Total
7628 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8001 | 1 Viwis | 2 Learning Management System, Lms | 2025-01-09 | 5.3 Medium |
| A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an unknown function of the component Print Handler. The manipulation leads to missing authorization. It is possible to launch the attack remotely. A user with the role learner can use the administrative print function with an active session before and after an exam slot to access the entire exam including solutions in the web application. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2023-33477 | 1 Harmonicinc | 2 Nsg 9000-6g, Nsg 9000-6g Firmware | 2025-01-08 | 6.5 Medium |
| In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path. | ||||
| CVE-2023-30863 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 7.8 High |
| In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | ||||
| CVE-2022-48448 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 5.5 Medium |
| In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48447 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 5.5 Medium |
| In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48446 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 5.5 Medium |
| In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48392 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 7.8 High |
| In dialer service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | ||||
| CVE-2022-48391 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 5.5 Medium |
| In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2023-33968 | 1 Kanboard | 1 Kanboard | 2025-01-08 | 5.4 Medium |
| Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if they have not been invited or the project is personal. The vulnerable features are `Duplicate to project` and `Move to project`, which both utilize the `checkDestinationProjectValues()` function to check his values. This issue has been addressed in version 1.2.30. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-33970 | 1 Kanboard | 1 Kanboard | 2025-01-08 | 5.4 Medium |
| Kanboard is open source project management software that focuses on the Kanban methodology. A vulnerability related to a `missing access control` was found, which allows a User with the lowest privileges to leak all the tasks and projects titles within the software, even if they are not invited or it's a personal project. This could also lead to private/critical information being leaked if such information is in the title. This issue has been addressed in version 1.2.30. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-30915 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 5.5 Medium |
| In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
| CVE-2023-30914 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 5.5 Medium |
| In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
| CVE-2023-30866 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 5.5 Medium |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
| CVE-2023-30865 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 5.5 Medium |
| In dialer service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
| CVE-2023-30864 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-08 | 7.8 High |
| In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | ||||
| CVE-2022-48445 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 5.9 Medium |
| In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48444 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 5.9 Medium |
| In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48443 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 5.9 Medium |
| In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48442 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 6.2 Medium |
| In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-48441 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 6.2 Medium |
| In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||