Total
34393 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-39400 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.1 Critical |
| Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. | ||||
| CVE-2023-39399 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.1 Critical |
| Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. | ||||
| CVE-2023-39398 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.1 Critical |
| Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. | ||||
| CVE-2023-39395 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-39394 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability of API privilege escalation in the wifienhance module. Successful exploitation of this vulnerability may cause the arp list to be modified. | ||||
| CVE-2023-39391 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2023-39387 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 5.3 Medium |
| Vulnerability of permission control in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows. | ||||
| CVE-2023-39385 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.1 Critical |
| Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access. | ||||
| CVE-2023-39337 | 1 Ivanti | 1 Endpoint Manager Mobile | 2024-11-21 | 9.1 Critical |
| A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with knowledge of an enrolled device identifier to access and extract sensitive information, including device and environment configuration details, as well as secrets. This vulnerability poses a serious security risk, potentially exposing confidential data and system integrity. | ||||
| CVE-2023-39335 | 1 Ivanti | 1 Endpoint Manager Mobile | 2024-11-21 | 9.8 Critical |
| A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potential misuse of user accounts and resources. | ||||
| CVE-2023-39291 | 1 Mitel | 1 Mivoice Connect | 2024-11-21 | 4.9 Medium |
| A vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information. | ||||
| CVE-2023-39290 | 1 Mitel | 1 Mivoice Connect | 2024-11-21 | 4.9 Medium |
| A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information. | ||||
| CVE-2023-39289 | 1 Mitel | 1 Mivoice Connect | 2024-11-21 | 7.5 High |
| A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information. | ||||
| CVE-2023-39284 | 1 Insyde | 1 Insydeh2o | 2024-11-21 | 5.5 Medium |
| An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler. | ||||
| CVE-2023-39267 | 2 Arubanetworks, Hpe | 11 Aruba 2530, Aruba 2530ya, Aruba 2530yb and 8 more | 2024-11-21 | 6.6 Medium |
| An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Successful exploitation results in a Denial-of-Service (DoS) condition in the switch. | ||||
| CVE-2023-39251 | 1 Dell | 26 Inspiron 7510, Inspiron 7510 Firmware, Inspiron 7610 and 23 more | 2024-11-21 | 6.7 Medium |
| Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system. | ||||
| CVE-2023-39228 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 5.3 Medium |
| Improper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2023-39221 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 5.4 Medium |
| Improper access control for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access. | ||||
| CVE-2023-39217 | 1 Zoom | 2 Meeting Software Development Kit, Video Software Development Kit | 2024-11-21 | 5.3 Medium |
| Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access. | ||||
| CVE-2023-39216 | 1 Zoom | 1 Zoom | 2024-11-21 | 9.6 Critical |
| Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access. | ||||