CVE-2023-45110

CVE-2023-45110 concerns Bold Timeline Lite (WordPress plugin) with a Missing Authorization/Broken Access Control vulnerability present up to version

CVE-2023-45271

The CVE-2023-45271 entry concerns the WordPress plugin ProductX – Gutenberg WooCommerce Blocks (

CVE-2023-45104

CVE-2023-45104 describes a Missing Authorization vulnerability in the WPDeveloper BetterLinks plugin, affecting versions

CVE-2023-45101

CVE-2023-45101 affects CusRev Customer Reviews for WooCommerce (WordPress) up to version 5.36.0. The issue is described as Missing Authorization / Broken Access Control, arising from incorrectly configured access control security levels. Connected sources indicate a low-severity impact (CVSS 4.3,...

CVE-2023-45045

CVE-2023-45045 concerns the WP Custom Widget area plugin for WordPress (versions up to and including 1.2.5). The issue is a Missing Authorization (Broken Access Control) vulnerability that arises from incorrectly configured access control security levels, enabling improper access by users with su...

CVE-2023-48775

CVE-2023-48775 affects the WordPress WP Cleanfix plugin, specifically versions through 5.6.2. The root cause is a Missing Authorization / Broken Access Control vulnerability in the plugin’s access checks, enabling exploitation due to incorrectly configured security levels. The CVSSv3.1 base score...

CVE-2024-56590

A use-after-free vulnerability was found in the Linux kernel. The Bluetooth firmware isn't checked if skb contains an ACL header, otherwise the code may attempt to access some uninitialized or invalid memory past the valid skb-data. Mitigation Mitigation for this issue is either not available or...

CVE-2022-48470

CVE-2022-48470 affects Huawei HiLink AI Life; an identity authentication bypass could allow attackers to access restricted functions. This is associated with HWPSIRT-2022-42291. Documents identify the affected product and vulnerability class but do not provide explicit patch versions or detailed ...

CVE-2020-1823

CVE-2020-1823 relates to multiple out-of-bounds (OOB) read vulnerabilities in Huawei devices’ Common Open Policy Service (COPS) protocol implementation. The issue arises from the decoding function processing incoming data packets, potentially enabling disruption of service on affected devices. Th...

CVE-2020-9253

CVE-2020-9253 corresponds to a Huawei stack-overflow vulnerability in certain Huawei smartphones (HWPSIRT-2019-11030). The issue allows an attacker to craft a specific packet to tamper with information and impact availability due to insufficient input verification. Documented impact is availabili...

CVE-2020-9236

Huawei FusionCompute is affected by CVE-2020-9236 (improper interface design). The vulnerability stems from a design flaw in the module interface that can allow attackers to perform malicious operations and compromise the module service. Affected product/version: Huawei FusionCompute, with versio...

CVE-2020-9222

CVE-2020-9222 affects Huawei FusionCompute. The vulnerability is a privilege-escalation issue caused by insufficient verification of specific files during deserialization, enabling local attackers to elevate permissions. Affected product/component: Huawei FusionCompute; root cause: improper deser...

CVE-2020-9211

CVE-2020-9211 refers to an out-of-bounds read/write vulnerability in Huawei smartphones. The issue arises because a module does not sufficiently verify input, enabling denial of service through crafted configuration changes. Affected product: Huawei smartphone software; root cause: inadequate inp...

CVE-2020-9082

CVE-2020-9082 is described across multiple sources as an information-disclosure vulnerability in smartphones caused by a logic-judgment error that, if an attacker gains ADB access, enables operations on the device and access to data from apps protected by Applock. The core impact is information e...

CVE-2020-9081

CVE-2020-9081 affects Huawei smartphones with an improper authorization vulnerability that could allow bypassing app lock when performing a series of operations in a specific mode. The issue is associated with HWPSIRT-2019-12144. Public documents describe the affected product class as Huawei smar...

CVE-2020-9080

CVE-2020-9080 affects Huawei smartphone products. The issue is an improper privilege management vulnerability allowing a local, authenticated attacker to craft specific input to achieve local privilege escalation. CVSSv3.1 base score 7.8 (HIGH) with LOCAL attack vector, LOW attack complexity, LOW...

CVE-2022-21505

CVE-2022-21505: In the Linux kernel IMA, enabling appraisal with ima_appraise=log can bypass lockdown on systems where Secure Boot is disabled or unavailable. IMA blocks ima_appraise=log via boot params when Secure Boot is enabled, but this protection does not cover lockdown used without Secure B...

CVE-2022-21505

In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...

CVE-2022-32203

CVE-2022-32203 describes a command-injection vulnerability in Huawei terminal printer products. The issue allows high-privilege code execution on the printer after exploitation over the network (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base 9.8). The root cause is described as insufficient...

CVE-2022-32144

CVE-2022-32144 concerns Huawei’s Huawei CV81-WDM FW with an Insufficient Input Validation vulnerability. The core issue is input validation failing in Huawei products, enabling potential network-based abuse that could cause service abnormality. CNVD/ CNNVD/PTSecurity references identify Huawei CV...