CVE-2023-21230

In onAccessPointChanged of AccessPointPreference.java, there is a possible way for unprivileged apps to receive a broadcast about WiFi access point change and its BSSID or SSID due to a precondition c ...

Continue Reading

August 15, 2023

CVE-2023-21231

In getIntentForButton of ButtonManager.java, there is a possible way for an unprivileged application to start a non-exported or permission-protected activity due to a missing permission check. This co ...

Continue Reading

August 15, 2023

CVE-2023-4155

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading

August 15, 2023

CVE-2023-35689

In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privileg ...

Continue Reading

August 15, 2023

CVE-2023-40518

LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers.Read More ...

Continue Reading

August 15, 2023

CVE-2023-40024

ScanCode.io is a server to script and automate software composition analysis pipelines. In the `/license/` endpoint, the detailed view key is not properly validated and sanitized, which can result in ...

Continue Reading

August 14, 2023

CVE-2023-3328

The Custom Field For WP Job Manager WordPress plugin before 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scr ...

Continue Reading

August 14, 2023

CVE-2023-2606

The WP Brutal AI WordPress plugin before 2.06 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks eve ...

Continue Reading

August 14, 2023

1 138 139 140 141 142 3,551

Back to Main
Subscribe for the latest news: