Vulnerabilities (CVE)

Filtered by CWE-610
Total 158 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-40139 1 Google 1 Android 2024-02-28 N/A 5.5 MEDIUM
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2022-46868 2 Acronis, Microsoft 2 Cyber Protect Home Office, Windows 2024-02-28 N/A 7.8 HIGH
Local privilege escalation during recovery due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173.
CVE-2023-4704 1 Instantcms 1 Instantcms 2024-02-28 N/A 4.9 MEDIUM
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
CVE-2023-35838 2 Microsoft, Wireguard 2 Windows, Wireguard 2024-02-28 N/A 5.7 MEDIUM
The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and services even while the VPN is enabled. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "LocalNet attack resulting in the blocking of traffic" rather than to only WireGuard.
CVE-2023-37856 1 Phoenixcontact 12 Wp 6070-wvps, Wp 6070-wvps Firmware, Wp 6101-wxps and 9 more 2024-02-28 N/A 4.3 MEDIUM
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .
CVE-2023-4089 1 Wago 14 Compact Controller 100, Compact Controller 100 Firmware, Edge Controller and 11 more 2024-02-28 N/A 2.7 LOW
On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected.
CVE-2023-22616 1 Insyde 1 Insydeh2o 2024-02-28 N/A 7.8 HIGH
An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM.
CVE-2023-32076 1 In-toto Project 1 In-toto 2024-02-28 N/A 5.5 MEDIUM
in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the files read is `.in_totorc` which is a hidden file in the directory in which in-toto is run. If an attacker controls the inputs to a supply chain step, they can mask their activities by also passing in an `.in_totorc` file that includes the necessary exclude patterns and settings. RC files are widely used in other systems and security issues have been discovered in their implementations as well. Maintainers found in their conversations with in-toto adopters that `in_totorc` is not their preferred way to configure in-toto. As none of the options supported in `in_totorc` is unique, and can be set elsewhere using API parameters or CLI arguments, the maintainers decided to drop support for `in_totorc`. in-toto's `user_settings` module has been dropped altogether in commit 3a21d84f40811b7d191fa7bd17265c1f99599afd. Users may also sandbox functionary code as a security measure.
CVE-2023-3256 1 Advantech 1 R-seenet 2024-02-28 N/A 8.1 HIGH
Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files.
CVE-2023-21097 1 Google 1 Android 2024-02-28 N/A 7.8 HIGH
In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261858325
CVE-2023-0008 1 Paloaltonetworks 1 Pan-os 2024-02-28 N/A 4.4 MEDIUM
A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.
CVE-2023-33188 1 Omninotes 1 Omni Notes 2024-02-28 N/A 5.5 MEDIUM
Omni-notes is an open source note-taking application for Android. The Omni-notes Android app had an insufficient path validation vulnerability when displaying the details of a note received through an externally-provided intent. The paths of the note's attachments were not properly validated, allowing malicious or compromised applications in the same device to force Omni-notes to copy files from its internal storage to its external storage directory, where they would have become accessible to any component with permission to read the external storage. Updating to the newest version (6.2.7) of Omni-notes Android fixes this vulnerability.
CVE-2023-0045 3 Debian, Linux, Netapp 13 Debian Linux, Linux Kernel, Active Iq Unified Manager and 10 more 2024-02-28 N/A 7.5 HIGH
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall.  The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96
CVE-2022-42733 1 Siemens 1 Syngo Dynamics Cardiovascular Imaging And Information System 2024-02-28 N/A 7.5 HIGH
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper read access control that could allow files to be retrieved from any folder accessible to the account assigned to the website’s application pool.
CVE-2022-42732 1 Siemens 1 Syngo Dynamics Cardiovascular Imaging And Information System 2024-02-28 N/A 7.5 HIGH
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper read access control that could allow files to be retrieved from any folder accessible to the account assigned to the website’s application pool.
CVE-2022-42893 1 Siemens 1 Syngo Dynamics Cardiovascular Imaging And Information System 2024-02-28 N/A 7.5 HIGH
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow to write data in any folder accessible to the account assigned to the website’s application pool.
CVE-2022-3032 1 Mozilla 1 Thunderbird 2024-02-28 N/A 6.5 MEDIUM
When receiving an HTML email that contained an <code>iframe</code> element, which used a <code>srcdoc</code> attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
CVE-2022-42734 1 Siemens 1 Syngo Dynamics Cardiovascular Imaging And Information System 2024-02-28 N/A 7.5 HIGH
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow to write data in any folder accessible to the account assigned to the website’s application pool.
CVE-2022-45918 1 Ilias 1 Ilias 2024-02-28 N/A 6.5 MEDIUM
ILIAS before 7.16 allows External Control of File Name or Path.
CVE-2023-0003 2 Fedoraproject, Paloaltonetworks 2 Fedora, Cortex Xsoar 2024-02-28 N/A 6.5 MEDIUM
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.