PT-2023-28534 · Unisoc (Shanghai) Technologies Co. +1 · Sc7731E/Sc9832E/Sc9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 +1

Name of the Vulnerable Software and Affected Versions: Firewall service affected versions not specified Description: The issue concerns a missing permission check in the firewall service, allowing potential local information disclosure without requiring additional execution privileges. This could...

PT-2023-15803 · Wifi · Wifi

Name of the Vulnerable Software and Affected Versions: Wifi service affected versions not specified Description: The issue is related to a possible out of bounds write in the wifi service due to a missing bounds check. This could lead to a local denial of service, and no additional execution...

PT-2023-28566 · Sysui · Sysui

Name of the Vulnerable Software and Affected Versions: sysui affected versions not specified Description: The issue is related to a possible missing permission check in sysui. This could lead to local denial of service with no additional execution privileges needed. Recommendations: At the moment...

PT-2023-28529 · Unisoc (Shanghai) Technologies Co. +1 · Sc7731E/Sc9832E/Sc9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 +1

Name of the Vulnerable Software and Affected Versions: Firewall service affected versions not specified Description: The issue is related to a missing permission check in the firewall service, which could allow writing permission usage records of an app. This may lead to local information...

CVE-2023-49673

A cross-site request forgery CSRF vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password...

PT-2023-35618 · Git +1 · Libxaac

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Global-buffer-overflow READ 4. The crash state involves several functions, including iaace estimate sc...

PT-2023-35615 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: The issue is related to a heap buffer overflow read. Technical details about the crash include the H5O shared decode and H5O dtype shared decode functions, as well as the H5O msg read oh...

PT-2023-27821 · Autodesk · Autodesk

Name of the Vulnerable Software and Affected Versions: Autodesk affected versions not specified Description: The issue allows Autodesk users who no longer have an active license for an account to still access cases for that account. Recommendations: At the moment, there is no information about a...

PT-2023-7107 · Ashlar Vellum · Ashlar-Vellum Cobalt

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this issue, where the...

PT-2023-7085 · Ashlar Vellum · Ashlar-Vellum Argon

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Argon affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Argon. User interaction is required, as the target must visit a malicious...

PT-2023-7189 · Microsoft · Sapi +1

Name of the Vulnerable Software and Affected Versions: Microsoft Speech Application Programming Interface SAPI affected versions not specified Description: The issue is related to insufficient access restrictions in the Speech API SAPI of Windows operating systems. It allows an attacker to elevat...

PT-2023-31538 · Camera · Camera

Name of the Vulnerable Software and Affected Versions: Camera affected versions not specified Description: A flaw has been discovered that allows for authenticated command injection on the camera. An attacker could inject malicious data into request packets to execute commands. Recommendations: A...

libtiff: tiffcrop: null pointer dereference in TIFFClose()

A flaw was found in LibTiff. A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires permissions like /dev/null while specifying zones...

PT-2023-19827 · Core · Core

Name of the Vulnerable Software and Affected Versions: Core affected versions not specified Description: The issue is related to memory corruption in Core due to secure memory access by a user while loading a modem image. Recommendations: At the moment, there is no information about a newer versi...

PT-2023-27332 · Unknown · Demon Image Annotation

Name of the Vulnerable Software and Affected Versions: demon image annotation versions n/a through 5.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

PT-2023-29690 · Unknown · Print Service

Name of the Vulnerable Software and Affected Versions: Print Service affected versions not specified Description: The issue is caused by a logic error in the code of Print Service, allowing for a possible background activity launch. This could lead to local escalation of privilege with no...

PT-2023-25882 · Ping Identity · Pingfederate Identifier First Adapter

Name of the Vulnerable Software and Affected Versions: PingFederate Identifier First Adapter affected versions not specified Description: The issue allows for authentication bypass under a very specific and highly unrecommended configuration in the PingFederate Identifier First Adapter...

Ubuntu 16.04 ESM : Puppet vulnerabilities (USN-4804-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4804-1 advisory. It was discovered that Puppet installed modules with world writable permissions. An attacker could use this vulnerability to execute arbitrary code or...

CVE-2023-5552

A password disclosure vulnerability in the Secure PDF eXchange SPX feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 19.5.3 and older, if the password type is set to “Specified by sender”...

PT-2023-28978 · Eaton · Eaton Easysoft

Name of the Vulnerable Software and Affected Versions: Eaton easySoft affected versions not specified Description: The Eaton easySoft software has a password protection functionality to secure project files from unauthorized access. However, the password was being stored insecurely, allowing...