|
2621
|
6.7 |
MEDIUM
Local
|
mediatek
google
|
iot_yocto
android
|
In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed fo…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2023-32828
|
2024-09-22 01:35 |
2023-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2622
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interac…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-32827
|
2024-09-22 01:35 |
2023-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2623
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interac…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-32826
|
2024-09-22 01:35 |
2023-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2624
|
9.8 |
CRITICAL
Network
mediatek
|
lr11
lr12a
lr13
nr15
nr16
nr17
|
In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User inte…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20819
|
2024-09-22 01:35 |
2023-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2625
|
7.5 |
HIGH
Network
ibm
|
maximo_application_suite
|
IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man i…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-37068
|
2024-09-21 19:15 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2626
|
8.2 |
HIGH
Network
|
ibm
|
security_verify_access_docker
security_verify_access
|
IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit …
|
CWE-601
Open Redirect
|
CVE-2024-35133
|
2024-09-21 19:15 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2627
|
8.1 |
HIGH
Network
|
ibm
|
app_connect_enterprise_certified_container
|
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in run…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2022-43915
|
2024-09-21 19:15 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2628
|
6.5 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a remote attacker to obtain sensitive information when a detailed technical…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2023-47728
|
2024-09-21 19:15 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2629
|
5.5 |
MEDIUM
Local
|
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-F…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-25024
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2630
|
6.5 |
MEDIUM
Network
|
ibm
|
db2
|
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default con…
|
NVD-CWE-noinfo
|
CVE-2024-35136
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
