CVE-2023-20560

Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzenâ„¢ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service.

Source: CVE-2023-20560

CVE-2023-39852

Doctormms v1.0 was discovered to contain a SQL injection vulnerability via the $userid parameter at myAppoinment.php.

Source: CVE-2023-39852

CVE-2023-39848

DVWA v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at blindsourcehigh.php.

Source: CVE-2023-39848

CVE-2023-39843

Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.

Source: CVE-2023-39843

CVE-2023-38866

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and display_name.

Source: CVE-2023-38866

CVE-2023-39841

Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.

Source: CVE-2023-39841

CVE-2023-39842

Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.

Source: CVE-2023-39842

CVE-2023-38864

An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in the sub_41171C function at bin/webmgnt.

Source: CVE-2023-38864

CVE-2023-4340

Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file

Source: CVE-2023-4340

CVE-2023-4344

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

Source: CVE-2023-4344