Show filters
218 Total Results
Displaying 61-70 of 218
Sort by:
Attacker Value
Unknown

CVE-2023-37513

Disclosure Date: August 11, 2023 (last updated October 08, 2023)
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-37512

Disclosure Date: August 11, 2023 (last updated October 08, 2023)
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-37511

Disclosure Date: August 11, 2023 (last updated October 08, 2023)
If certain App Transport Security (ATS) settings are set in a certain manner, insecure loading of web content can be achieved.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-23342

Disclosure Date: August 10, 2023 (last updated October 08, 2023)
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented. 
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-23347

Disclosure Date: August 09, 2023 (last updated October 08, 2023)
HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-23346

Disclosure Date: August 09, 2023 (last updated October 08, 2023)
HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-37501

Disclosure Date: August 03, 2023 (last updated October 08, 2023)
A Persistent XSS vulnerability can be carried out in a certain field of Unica Campaign.  An attacker could hijack a user's session and perform other attacks.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-37500

Disclosure Date: August 03, 2023 (last updated October 08, 2023)
A Persistent Cross-site Scripting (XSS) vulnerability can be carried out on certain pages of Unica Platform.  An attacker could hijack a user's session and perform other attacks.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-37499

Disclosure Date: August 03, 2023 (last updated October 08, 2023)
A Persistent Cross-site Scripting (XSS) vulnerability can be carried out in a certain field of the Unica Platform.  An attacker could hijack a user's session and perform other attacks.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-37498

Disclosure Date: August 03, 2023 (last updated October 08, 2023)
A user is capable of assigning him/herself to arbitrary groups by reusing a POST request issued by an administrator.  It is possible that an attacker could potentially escalate their privileges.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous  Next >