Security Vulnerabilities - CVEs Published In November 2023
Cryptographic issue in HLOS during key management.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-11-07
Information disclosure in IOE Firmware while handling WMI command.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-11-07
Information disclosure in WLAN HAL while handling the WMI state info command.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-11-07
Information disclosure in WLAN HAL when reception status handler is called.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-11-07
Memory Corruption in Core during syscall for Sectools Fuse comparison feature.
CVSS Score
9.3
EPSS Score
0.001
Published
2023-11-07
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-11-07
Memory Corruption in Core due to secure memory access by user while loading modem image.
CVSS Score
8.4
EPSS Score
0.001
Published
2023-11-07
Memory corruption in TZ Secure OS while loading an app ELF.
CVSS Score
8.2
EPSS Score
0.0
Published
2023-11-07
Information Disclosure in WLAN Host when processing WMI event command.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-11-07
A vulnerability classified as problematic was found in dstar2018 Agency up to 61. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument QSType/QuickSearch leads to cross site scripting. The attack can be launched remotely. The patch is named 975b56953efabb434519d9feefcc53685fb8d0ab. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-244495.
CVSS Score
3.5
EPSS Score
0.001
Published
2023-11-07