Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-32268 |
Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators. Published: December 06, 2023; 9:15:07 AM -0500 |
V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2023-6514 |
The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions. Successful exploitation of this vulnerability may allow attackers to access restricted functions. Published: December 06, 2023; 4:15:09 AM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-6459 |
Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID, the public /metrics endpoint is revealing channelIDs. Published: December 06, 2023; 4:15:09 AM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-6458 |
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-6273 |
Permission management vulnerability in the module for disabling Sound Booster. Successful exploitation of this vulnerability may cause features to perform abnormally. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-49248 |
Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-49247 |
Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-49246 |
Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-49245 |
Unauthorized access vulnerability in the Huawei Share module. Successful exploitation of this vulnerability may affect service confidentiality. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-49244 |
Permission management vulnerability in the multi-user module. Successful exploitation of this vulnerability may affect service confidentiality. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-49243 |
Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-49242 |
Free broadcast vulnerability in the running management module. Successful exploitation of this vulnerability may affect service confidentiality. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-49241 |
API permission control vulnerability in the network management module. Successful exploitation of this vulnerability may affect service confidentiality. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-49240 |
Unauthorized access vulnerability in the launcher module. Successful exploitation of this vulnerability may affect service confidentiality. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-49239 |
Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-46773 |
Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-46688 |
Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-45210 |
Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-44113 |
Vulnerability of missing permission verification for APIs in the Designed for Reliability (DFR) module. Successful exploitation of this vulnerability may affect service confidentiality. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-44099 |
Vulnerability of data verification errors in the kernel module. Successful exploitation of this vulnerability may cause WLAN interruption. Published: December 06, 2023; 4:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |