CVE-2023-46765

Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability...

CVE-2023-46765

Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability...

Lenovo Desktops Security Breach

Lenovo Desktops are desktop computers from the Chinese company Lenovo. A security vulnerability exists in Lenovo Desktop that originates from a buffer overflow in the SmuV11DxeVMR module...

IDAttend IDWeb SQL Injection Vulnerability

IDAttend IDWeb is a web-based module from IDAttend, Inc. A security vulnerability exists in IDAttend IDWeb version 3.1.052 and prior versions that stems from an unauthenticated SQL injection in the GetExcursionList method...

IDAttend IDWeb Access Control Error Vulnerability

IDAttend IDWeb is a web-based module from IDAttend, Inc. A security vulnerability exists in IDAttend IDWeb version 3.1.052 and prior versions, which stems from a lack of authentication in the DeleteAssignments method...

CVE-2023-46347

In the module "Step by Step products Pack" ndksteppingpack version 1.5.6 and before from NDK Design for PrestaShop, a guest can perform SQL injection. The method NdkSpack::getPacks has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...

Privilege escalation

Vulnerability of mutual exclusion management in the kernel module.Successful exploitation of this vulnerability will affect availability...

CVE-2023-44106

API permission management vulnerability in the Fwk-Display module.Successful exploitation of this vulnerability may cause features to perform abnormally...

Huawei HarmonyOS Security Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a broadcast privilege control type vulnerability in the Bluetooth module. Successful...

CVE-2023-43663

PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from back office, even with low user right. This allows low privileged users to disable portions of a shops functionality. Commit ce1f6708 addresses this issue and is included i...

Oracle Linux 8 : python27:2.7 (ELSA-2020-1605)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1605 advisory. - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect...

Huawei HarmonyOS Security Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a parameter checking laxity vulnerability in the module. Successful exploitation of thi...

Huawei HarmonyOS Security Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a service hijacking vulnerability in the module. Successful exploitation of this...

CVE-2023-39908

The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory...

Google Wear OS Security Vulnerability

Google Wear OS is a Google-developed operating system from Google, Inc. that is specifically designed for use in smartwatches, smart bands, and other wearable devices. Google Wear OS suffers from a security vulnerability that stems from the presence of uninitialized data in multiple locations of...

Linux kernel resource management error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue found in the siano smsusb module.The error occurs during device initialization wh...

Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2023-252)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-252 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks ...

Oracle Fusion Middleware 安全漏洞

Oracle Fusion Middleware Oracle Fusion Middleware and Oracle WebLogic Server are both products of Oracle Corporation.Oracle Fusion Middleware is a business innovation platform for enterprise and cloud environments. The platform provides middleware, software collections, and more.Oracle WebLogic...

Oracle Virtualization 安全漏洞

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software architecture from applications to disk, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtu...

CVE-2023-37136

A stored cross-site scripting XSS vulnerability in the Basic Website Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...