CVSS: 7.3EPSS: 0%CPEs: 2046EXPL: 0CVE-2022-4894
https://notcve.org/view.php?id=CVE-2022-4894
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. • https://support.hp.com/us-en/document/ish_8947379-8947403-16/hpsbpi03857 • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.8EPSS: 2%CPEs: 1EXPL: 1CVE-2023-40293
https://notcve.org/view.php?id=CVE-2023-40293
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object. • https://autohack.in/2023/07/26/dude-its-my-car-how-to-develop-intimacy-with-your-car • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-40292
https://notcve.org/view.php?id=CVE-2023-40292
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets. • https://autohack.in/2023/07/26/dude-its-my-car-how-to-develop-intimacy-with-your-car •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-40291
https://notcve.org/view.php?id=CVE-2023-40291
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name. • https://autohack.in/2023/07/26/dude-its-my-car-how-to-develop-intimacy-with-your-car •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30705
https://notcve.org/view.php?id=CVE-2023-30705
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08 • CWE-863: Incorrect Authorization •