Total
4516 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-34470 | 1 Ami | 1 Aptio V | 2024-11-21 | 6.8 Medium |
| AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability. | ||||
| CVE-2023-34469 | 1 Ami | 1 Aptio V | 2024-11-21 | 4.9 Medium |
| AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network. A successful exploit of this vulnerability may lead to a loss of confidentiality. | ||||
| CVE-2023-34107 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 6.5 Medium |
| GLPI is a free asset and IT management software package. Versions of the software starting with 9.2.0 and prior to 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user, allows access to the view all KnowbaseItems. Version 10.0.8 has a patch for this issue. | ||||
| CVE-2023-34106 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 6.5 Medium |
| GLPI is a free asset and IT management software package. Versions of the software starting with 0.68 and prior to 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user. This allows access to the list of all users and their personal information. Users should upgrade to version 10.0.8 to receive a patch. | ||||
| CVE-2023-33875 | 1 Intel | 10 Killer, Killer Wi-fi 6 Ax1650, Killer Wi-fi 6e Ax1675 and 7 more | 2024-11-21 | 7.1 High |
| Improper access control for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via local access.. | ||||
| CVE-2023-33872 | 1 Intel | 1 Support | 2024-11-21 | 5.5 Medium |
| Improper access control in the Intel Support android application all verions may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2023-33301 | 1 Fortinet | 1 Fortios | 2024-11-21 | 6.5 Medium |
| An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from a non trusted host. | ||||
| CVE-2023-33071 | 1 Qualcomm | 26 Qca6574, Qca6574 Firmware, Qca6574a and 23 more | 2024-11-21 | 8.4 High |
| Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities. | ||||
| CVE-2023-32647 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | 6.8 Medium |
| Improper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-32609 | 1 Intel | 1 Unite | 2024-11-21 | 5 Medium |
| Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2023-32572 | 1 Purestorage | 1 Purity\/\/fa | 2024-11-21 | 6.5 Medium |
| A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection. | ||||
| CVE-2023-32479 | 2 Dell, Microsoft | 4 Encryption, Endpoint Security Suite Enterprise, Security Management Server and 1 more | 2024-11-21 | 6.7 Medium |
| Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by replacing binaries in installed directory and taking reverse shell of the system leading to Privilege Escalation. | ||||
| CVE-2023-32477 | 1 Dell | 1 Common Event Enabler | 2024-11-21 | 7.8 High |
| Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A local low-privileged malicious user may potentially exploit this vulnerability to gain elevated privileges. | ||||
| CVE-2023-32458 | 1 Emc | 1 Appsync | 2024-11-21 | 7.3 High |
| Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. A local malicious user could potentially exploit this vulnerability during installation leading to a privilege escalation. | ||||
| CVE-2023-32333 | 1 Ibm | 1 Maximo Asset Management | 2024-11-21 | 6.5 Medium |
| IBM Maximo Asset Management 7.6.1.3 could allow a remote attacker to log into the admin panel due to improper access controls. IBM X-Force ID: 255073. | ||||
| CVE-2023-32285 | 1 Intel | 134 Compute Element Stk2mv64cc, Compute Element Stk2mv64cc Firmware, Nuc Board Nuc7i3bnb and 131 more | 2024-11-21 | 6 Medium |
| Improper access control in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2023-32279 | 1 Intel | 1 Connectivity Performance Suite | 2024-11-21 | 7.5 High |
| Improper access control in user mode driver for some Intel(R) Connectivity Performance Suite before version 2.1123.214.2 may allow unauthenticated user to potentially enable information disclosure via network access. | ||||
| CVE-2023-32204 | 1 Intel | 1 One Boot Flash Update | 2024-11-21 | 8.8 High |
| Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-32065 | 1 Oroinc | 1 Orocommerce | 2024-11-21 | 5.8 Medium |
| OroCommerce is an open-source Business to Business Commerce application built with flexibility in mind. Detailed Order totals information may be received by Order ID. This issue is patched in version 5.0.11 and 5.1.1. | ||||
| CVE-2023-32064 | 1 Oroinc | 1 Orocommerce | 2024-11-21 | 5 Medium |
| OroCommerce package with customer portal and non authenticated visitor website base features. Back-office users can access information about Customer and Customer User menus, bypassing ACL security restrictions due to insufficient security checks. This issue has been patched in version 5.0.11 and 5.1.1. | ||||