CVEs Today
Latest Information on Common Vulnerabilities and Exposures (CVEs)
Last updated: September 16, 2025. 01:21:16
click on an item for more info;
| ID | Description | Modified | References |
|---|---|---|---|
| CVE-2022-44420 | In modem, there is a possible missing verification of HashMME value in Security Mode Command. This could local denial of service with no additional execution privileges. | May 12, 2023. 15:25:00 | [www.unisoc.com] |
| CVE-2023-1383 | An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3. | May 12, 2023. 15:23:00 | [www.bitdefender.com] |
| CVE-2023-23867 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gautam Thapar Button Builder – Buttons X plugin <= 0.8.6 versions. | May 12, 2023. 15:15:00 | [patchstack.com] |
| CVE-2023-29242 | Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access. | May 12, 2023. 15:15:00 | [www.intel.com] |
| CVE-2023-30763 | Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access. | May 12, 2023. 15:15:00 | [www.intel.com] |
| CVE-2023-30768 | Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access. | May 12, 2023. 15:15:00 | [www.intel.com] |
| CVE-2023-31197 | Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access. | May 12, 2023. 15:15:00 | [www.intel.com] |
| CVE-2023-31199 | Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access. | May 12, 2023. 15:15:00 | [www.intel.com] |
| CVE-2023-2575 | Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request. | May 12, 2023. 14:59:00 | [www.advantech.com][www.advantech.com] |
| CVE-2023-2573 | Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the NTP server input field, which can be triggered by authenticated users via a crafted POST request. | May 12, 2023. 14:58:00 | [www.advantech.com][www.advantech.com] |
| CVE-2023-2574 | Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the device name input field, which can be triggered by authenticated users via a crafted POST request. | May 12, 2023. 14:58:00 | [www.advantech.com][www.advantech.com] |
| CVE-2022-48375 | In contacts service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | May 12, 2023. 14:55:00 | [www.unisoc.com] |
| CVE-2022-48377 | In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | May 12, 2023. 14:51:00 | [www.unisoc.com] |
| CVE-2023-21665 | Memory corruption in Graphics while importing a file. | May 12, 2023. 14:50:00 | [www.qualcomm.com] |
| CVE-2022-48376 | In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | May 12, 2023. 14:50:00 | [www.unisoc.com] |
| CVE-2022-48380 | In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | May 12, 2023. 14:49:00 | [www.unisoc.com] |
| CVE-2023-2564 | OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0. | May 12, 2023. 14:43:00 | [github.com][huntr.dev] |
| CVE-2023-32290 | The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is expected by a server. | May 12, 2023. 14:35:00 | [mailbox.org][news.ycombinator.com] |
| CVE-2022-48379 | In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | May 12, 2023. 14:33:00 | [www.unisoc.com] |
| CVE-2023-31806 | Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function. | May 12, 2023. 14:31:00 | [chamilo.com][support.chamilo.org] |
Page 3 of 41