Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2023-42535
Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS Score
8.4
EPSS Score
0.001
Published
2023-11-07
CVE-2023-42533
Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in Kernel.
CVSS Score
6.6
EPSS Score
0.001
Published
2023-11-07
CVE-2023-42531
Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background.
CVSS Score
6.2
EPSS Score
0.0
Published
2023-11-07
CVE-2023-42532
Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information.
CVSS Score
5.9
EPSS Score
0.003
Published
2023-11-07
CVE-2023-42530
Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction.
CVSS Score
6.7
EPSS Score
0.002
Published
2023-11-07
CVE-2023-42528
Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-11-07
CVE-2023-42529
Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-11-07
CVE-2023-42283
Blind SQL injection in api_id parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query.
CVSS Score
9.8
EPSS Score
0.053
Published
2023-11-07
CVE-2023-42284
Blind SQL injection in api_version parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query.
CVSS Score
9.8
EPSS Score
0.046
Published
2023-11-07
CVE-2023-42527
Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information.
CVSS Score
5.6
EPSS Score
0.0
Published
2023-11-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved