CINXE.COM

NVD - Home

<!DOCTYPE html> <html lang="en"> <head><script type="text/javascript" src="https://web-static.archive.org/_static/js/bundle-playback.js?v=7YQSqjSh" charset="utf-8"></script> <script type="text/javascript" src="https://web-static.archive.org/_static/js/wombat.js?v=txqj7nKC" charset="utf-8"></script> <script>window.RufflePlayer=window.RufflePlayer||{};window.RufflePlayer.config={"autoplay":"on","unmuteOverlay":"hidden"};</script> <script type="text/javascript" src="https://web-static.archive.org/_static/js/ruffle/ruffle.js"></script> <script type="text/javascript"> __wm.init("https://web.archive.org/web"); __wm.wombat("https://nvd.nist.gov/","20240202112851","https://web.archive.org/","web","https://web-static.archive.org/_static/", "1706873331"); </script> <link rel="stylesheet" type="text/css" href="https://web-static.archive.org/_static/css/banner-styles.css?v=p7PEIJWi" /> <link rel="stylesheet" type="text/css" href="https://web-static.archive.org/_static/css/iconochive.css?v=3PDvdIFv" /> <!-- End Wayback Rewrite JS Include --> <title>NVD - Home</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8"/> <meta http-equiv="content-style-type" content="text/css"/> <meta http-equiv="content-script-type" content="text/javascript"/> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <link href="/web/20240202112851cs_/https://nvd.nist.gov/site-scripts/font-awesome/css/font-awesome.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20240202112851cs_/https://nvd.nist.gov/site-media/bootstrap/css/bootstrap.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20240202112851cs_/https://nvd.nist.gov/site-media/bootstrap/css/bootstrap-theme.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20240202112851cs_/https://nvd.nist.gov/site-scripts/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20240202112851cs_/https://nvd.nist.gov/site-media/css/nist-fonts.css" type="text/css" rel="stylesheet"/> <link href="/web/20240202112851cs_/https://nvd.nist.gov/site-media/css/base-style.css" type="text/css" rel="stylesheet"/> <link href="/web/20240202112851cs_/https://nvd.nist.gov/site-media/css/media-resize.css" type="text/css" rel="stylesheet"/> <meta name="theme-color" content="#000000"> <script src="/web/20240202112851js_/https://nvd.nist.gov/site-scripts/jquery/dist/jquery.min.js" type="text/javascript"></script> <script src="/web/20240202112851js_/https://nvd.nist.gov/site-scripts/jquery-visible/jquery.visible.min.js" type="text/javascript"></script> <script src="/web/20240202112851js_/https://nvd.nist.gov/site-scripts/underscore/underscore-min.js" type="text/javascript"></script> <script src="/web/20240202112851js_/https://nvd.nist.gov/site-media/bootstrap/js/bootstrap.js" type="text/javascript"></script> <script src="/web/20240202112851js_/https://nvd.nist.gov/site-scripts/moment/min/moment.min.js" type="text/javascript"></script> <script src="/web/20240202112851js_/https://nvd.nist.gov/site-scripts/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min.js" type="text/javascript"></script> <script src="/web/20240202112851js_/https://nvd.nist.gov/site-media/js/megamenu.js" type="text/javascript"></script> <script src="/web/20240202112851js_/https://nvd.nist.gov/site-media/js/nist-exit-script.js" type="text/javascript"></script> <script src="/web/20240202112851js_/https://nvd.nist.gov/site-media/js/forms.js" type="text/javascript"></script> <script src="/web/20240202112851js_/https://nvd.nist.gov/site-media/js/federated-analytics.all.min.js?agency=NIST&amp;subagency=nvd&amp;pua=UA-37115410-41&amp;yt=true" type="text/javascript" id="_fed_an_js_tag"></script> <!-- Google tag (gtag.js) --> <script async src="https://web.archive.org/web/20240202112851js_/https://www.googletagmanager.com/gtag/js?id=G-4KKFZP12LQ"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-4KKFZP12LQ'); </script> <style id="antiClickjack"> body>* { display: none !important; } #antiClickjack { display: block !important; } </style> <noscript> <style id="antiClickjackNoScript"> body>* { display: block !important; } #antiClickjack { display: none !important; } </style> </noscript> <script type="text/javascript" id="antiClickjackScript"> if (self === top) { // no clickjacking var antiClickjack = document.getElementById("antiClickjack"); antiClickjack.parentNode.removeChild(antiClickjack); } else { setTimeout(tryForward(), 5000); } function tryForward() { top.location = self.location; } </script> <meta charset="UTF-8"> <link href="/web/20240202112851cs_/https://nvd.nist.gov/site-media/css/nvd-style.css" type="text/css" rel="stylesheet"/> <link href="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/favicons/apple-touch-icon.png" rel="apple-touch-icon" type="image/png" sizes="180x180"/> <link href="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/favicons/favicon-32x32.png" rel="icon" type="image/png" sizes="32x32"/> <link href="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/favicons/favicon-16x16.png" rel="icon" type="image/png" sizes="16x16"/> <link href="/web/20240202112851/https://nvd.nist.gov/site-media/images/favicons/manifest.json" rel="manifest"/> <link href="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/favicons/safari-pinned-tab.svg" rel="mask-icon" color="#000000"/> <link href="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/favicons/favicon.ico" rel="shortcut icon"/> <meta name="msapplication-config" content="/site-media/images/favicons/browserconfig.xml"/> <link href="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/favicons/favicon.ico" rel="shortcut icon" type="image/x-icon"/> <link href="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/favicons/favicon.ico" rel="icon" type="image/x-icon"/> <meta charset="UTF-8"> <meta charset="UTF-8"> </head> <body> <header role="banner" title="Site Banner"> <div id="antiClickjack" style="display: none"> <h1>You are viewing this page in an unauthorized frame window.</h1> <p> This is a potential security issue, you are being redirected to <a href="https://web.archive.org/web/20240202112851/https://nvd.nist.gov/">https://nvd.nist.gov</a> </p> </div> <div> <section class="usa-banner" aria-label="Official government website"> <div class="usa-accordion container"> <header class="usa-banner__header"> <noscript> <p style="font-size: 0.85rem; font-weight: bold;">You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.</p> </noscript> <img class="usa-banner__header-flag" src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/usbanner/us_flag_small.png" alt="U.S. flag"> &nbsp; <span class="usa-banner__header-text">An official website of the United States government</span> <button id="gov-banner-button" class="usa-accordion__button usa-banner__button" data-toggle="collapse" data-target="#gov-banner" aria-expanded="false" aria-controls="gov-banner"> <span class="usa-banner__button-text">Here's how you know</span> </button> </header> <div class="usa-banner__content usa-accordion__content collapse" role="tabpanel" id="gov-banner" aria-expanded="true"> <div class="row"> <div class="col-md-5 col-sm-12"> <div class="row"> <div class="col-sm-2 col-xs-3"> <img class="usa-banner__icon usa-media-block__img" src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/usbanner/icon-dot-gov.svg" alt="Dot gov"> </div> <div class="col-sm-10 col-xs-9"> <p> <strong>Official websites use .gov</strong> <br> A <strong>.gov</strong> website belongs to an official government organization in the United States. </p> </div> </div> </div> <div class="col-md-5 col-sm-12"> <div class="row"> <div class="col-sm-2 col-xs-3"> <img class="usa-banner__icon usa-media-block__img" src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/usbanner/icon-https.svg" alt="Https"> </div> <div class="col-sm-10 col-xs-9"> <p> <strong>Secure .gov websites use HTTPS</strong> <br> A <strong>lock</strong> (<img class="usa-banner__lock" src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/usbanner/lock.svg" alt="Dot gov">) or <strong>https://</strong> means you've safely connected to the .gov website. Share sensitive information only on official, secure websites. </p> </div> </div> </div> </div> </div> </div> </section> </div> <div> <div> <nav id="navbar" class="navbar"> <div id="nist-menu-container" class="container"> <div class="row"> <!-- Brand --> <div class="col-xs-6 col-md-4 navbar-header" style="height:104px"> <a class="navbar-brand" href="https://web.archive.org/web/20240202112851/https://www.nist.gov/" target="_blank" id="navbar-brand-image" style="padding-top: 36px"> <img alt="National Institute of Standards and Technology" src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/nist/nist-logo.svg" width="110" height="30"> </a> </div> <div class="col-xs-6 col-md-8 navbar-nist-logo"> <span id="nvd-menu-button" class="pull-right" style="margin-top: 26px"> <a href="#"> <span class="fa fa-bars"></span> <span id="nvd-menu-full-text"><span class="hidden-xxs">NVD </span>MENU</span> </a> </span> </div> </div> </div> <div class="main-menu-row container"> <!-- Collect the nav links, forms, and other content for toggling --> <div id="main-menu-drop" class="col-lg-12" style="display: none;"> <ul> <li><a href="/web/20240202112851/https://nvd.nist.gov/general"> General <span class="expander fa fa-plus" id="nvd-header-menu-general" data-expander-name="general" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="general"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/general/nvd-dashboard">NVD Dashboard</a> </p> <p> <a href="/web/20240202112851/https://nvd.nist.gov/general/news">News</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/general/email-list">Email List</a> </p> <p> <a href="/web/20240202112851/https://nvd.nist.gov/general/faq">FAQ</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/general/visualizations">Visualizations</a> </p> <p> <a href="/web/20240202112851/https://nvd.nist.gov/general/legal-disclaimer">Legal Disclaimer</a> </p> </div> </div> </div></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln"> Vulnerabilities <span class="expander fa fa-plus" id="nvd-header-menu-vulnerabilities" data-expander-name="vulnerabilities" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="vulnerabilities"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/vuln/search">Search &amp; Statistics</a> </p> <p> <a href="/web/20240202112851/https://nvd.nist.gov/vuln/categories">Weakness Types</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/vuln/data-feeds">Legacy Data Feeds</a> </p> <p> <a href="/web/20240202112851/https://nvd.nist.gov/vuln/vendor-comments">Vendor Comments</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/vuln/cvmap">CVMAP</a> </p> </div> </div> </div></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss"> Vulnerability Metrics <span class="expander fa fa-plus" id="nvd-header-menu-metrics" data-expander-name="metrics" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="metrics"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator">CVSS V3 Calculator</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator">CVSS V2 Calculator</a> </p> </div> <div class="col-lg-4"></div> </div> </div></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/products"> Products <span class="expander fa fa-plus" id="nvd-header-menu-products" data-expander-name="products" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="products"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/products/cpe">CPE Dictionary</a> </p> <p> <a href="/web/20240202112851/https://nvd.nist.gov/products/cpe/search">CPE Search</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/products/cpe/statistics">CPE Statistics</a> </p> <p> <a href="/web/20240202112851/https://nvd.nist.gov/products/swid">SWID</a> </p> </div> <div class="col-lg-4"></div> </div> </div></li> <li> <a href="/web/20240202112851/https://nvd.nist.gov/developers">Developers<span class="expander fa fa-plus" id="nvd-header-menu-developers" data-expander-name="developers" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="developers"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/developers/start-here">Start Here</a> </p> <p> <a href="/web/20240202112851/https://nvd.nist.gov/developers/request-an-api-key">Request an API Key</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/developers/vulnerabilities">Vulnerabilities</a> </p> <p> <a href="/web/20240202112851/https://nvd.nist.gov/developers/products">Products</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/developers/data-sources">Data Sources</a> </p> <p> <a href="/web/20240202112851/https://nvd.nist.gov/developers/terms-of-use">Terms of Use</a> </p> </div> </div> </div> </li> <li><a href="/web/20240202112851/https://nvd.nist.gov/info"> Contact NVD </a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/other"> Other Sites <span class="expander fa fa-plus" id="nvd-header-menu-othersites" data-expander-name="otherSites" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="otherSites"> <div class="row"> <div class="col-lg-4"> <p> <a href="https://web.archive.org/web/20240202112851/https://ncp.nist.gov/">Checklist (NCP) Repository</a> </p> <p> <a href="https://web.archive.org/web/20240202112851/https://ncp.nist.gov/cce">Configurations (CCE)</a> </p> <p> <a href="https://web.archive.org/web/20240202112851/https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search">800-53 Controls</a> </p> </div> <div class="col-lg-4"> <p> <a href="https://web.archive.org/web/20240202112851/https://csrc.nist.gov/projects/scap-validation-program">SCAP Validated Tools</a> </p> <p> <a href="https://web.archive.org/web/20240202112851/https://csrc.nist.gov/projects/security-content-automation-protocol">SCAP</a> </p> </div> <div class="col-lg-4"> <p> <a href="https://web.archive.org/web/20240202112851/https://csrc.nist.gov/projects/united-states-government-configuration-baseline">USGCB</a> </p> </div> </div> </div></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/search"> Search <span class="expander fa fa-plus" id="nvd-header-menu-search" data-expander-name="search" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="search"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/vuln/search">Vulnerability Search</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20240202112851/https://nvd.nist.gov/products/cpe/search">CPE Search</a> </p> </div> </div> </div></li> </ul> </div> <!-- /#mobile-nav-container --> </div> </nav> <section id="itl-header" class="has-menu"> <div class="container"> <div class="row"> <div class="col-sm-12 col-md-8"> <h2 class="hidden-xs hidden-sm"> <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/itl" target="_blank">Information Technology Laboratory</a> </h2> <h1 class="hidden-xs hidden-sm"> <a id="nvd-header-link" href="/web/20240202112851/https://nvd.nist.gov/">National Vulnerability Database</a> </h1> <h1 class="hidden-xs text-center hidden-md hidden-lg">National Vulnerability Database</h1> <h1 class="hidden-sm hidden-md hidden-lg text-center">NVD</h1> </div> <div class="col-sm-12 col-md-4"> <a style="width: 100%; text-align: center; display: block;padding-top: 14px"> <img id="img-logo-nvd-lg" alt="National Vulnerability Database" src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/F_NIST-Logo-NVD-white.svg" width="500" height="100"> </a> </div> </div> </div> </section> </div> </div> </header> <main> <div> <div id="body-section" class="container"> <div> <div class="row"> <nav title="Side Menu" role="navigation" class="col-lg-3 col-md-4 hidden-sm hidden-xs hidden-xxs"> <ul class="side-nav"> <li><a href="/web/20240202112851/https://nvd.nist.gov/general">General<span class="expander fa