CVEs Today
Latest Information on Common Vulnerabilities and Exposures (CVEs)
Last updated: May 31, 2023. 01:20:03
click on an item for more info;
| ID | Description | Modified | References |
|---|---|---|---|
| CVE-2023-31475 | An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer. | May 11, 2023. 13:36:00 | [github.com][www.gl-inet.com] |
| CVE-2023-31445 | Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users. | May 11, 2023. 13:36:00 | [github.com][www.cassianetworks.com] |
| CVE-2023-0857 | Unintentional change of settings during initial registration of system administrators which uses control protocols. The affected Office / Small Office Multifunction Printers and Laser Printers(*) may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | May 11, 2023. 13:36:00 | [canon.jp][psirt.canon] |
| CVE-2023-0858 | Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | May 11, 2023. 13:36:00 | [canon.jp][psirt.canon] |
| CVE-2023-0859 | Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*). *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | May 11, 2023. 13:36:00 | [canon.jp][psirt.canon] |
| CVE-2023-23536 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges | May 11, 2023. 06:56:00 | [support.apple.com][support.apple.com] |
| CVE-2023-23537 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to read sensitive location information | May 11, 2023. 06:56:00 | [support.apple.com][support.apple.com] |
| CVE-2023-23523 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup | May 11, 2023. 06:55:00 | [support.apple.com][support.apple.com] |
| CVE-2023-23527 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. A user may gain access to protected parts of the file system | May 11, 2023. 06:55:00 | [support.apple.com][support.apple.com] |
| CVE-2023-23525 | This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to gain root privileges | May 11, 2023. 06:54:00 | [support.apple.com][support.apple.com] |
| CVE-2023-23526 | This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper | May 11, 2023. 06:54:00 | [support.apple.com][support.apple.com] |
| CVE-2023-23534 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory | May 11, 2023. 06:54:00 | [support.apple.com][support.apple.com] |
| CVE-2022-48248 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | May 11, 2023. 06:54:00 | [www.unisoc.com] |
| CVE-2022-48369 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | May 11, 2023. 06:53:00 | [www.unisoc.com] |
| CVE-2022-48231 | In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | May 11, 2023. 06:53:00 | [www.unisoc.com] |
| CVE-2022-48232 | In FM service , there is a possible missing params check. This could lead to local denial of service in FM service . | May 11, 2023. 06:53:00 | [www.unisoc.com] |
| CVE-2022-48242 | In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges. | May 11, 2023. 06:53:00 | [www.unisoc.com] |
| CVE-2022-48243 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | May 11, 2023. 06:53:00 | [www.unisoc.com] |
| CVE-2022-48245 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | May 11, 2023. 06:53:00 | [www.unisoc.com] |
| CVE-2022-48249 | In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | May 11, 2023. 06:53:00 | [www.unisoc.com] |
Page 114 of 129
