ReportizFlow
Filtered by vendor
Subscriptions
Total
4649 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-30969 | 1 Palantir | 1 Tiles | 2024-11-21 | 8.2 High |
| The Palantir Tiles1 service was found to be vulnerable to an API wide issue where the service was not performing authentication/authorization on all the endpoints. | ||||
| CVE-2023-2979 | 1 Abstrium | 1 Pydio Cells | 2024-11-21 | 4.7 Medium |
| A vulnerability classified as critical has been found in Abstrium Pydio Cells 4.2.0. This affects an unknown part of the component User Creation Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.2.1 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230211. | ||||
| CVE-2023-2903 | 1 Nfine | 1 Nfine Rapid Development Platform | 2024-11-21 | 4.3 Medium |
| A vulnerability classified as problematic has been found in NFine Rapid Development Platform 20230511. This affects an unknown part of the file /SystemManage/Role/GetGridJson?keyword=&page=1&rows=20. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229977 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-2902 | 1 Nfine Rapid Development Platform Project | 1 Nfine Rapid Development Platform | 2024-11-21 | 4.3 Medium |
| A vulnerability was found in NFine Rapid Development Platform 20230511. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /SystemManage/Organize/GetTreeGridJson?_search=false&nd=1681813520783&rows=10000&page=1&sidx=&sord=asc. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229976. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-2861 | 1 Qemu | 1 Qemu | 2024-11-21 | 6 Medium |
| A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder. | ||||
| CVE-2023-2670 | 1 Oretnom23 | 1 Lost And Found Information System | 2024-11-21 | 6.3 Medium |
| A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/?page=user/manage_user. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228886 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-29157 | 1 Intel | 1 One Boot Flash Update | 2024-11-21 | 8.4 High |
| Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28715 | 1 Intel | 1 Oneapi | 2024-11-21 | 5 Medium |
| Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.2 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-28714 | 3 Intel, Intel Proset Wireless Wifi Software For Windows, Microsoft | 3 Proset\/wireless Wifi, Intel Proset Wireless Wifi Software For Windows, Windows | 2024-11-21 | 8.2 High |
| Improper access control in firmware for some Intel(R) PROSet/Wireless WiFi software for Windows before version 22.220 HF (Hot Fix) may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28397 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | 7.8 High |
| Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalation of privileges via local access. | ||||
| CVE-2023-28372 | 1 Purestorage | 1 Purity | 2024-11-21 | 6.5 Medium |
| A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object’s retention period can affect the availability of the object lock. | ||||
| CVE-2023-27879 | 1 Intel | 8 Optane Memory H20 With Solid State Storage, Optane Memory H20 With Solid State Storage Firmware, Optane Ssd 905p and 5 more | 2024-11-21 | 6.8 Medium |
| Improper access control in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticated user to potentially enable information disclosure via physical access. | ||||
| CVE-2023-27509 | 1 Intel | 1 Ispc Software Installer | 2024-11-21 | 6.6 Medium |
| Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access. | ||||
| CVE-2023-27391 | 1 Intel | 29 Advisor For Oneapi, Cpu Runtime For Opencl Applications, Distribution For Python Programming Language and 26 more | 2024-11-21 | 6.7 Medium |
| Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-27303 | 1 Intel | 1 Thunderbolt Dch Driver | 2024-11-21 | 3.8 Low |
| Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2023-27301 | 1 Intel | 1 Thunderbolt Dch Driver | 2024-11-21 | 4.2 Medium |
| Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-26596 | 1 Intel | 1 Thunderbolt Dch Driver | 2024-11-21 | 2.5 Low |
| Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-26585 | 1 Intel | 1 Thunderbolt Dch Driver | 2024-11-21 | 5 Medium |
| Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-26347 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 7.5 High |
| Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction. | ||||
| CVE-2023-25777 | 1 Intel | 1 Thunderbolt Dch Driver | 2024-11-21 | 7.9 High |
| Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||