fa-plus" id="nvd-side-menu-general" data-expander-name="generalSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="generalSide"> <ul> <li><a href="/web/20240202112851/https://nvd.nist.gov/general/nvd-dashboard">NVD Dashboard</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/general/news">News</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/general/email-list">Email List</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/general/faq">FAQ</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/general/visualizations">Visualizations</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/general/legal-disclaimer">Legal Disclaimer</a></li> </ul> </div></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln"> Vulnerabilities <span class="expander fa fa-plus" id="nvd-side-menu-vulnerabilities" data-expander-name="vulnerabilitiesSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="vulnerabilitiesSide"> <ul> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln/search">Search &amp; Statistics</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln/categories">Weakness Types</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln/data-feeds">Legacy Data Feeds</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln/vendor-comments">Vendor Comments</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln/cvmap">CVMAP</a></li> </ul> </div></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss"> Vulnerability Metrics <span class="expander fa fa-plus" id="nvd-side-menu-metrics" data-expander-name="metricsSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="metricsSide"> <ul> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator">CVSS V3 Calculator</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator">CVSS V2 Calculator</a></li> </ul> </div></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/products"> Products <span class="expander fa fa-plus" id="nvd-side-menu-products" data-expander-name="productsSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="productsSide"> <ul> <li><a href="/web/20240202112851/https://nvd.nist.gov/products/cpe">CPE Dictionary</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/products/cpe/search">CPE Search</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/products/cpe/statistics">CPE Statistics</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/products/swid">SWID</a></li> </ul> </div></li> <li> <a href="/web/20240202112851/https://nvd.nist.gov/developers">Developers<span class="expander fa fa-plus" id="nvd-side-menu-developers" data-expander-name="developersSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="developersSide"> <ul> <li><a href="/web/20240202112851/https://nvd.nist.gov/developers/start-here">Start Here</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/developers/request-an-api-key">Request an API Key</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/developers/vulnerabilities">Vulnerabilities</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/developers/products">Products</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/developers/data-sources">Data Sources</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/developers/terms-of-use">Terms of Use</a></li> </ul> </div> </li> <li><a href="/web/20240202112851/https://nvd.nist.gov/info"> Contact NVD </a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/other"> Other Sites <span class="expander fa fa-plus" id="nvd-side-menu-othersites" data-expander-name="otherSitesSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="otherSitesSide"> <ul> <li><a href="https://web.archive.org/web/20240202112851/https://ncp.nist.gov/">Checklist (NCP) Repository</a></li> <li><a href="https://web.archive.org/web/20240202112851/https://ncp.nist.gov/cce">Configurations (CCE)</a></li> <li><a href="https://web.archive.org/web/20240202112851/https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search">800-53 Controls</a></li> <li><a href="https://web.archive.org/web/20240202112851/https://csrc.nist.gov/projects/scap-validation-program">SCAP Validated Tools</a></li> <li><a href="https://web.archive.org/web/20240202112851/https://csrc.nist.gov/projects/security-content-automation-protocol">SCAP</a></li> <li><a href="https://web.archive.org/web/20240202112851/https://csrc.nist.gov/projects/united-states-government-configuration-baseline">USGCB</a></li> </ul> </div></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/search"> Search <span class="expander fa fa-plus" id="nvd-side-menu-search" data-expander-name="searchSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="searchSide"> <ul> <li><a href="/web/20240202112851/https://nvd.nist.gov/vuln/search">Vulnerability Search</a></li> <li><a href="/web/20240202112851/https://nvd.nist.gov/products/cpe/search">CPE Search</a></li> </ul> </div></li> </ul> </nav> <div id="page-content" class="col-lg-9 col-md-8 col-sm-12 col-xs-12 col-xxs-12"> <div class="col-md-4" style="padding:0px;"> <div class="text-center"> <span class="carousel-title"> <a href="/web/20240202112851/https://nvd.nist.gov/general/news/api-20-announcements"> <img alt="The letters N V D typed out in binary" src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/LandingPage/apiGuidance800x632.png" style="width: 300px; height: 237px;" title="Whats new in API two"> <br/> <strong>New 2.0 APIs</strong> </a> </span> </div> </div> <div class="col-md-4" style="padding:0px;"> <div class="text-center"> <span class="carousel-title"> <a href="/web/20240202112851/https://nvd.nist.gov/general/news/change-timeline"> <img alt="Emphasis on APIs for web automation" src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/LandingPage/changeTimeline800x632.png" style="width: 300px; height: 237px;" title="Emphasis on APIs for web automation!"> <br/> <strong>2022-23 Change Timeline</strong> </a> </span> </div> </div> <div class="row"> <div class="col-md-4" style="padding:0px;"> <div class="text-center"> <span class="carousel-title"> <a href="/web/20240202112851/https://nvd.nist.gov/general/news/cisa-exploit-catalog"> <img alt="Icon for CISA Known Exploited Vulnerabilities Catalog Announcement" src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/LandingPage/kevCatalog800x632.png" style="width: 300px; height: 237px;" title="Helping you comply with BOD 22-01"> <br/> <strong>New Parameters</strong> </a> </span> </div> </div> </div> <br/> <span>The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.</span> <br/> <br/> <span>For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult <a href="https://web.archive.org/web/20240202112851/https://data.nist.gov/od/id/1E0F15DAAEFB84E4E0531A5706813DD8436"> NIST's Public Data Repository</a>.</span> <br/> <br/> <div> <div class="row"> <div class="col-md-12 col-sm-12"> <div id="vulnResultsPanel"> <!-- Results Panel --> <div id="latestVulnsArea"> <div id="latestVulnsTitleRow" class="row"> <span class="hidden-md col-lg-9"> <strong class="h4Size">Last 20 Scored Vulnerability IDs &amp; Summaries</strong> </span> <span class="hidden-md col-lg-3"> <strong class="h4Size">CVSS Severity </strong> </span> </div> <ul id="latestVulns"> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2024-0625" id="cveDetailAnchor-0">CVE-2024-0625</a></strong> - The WPFront Notification Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpfront-notification-bar-options[custom_class]’ parameter in all versions up to, and including, 3.3.2 due to insufficient input sanitization an... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2024-0625#vulnDescriptionTitle">read CVE-2024-0625</a><br> <strong>Published:</strong> January 24, 2024; 10:15:07 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-0"> <span id="cvss3-link-0"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2024-0625&amp;vector=AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-0" aria-label="V3 score for CVE-2024-0625">4.8 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2024-0617" id="cveDetailAnchor-1">CVE-2024-0617</a></strong> - The Category Discount Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcd_save_discount() function in all versions up to, and including, 4.12. This makes it possible for... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2024-0617#vulnDescriptionTitle">read CVE-2024-0617</a><br> <strong>Published:</strong> January 24, 2024; 9:15:53 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-1"> <span id="cvss3-link-1"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2024-0617&amp;vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-1" aria-label="V3 score for CVE-2024-0617">5.3 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2024-22204" id="cveDetailAnchor-2">CVE-2024-22204</a></strong> - Whoogle Search is a self-hosted metasearch engine. Versions 0.8.3 and prior have a limited file write vulnerability when the configuration options in Whoogle are enabled. The `config` function in `app/routes.py` does not validate the user-controll... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2024-22204#vulnDescriptionTitle">read CVE-2024-22204</a><br> <strong>Published:</strong> January 23, 2024; 1:15:18 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-2"> <span id="cvss3-link-2"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2024-22204&amp;vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-2" aria-label="V3 score for CVE-2024-22204">5.3 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-49783" id="cveDetailAnchor-3">CVE-2023-49783</a></strong> - Silverstripe Admin provides a basic management interface for the Silverstripe Framework. In versions on the 1.x branch prior to 1.13.19 and on the 2.x branch prior to 2.1.8, users who don&#39;t have edit or delete permissions for records exposed in a ... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-49783#vulnDescriptionTitle">read CVE-2023-49783</a><br> <strong>Published:</strong> January 23, 2024; 9:15:37 AM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-3"> <span id="cvss3-link-3"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-49783&amp;vector=AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-3" aria-label="V3 score for CVE-2023-49783">4.3 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-48714" id="cveDetailAnchor-4">CVE-2023-48714</a></strong> - Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the ... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-48714#vulnDescriptionTitle">read CVE-2023-48714</a><br> <strong>Published:</strong> January 23, 2024; 9:15:37 AM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-4"> <span id="cvss3-link-4"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-48714&amp;vector=AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-4" aria-label="V3 score for CVE-2023-48714">4.3 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40092" id="cveDetailAnchor-5">CVE-2023-40092</a></strong> - In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user&#39;s image due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40092#vulnDescriptionTitle">read CVE-2023-40092</a><br> <strong>Published:</strong> December 04, 2023; 6:15:24 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-5"> <span id="cvss3-link-5"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-40092&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-5" aria-label="V3 score for CVE-2023-40092">5.5 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40091" id="cveDetailAnchor-6">CVE-2023-40091</a></strong> - In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. <br> <strong>Published:</strong> December 04, 2023; 6:15:24 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-6"> <span id="cvss3-link-6"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-40091&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-6" aria-label="V3 score for CVE-2023-40091">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40090" id="cveDetailAnchor-7">CVE-2023-40090</a></strong> - In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User inte... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40090#vulnDescriptionTitle">read CVE-2023-40090</a><br> <strong>Published:</strong> December 04, 2023; 6:15:24 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-7"> <span id="cvss3-link-7"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-40090&amp;vector=AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-7" aria-label="V3 score for CVE-2023-40090">6.5 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40089" id="cveDetailAnchor-8">CVE-2023-40089</a></strong> - In getCredentialManagerPolicy of DevicePolicyManagerService.java, there is a possible method for users to select credential managers without permission due to a missing permission check. This could lead to local escalation of privilege with no add... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40089#vulnDescriptionTitle">read CVE-2023-40089</a><br> <strong>Published:</strong> December 04, 2023; 6:15:24 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-8"> <span id="cvss3-link-8"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-40089&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-8" aria-label="V3 score for CVE-2023-40089">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40088" id="cveDetailAnchor-9">CVE-2023-40088</a></strong> - In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible memory corruption due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges nee... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40088#vulnDescriptionTitle">read CVE-2023-40088</a><br> <strong>Published:</strong> December 04, 2023; 6:15:24 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-9"> <span id="cvss3-link-9"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-40088&amp;vector=AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-9" aria-label="V3 score for CVE-2023-40088">8.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40096" id="cveDetailAnchor-10">CVE-2023-40096</a></strong> - In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio from the background due to a missing flag. This could lead to local escalation of privilege with User execution privileges needed. User interacti... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40096#vulnDescriptionTitle">read CVE-2023-40096</a><br> <strong>Published:</strong> December 04, 2023; 6:15:24 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-10"> <span id="cvss3-link-10"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-40096&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-10" aria-label="V3 score for CVE-2023-40096">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40097" id="cveDetailAnchor-11">CVE-2023-40097</a></strong> - In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed f... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40097#vulnDescriptionTitle">read CVE-2023-40097</a><br> <strong>Published:</strong> December 04, 2023; 6:15:24 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-11"> <span id="cvss3-link-11"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-40097&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-11" aria-label="V3 score for CVE-2023-40097">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40098" id="cveDetailAnchor-12">CVE-2023-40098</a></strong> - In mOnDone of NotificationConversationInfo.java, there is a possible way to access app notification data of another user due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges need... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40098#vulnDescriptionTitle">read CVE-2023-40098</a><br> <strong>Published:</strong> December 04, 2023; 6:15:24 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-12"> <span id="cvss3-link-12"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-40098&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-12" aria-label="V3 score for CVE-2023-40098">5.5 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40103" id="cveDetailAnchor-13">CVE-2023-40103</a></strong> - In multiple locations, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. <br> <strong>Published:</strong> December 04, 2023; 6:15:24 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-13"> <span id="cvss3-link-13"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-40103&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-13" aria-label="V3 score for CVE-2023-40103">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-45777" id="cveDetailAnchor-14">CVE-2023-45777</a></strong> - In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to launch arbitrary activities using system privileges due to Parcel Mismatch. This could lead to local escalation of privilege with no additional execution ... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-45777#vulnDescriptionTitle">read CVE-2023-45777</a><br> <strong>Published:</strong> December 04, 2023; 6:15:26 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-14"> <span id="cvss3-link-14"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-45777&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-14" aria-label="V3 score for CVE-2023-45777">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-45776" id="cveDetailAnchor-15">CVE-2023-45776</a></strong> - In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for e... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-45776#vulnDescriptionTitle">read CVE-2023-45776</a><br> <strong>Published:</strong> December 04, 2023; 6:15:26 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-15"> <span id="cvss3-link-15"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-45776&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-15" aria-label="V3 score for CVE-2023-45776">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-45775" id="cveDetailAnchor-16">CVE-2023-45775</a></strong> - In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for e... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-45775#vulnDescriptionTitle">read CVE-2023-45775</a><br> <strong>Published:</strong> December 04, 2023; 6:15:26 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-16"> <span id="cvss3-link-16"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-45775&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-16" aria-label="V3 score for CVE-2023-45775">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-45774" id="cveDetailAnchor-17">CVE-2023-45774</a></strong> - In fixUpIncomingShortcutInfo of ShortcutService.java, there is a possible way to view another user&#39;s image due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-45774#vulnDescriptionTitle">read CVE-2023-45774</a><br> <strong>Published:</strong> December 04, 2023; 6:15:26 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-17"> <span id="cvss3-link-17"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-45774&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-17" aria-label="V3 score for CVE-2023-45774">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-45773" id="cveDetailAnchor-18">CVE-2023-45773</a></strong> - In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. <br> <strong>Published:</strong> December 04, 2023; 6:15:26 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-18"> <span id="cvss3-link-18"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-45773&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-18" aria-label="V3 score for CVE-2023-45773">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40462" id="cveDetailAnchor-19">CVE-2023-40462</a></strong> - The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router fu... <a href="/web/20240202112851/https://nvd.nist.gov/vuln/detail/CVE-2023-40462#vulnDescriptionTitle">read CVE-2023-40462</a><br> <strong>Published:</strong> December 04, 2023; 6:15:25 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-19"> <span id="cvss3-link-19"> <em>V3.1:</em> <a href="/web/20240202112851/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-40462&amp;vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-19" aria-label="V3 score for CVE-2023-40462">7.5 HIGH</a><br/> </span> </p> </div> </li> </ul> </div> </div> </div> </div> </div> <div id="legal-disclaimer"> <h4>Legal Disclaimer:</h4> <p> Here is where you can read the NVD <a href="general/legal-disclaimer">legal disclaimer</a>. </p> </div> </div> </div> </div> </div> </div> </main> <footer id="footer" role="contentinfo"> <div class="container"> <div class="row"> <div class="col-sm-12"> <ul class="social-list pull-right"> <li class="field-item service-twitter list-horiz"><a href="https://web.archive.org/web/20240202112851/https://twitter.com/NISTCyber" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-twitter fa-fw"><span class="element-invisible">twitter</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a></li> <li class="field-item service-facebook list-horiz"><a href="https://web.archive.org/web/20240202112851/https://www.facebook.com/NIST" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-facebook fa-fw"><span class="element-invisible">facebook</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span></a></li> <li class="field-item service-linkedin list-horiz"><a href="https://web.archive.org/web/20240202112851/https://www.linkedin.com/company/nist" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-linkedin fa-fw"><span class="element-invisible">linkedin</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span></a></li> <li class="field-item service-youtube list-horiz"><a href="https://web.archive.org/web/20240202112851/https://www.youtube.com/user/USNISTGOV" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-youtube fa-fw"><span class="element-invisible">youtube</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span></a></li> <li class="field-item service-rss list-horiz"><a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/news-events/nist-rss-feeds" target="_blank" class="social-btn social-btn--large extlink"> <i class="fa fa-rss fa-fw"><span class="element-invisible">rss</span></i> </a></li> <li class="field-item service-govdelivery list-horiz last"><a href="https://web.archive.org/web/20240202112851/https://public.govdelivery.com/accounts/USNIST/subscriber/new?qsp=USNIST_3" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-envelope fa-fw"><span class="element-invisible">govdelivery</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a></li> </ul> <span class="hidden-xs"> <a title="National Institute of Standards and Technology" rel="home" class="footer-nist-logo"> <img src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/nist/nist-logo.png" alt="National Institute of Standards and Technology logo"/> </a> </span> </div> </div> <div class="row hidden-sm hidden-md hidden-lg"> <div class="col-sm-12"> <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/" title="National Institute of Standards and Technology" rel="home" target="_blank" class="footer-nist-logo"> <img src="/web/20240202112851im_/https://nvd.nist.gov/site-media/images/nist/nist-logo.png" alt="National Institute of Standards and Technology logo"/> </a> </div> </div> <div class="row footer-contact-container"> <div class="col-sm-6"> <strong>HEADQUARTERS</strong> <br> 100 Bureau Drive <br> Gaithersburg, MD 20899 <br> <a href="https://web.archive.org/web/20240202112851/tel:301-975-2000">(301) 975-2000</a> <br> <br> <a href="https://web.archive.org/web/20240202112851/mailto:nvd@nist.gov">Webmaster</a> | <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/about-nist/contact-us">Contact Us</a> | <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/about-nist/visit" style="display: inline-block;">Our Other Offices</a> </div> <div class="col-sm-6"> <div class="pull-right" style="text-align:right"> <strong>Incident Response Assistance and Non-NVD Related<br>Technical Cyber Security Questions:</strong> <br> US-CERT Security Operations Center <br> Email: <a href="https://web.archive.org/web/20240202112851/mailto:soc@us-cert.gov">soc@us-cert.gov</a> <br> Phone: 1-888-282-0870 </div> </div> </div> <div class="row"> <nav title="Footer Navigation" role="navigation" class="row footer-bottom-links-container"> <!-- https://github.com/usnistgov/nist-header-footer/blob/nist-pages/boilerplate-footer.html --> <p> <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/oism/site-privacy">Site Privacy</a> | <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/oism/accessibility">Accessibility</a> | <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/privacy">Privacy Program</a> | <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/oism/copyrights">Copyrights</a> | <a href="https://web.archive.org/web/20240202112851/https://www.commerce.gov/vulnerability-disclosure-policy">Vulnerability Disclosure</a> | <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/no-fear-act-policy">No Fear Act Policy</a> | <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/foia">FOIA</a> | <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/environmental-policy-statement">Environmental Policy</a> | <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/summary-report-scientific-integrity">Scientific Integrity</a> | <a href="https://web.archive.org/web/20240202112851/https://www.nist.gov/nist-information-quality-standards">Information Quality Standards</a> | <a href="https://web.archive.org/web/20240202112851/https://www.commerce.gov/">Commerce.gov</a> | <a href="https://web.archive.org/web/20240202112851/https://www.science.gov/">Science.gov</a> | <a href="https://web.archive.org/web/20240202112851/https://www.usa.gov/">USA.gov</a> </p> </nav> </div> </div> </footer> </body> </html><!-- FILE ARCHIVED ON 11:28:51 Feb 02, 2024 AND RETRIEVED FROM THE INTERNET ARCHIVE ON 08:48:38 Mar 04, 2025. JAVASCRIPT APPENDED BY WAYBACK MACHINE, COPYRIGHT INTERNET ARCHIVE. ALL OTHER CONTENT MAY ALSO BE PROTECTED BY COPYRIGHT (17 U.S.C. SECTION 108(a)(3)). --> <!-- playback timings (ms): captures_list: 0.686 exclusion.robots: 0.027 exclusion.robots.policy: 0.015 esindex: 0.012 cdx.remote: 48.89 LoadShardBlock: 460.032 (6) PetaboxLoader3.datanode: 460.948 (7) load_resource: 275.63 -->

Pages: 1 2 3 4 5 6 7 8 9 10