12 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-23963
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over...
CVE-2025-23963
Missing Authorization vulnerability in flymke Mark Posts mark-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through = 2.2.4...
CVE-2024-23963
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2024-23963
creationtimestamp| type| source ---|---|--- 2025-01-31 00:12:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113920073765596202 2025-01-31 00:17:07+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgypvcfiax2f 2025-01-31 00:17:46+00:00| seen|...
CVE-2024-23963 Alpine Halo9 Stack-based Buffer Overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2024-23963 Alpine Halo9 Stack-based Buffer Overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2024-23963
CVE-2024-23963 concerns Alpine Halo9 devices. The flaw is in the PBAP_DecodeVCARD function where insufficient validation of user-supplied data length before copying to a stack-based buffer allows a network-adjacent attacker who can pair a malicious Bluetooth device to execute code with root privi...
CVE-2025-23963
CVE-2025-23963 is a Missing Authorization vulnerability affecting Mark Posts (WordPress plugin) versions up to 2.2.3. The initial description notes exploitation of incorrectly configured access control security levels. CVSSv3.1 base score is 5.4 (Medium). Public details in connected Red Hat entry...
CVE-2021-23963
creationtimestamp| type| source ---|---|--- 2021-02-26 07:38:45+00:00| seen| https://t.me/cibsecurity/24210...
CVE-2021-23963
When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox 85...
CVE-2021-23963
CVE-2021-23963 affects Mozilla Firefox and relates to the WebRTC geolocation sharing flow. The issue occurs when sharing geolocation during an active WebRTC share, where the UI could reset the WebRTC sharing state, causing loss of control over the currently granted permission. Affected products/v...
[ASA-202102-1] firefox: multiple issues
Arch Linux Security Advisory ASA-202102-1 ========================================= Severity: High Date : 2021-02-01 CVE-ID : CVE-2021-23953 CVE-2021-23954 CVE-2021-23955 CVE-2021-23956 CVE-2021-23958 CVE-2021-23960 CVE-2021-23961 CVE-2021-23962 CVE-2021-23963 CVE-2021-23964 CVE-2021-23965 Packag...