Skip to main content
CVE-2023-24625 MEDIUM POC This Month

Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Faveo Servicedesk
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-28435 MEDIUM POC This Month

Dataease is an open source data visualization and analysis tool. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload XSS Dataease
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-28443 MEDIUM POC PATCH This Month

Directus is a real-time API and App dashboard for managing SQL database content. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Directus
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-27242 MEDIUM POC This Month

SourceCodester Loan Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Type parameter under the Edit Loan Types module. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Loan Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-1616 MEDIUM POC This Month

A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Teacms
NVD VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-20926 MEDIUM PATCH This Month

In onParentVisible of HeaderPrivacyIconsController.kt, there is a possible way to bypass factory reset protections due to a missing permission check. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Privilege Escalation Google Authentication Bypass Android
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2023-21079 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21078 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21077 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21076 MEDIUM This Month

In createTransmitFollowupRequest of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21075 MEDIUM This Month

In get_svc_hash of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21073 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21072 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21071 MEDIUM This Month

In dhd_prot_ioctcmplt_process of dhd_msgbuf.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21070 MEDIUM This Month

In add_roam_cache_list of wl_roam.c, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21069 MEDIUM This Month

In wl_update_hidden_ap_ie of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21065 MEDIUM This Month

In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21064 MEDIUM This Month

In DoSetPinControl of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21063 MEDIUM This Month

In ParseWithAuthType of simdata.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21062 MEDIUM This Month

In DoSetTempEcc of imsservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21056 MEDIUM This Month

In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type confusion. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21052 MEDIUM This Month

In setToExternal of ril_external_client.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21051 MEDIUM This Month

In dwc3_exynos_clk_get of dwc3-exynos.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Privilege Escalation Samsung Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21050 MEDIUM This Month

In load_png_image of ExynosHWCHelper.cpp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21043 MEDIUM This Month

In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Use After Free Privilege Escalation Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21042 MEDIUM This Month

In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Use After Free Privilege Escalation Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21038 MEDIUM This Month

In cs40l2x_cp_trigger_queue_show of cs40l2x.c, there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Google Use After Free Privilege Escalation +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21020 MEDIUM PATCH This Month

In registerSignalHandlers of main.c, there is a possible local arbitrary code execution due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Google Use After Free Privilege Escalation RCE +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21018 MEDIUM PATCH This Month

In UnwindingWorker of unwinding.cc, there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Google Use After Free Privilege Escalation +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20994 MEDIUM PATCH This Month

In _ufdt_output_property_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21055 MEDIUM This Month

In dit_hal_ioctl of dit.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Denial Of Service Google Use After Free Privilege Escalation Memory Corruption +1
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-1583 MEDIUM PATCH This Month

A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Null Pointer Dereference Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-21036 MEDIUM This Month

In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-21033 MEDIUM PATCH This Month

In addNetwork of WifiManager.java, there is a possible way to trigger a persistent DoS due to resource exhaustion. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21029 MEDIUM PATCH This Month

In register of UidObserverController.java, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Information Disclosure Google Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21026 MEDIUM PATCH This Month

In updateInputChannel of WindowManagerService.java, there is a possible way to set a touchable region beyond its own SurfaceControl due to a logic error in the code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21019 MEDIUM PATCH This Month

In ih264e_init_proc_ctxt of ih264e_process.c, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21016 MEDIUM PATCH This Month

In AccountTypePreference of AccountTypePreference.java, there is a possible way to mislead the user about accounts installed on the device due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20999 MEDIUM PATCH This Month

In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20998 MEDIUM PATCH This Month

In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20997 MEDIUM PATCH This Month

In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20996 MEDIUM PATCH This Month

In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20980 MEDIUM This Month

In btu_ble_ll_conn_param_upd_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20979 MEDIUM This Month

In GetNextSourceDataPacket of bta_av_co.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20974 MEDIUM This Month

In btm_ble_add_resolving_list_entry_complete of btm_ble_privacy.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20973 MEDIUM This Month

In btm_create_conn_cancel_complete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20972 MEDIUM This Month

In btm_vendor_specific_evt of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20962 MEDIUM This Month

In getSliceEndItem of MediaVolumePreferenceController.java, there is a possible way to start foreground activity from the background due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20952 MEDIUM PATCH This Month

In A2DP_BuildCodecHeaderSbc of a2dp_sbc.cc, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20929 MEDIUM PATCH This Month

In sendHalfSheetCancelBroadcast of HalfSheetActivity.java, there is a possible way to learn nearby BT MAC addresses due to an unrestricted broadcast intent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy