Show filters
129 Total Results
Displaying 51-60 of 129
Sort by:
Attacker Value
Unknown

CVE-2023-34373

Disclosure Date: June 19, 2023 (last updated October 08, 2023)
Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.93 versions.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-22892

Disclosure Date: March 08, 2023 (last updated October 08, 2023)
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-22891

Disclosure Date: March 08, 2023 (last updated October 08, 2023)
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-22890

Disclosure Date: March 08, 2023 (last updated October 08, 2023)
SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-22889

Disclosure Date: March 08, 2023 (last updated October 08, 2023)
SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-3329

Disclosure Date: February 25, 2023 (last updated October 08, 2023)
Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-3806

Disclosure Date: January 18, 2023 (last updated October 08, 2023)
Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-0397

Disclosure Date: January 18, 2023 (last updated October 08, 2023)
A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in le_read_buffer_size_complete.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-0396

Disclosure Date: January 18, 2023 (last updated October 08, 2023)
A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-2993

Disclosure Date: December 09, 2022 (last updated October 08, 2023)
There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >