Filtered by CWE-755
Filtered by vendor Subscriptions
Total 550 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-23774 1 Motorola 5 Ebts Mbts Base Radio, Ebts Site Controller, Ebts Site Controller Firmware and 2 more 2024-11-21 8.4 High
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device.
CVE-2023-22292 4 Apple, Google, Intel and 1 more 4 Iphone Os, Android, Unison Software and 1 more 2024-11-21 7.3 High
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-21409 1 Axis 1 License Plate Verifier 2024-11-21 8.4 High
Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application.
CVE-2023-21408 1 Axis 1 License Plate Verifier 2024-11-21 8.4 High
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials that are used in the integration interface towards 3rd party systems.
CVE-2023-20243 1 Cisco 1 Identity Services Engine 2024-11-21 8.6 High
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RADIUS accounting requests. An attacker could exploit this vulnerability by sending a crafted authentication request to a network access device (NAD) that uses Cisco ISE for authentication, authorization, and accounting (AAA). This would eventually result in the NAD sending a RADIUS accounting request packet to Cisco ISE. An attacker could also exploit this vulnerability by sending a crafted RADIUS accounting request packet to Cisco ISE directly if the RADIUS shared secret is known. A successful exploit could allow the attacker to cause the RADIUS process to unexpectedly restart, resulting in authentication or authorization timeouts and denying legitimate users access to the network or service. Clients already authenticated to the network would not be affected. Note: To recover the ability to process RADIUS packets, a manual restart of the affected Policy Service Node (PSN) may be required. For more information, see the Details ["#details"] section of this advisory.
CVE-2022-48619 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 5.5 Medium
An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.
CVE-2022-3175 1 Ikus-soft 1 Rdiffweb 2024-11-21 5.3 Medium
Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2.
CVE-2022-39872 1 Samsung 1 Sharelive 2024-11-21 5.9 Medium
Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device.
CVE-2022-36923 1 Zohocorp 7 Manageengine Firewall Analyzer, Manageengine Netflow Analyzer, Manageengine Network Configuration Manager and 4 more 2024-11-21 7.5 High
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.
CVE-2022-36874 1 Samsung 1 Galaxy Watch Plugin 2024-11-21 5.9 Medium
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number.
CVE-2022-36287 1 Intel 1 Field Programmable Gate Array Crypto Service Server 2024-11-21 4 Medium
Uncaught exception in the FCS Server software maintained by Intel before version 1.1.79.3 may allow a privileged user to potentially enable denial of service via physical access.
CVE-2022-35295 1 Sap 1 Host Agent 2024-11-21 4.9 Medium
In SAP Host Agent (SAPOSCOL) - version 7.22, an attacker may use files created by saposcol to escalate privileges for themselves.
CVE-2022-34643 1 Riscv 1 Spike Risc-v Isa Simulator 2024-11-21 5.5 Medium
RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 implements the incorrect exception priotrity when accessing memory.
CVE-2022-34641 2 Boom-core, Openhwgroup 2 Riscvc-boom, Cva6 2024-11-21 5.5 Medium
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMP violation occurs during address translation.
CVE-2022-34639 1 Openhwgroup 1 Cva6 2024-11-21 5.5 Medium
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a treats non-standard fence instructions as illegal which can affect the function of the application.
CVE-2022-34637 1 Openhwgroup 1 Cva6 2024-11-21 5.5 Medium
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a implements an incorrect exception type when an illegal virtual address is loaded.
CVE-2022-34636 1 Openhwgroup 1 Cva6 2024-11-21 5.5 Medium
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMA violation occurs during address translation.
CVE-2022-34634 1 Openhwgroup 1 Cva6 2024-11-21 5.5 Medium
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted det instructions rather create an exception.
CVE-2022-34633 1 Openhwgroup 1 Cva6 2024-11-21 5.5 Medium
CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted sfence.vma instructions rather create an exception.
CVE-2022-34368 1 Dell 1 Emc Networker 2024-11-21 6.1 Medium
Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources.