-06 | Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem. |
| CVE-2023-3456 | 2023-07-06 | Vulnerability of kernel raw address leakage in the hang detector module. Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2023-34164 | 2023-07-06 | Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability. |
| CVE-2022-48507 | 2023-07-06 | Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2022-48509 | 2023-07-06 | Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally. |
| CVE-2022-48510 | 2023-07-06 | Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations. |
| CVE-2022-48511 | 2023-07-06 | Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abnormally. |
| CVE-2021-46892 | 2023-07-06 | Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2022-48513 | 2023-07-06 | Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-bounds access. |
| CVE-2022-48514 | 2023-07-06 | The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confidentiality. |
| CVE-2022-48515 | 2023-07-06 | Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2022-48516 | 2023-07-06 | Vulnerability that a unique value can be obtained by a third-party app in the DSoftBus module. Successful exploitation of this vulnerability will affect confidentiality. |
| CVE-2022-48517 | 2023-07-06 | Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect availability. |
| CVE-2023-1691 | 2023-07-06 | Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally. |
| CVE-2023-1695 | 2023-07-06 | Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally. |
| CVE-2022-48518 | 2023-07-06 | Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to... |
| CVE-2022-48519 | 2023-07-06 | Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality. |
| CVE-2022-48520 | 2023-07-06 | Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality. |
| CVE-2023-35937 | 2023-07-06 | Metersphere missing permission check |
| CVE-2023-35948 | 2023-07-06 | Novu Open Redirect Vulnerability in Sign-In with GitHub Functionality |
| CVE-2023-25582 | 2023-07-06 | Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a... |
| CVE-2023-25583 | 2023-07-06 | Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a... |
| CVE-2023-24019 | 2023-07-06 | A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to a buffer overflow. An attacker can send... |
| CVE-2023-25081 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25082 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25083 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25084 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25085 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25086 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25087 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25088 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25089 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25090 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25091 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25092 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25093 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25094 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25095 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25096 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25097 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25098 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25099 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25100 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25101 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25102 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25103 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25104 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25105 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25106 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25107 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25108 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25109 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25110 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25111 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25112 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25113 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25114 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25115 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25116 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25117 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25118 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25119 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25120 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25121 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25122 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25123 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-25124 | 2023-07-06 | Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to... |
| CVE-2023-24018 | 2023-07-06 | A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can... |
| CVE-2023-22653 | 2023-07-06 | An OS command injection vulnerability exists in the vtysh_ubus tcpdump_start_cb functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to command execution. An authenticated attacker can send... |
| CVE-2023-24595 | 2023-07-06 | An OS command injection vulnerability exists in the ys_thirdparty system_user_script functionality of Milesight UR32L v32.3.0.5. A specially crafted series of network requests can lead to command execution. An attacker can... |
| CVE-2023-22299 | 2023-07-06 | An OS command injection vulnerability exists in the vtysh_ubus _get_fw_logs functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a... |
| CVE-2023-22365 | 2023-07-06 | An OS command injection vulnerability exists in the ys_thirdparty check_system_user functionality of Milesight UR32L v32.3.0.5. A specially crafted set of network packets can lead to command execution. An attacker can... |
| CVE-2023-24582 | 2023-07-06 | Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send... |
| CVE-2023-24583 | 2023-07-06 | Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send... |
| CVE-2023-24519 | 2023-07-06 | Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network... |
| CVE-2023-24520 | 2023-07-06 | Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network... |
| CVE-2023-23546 | 2023-07-06 | A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger... |
| CVE-2023-24496 | 2023-07-06 | Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an... |
| CVE-2023-24497 | 2023-07-06 | Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an... |
| CVE-2023-22371 | 2023-07-06 | An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to command execution. An attacker can send a malicious... |
| CVE-2023-23907 | 2023-07-06 | A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to arbitrary file read. An attacker can send a network... |
| CVE-2023-22319 | 2023-07-06 | A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a malicious packet... |
| CVE-2023-22844 | 2023-07-06 | An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a network request... |
| CVE-2023-22659 | 2023-07-06 | An os command injection vulnerability exists in the libzebra.so change_hostname functionality of Milesight UR32L v32.3.0.5. A specially-crafted network packets can lead to command execution. An attacker can send a sequence... |
| CVE-2023-22306 | 2023-07-06 | An OS command injection vulnerability exists in the libzebra.so bridge_group functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a... |
| CVE-2023-23902 | 2023-07-06 | A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a... |
| CVE-2023-23571 | 2023-07-06 | An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to denial of service. An attacker can send a network... |
| CVE-2023-23547 | 2023-07-06 | A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary file read. An attacker can send... |
| CVE-2023-23550 | 2023-07-06 | An OS command injection vulnerability exists in the ys_thirdparty user_delete functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a... |
| CVE-2023-36830 | 2023-07-06 | SQLFluff vulnerability for users with access to config file, using `library_path` to call arbitrary python code. |
| CVE-2023-36823 | 2023-07-06 | Sanitize vulnerable to Cross-site Scripting via insufficient neutralization of `style` element content |
| CVE-2023-37260 | 2023-07-06 | league/oauth2-server key exposed in exception message when passing as string and providing invalid pass phrase |
| CVE-2023-1298 | 2023-07-06 | ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to... |
| CVE-2023-3528 | 2023-07-06 | ThinuTech ThinuCMS category.php sql injection |