CVE-2023-1383

MEDIUM Year: 2023
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-841
View all →

Vulnerability Description

An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3.

Related Vulnerabilities

CVE-2025-48376

LOW
CVSS:3.5(Low)

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, a malicious SuperUser (Host) could craft a request to use an exte...

CWE-8412025

CVE-2023-42939

LOW
CVSS:3.3(Low)

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user's private browsing activity may be unexpectedly saved in the App Privacy Report.

CWE-8412023

CVE-2024-37296

MEDIUM
CVSS:5.3(Medium)

The Aimeos HTML client provides Aimeos HTML components for e-commerce projects. Starting in version 2020.04.1 and prior to versions 2020.10.27, 2021.10.21, 2022.10.12, 2023.10.14, and 2024.04.5, digit...

CWE-8412024

CVE-2024-39325

MEDIUM
CVSS:5.3(Medium)

aimeos/ai-controller-frontend is the Aimeos frontend controller. Prior to versions 2024.04.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15, aimeos/ai-controller-frontend doesn't reset the payment s...

CWE-8412024

CVE-2024-6128

MEDIUM
CVSS:5.3(Medium)

A vulnerability, which was classified as problematic, has been found in spa-cartcms 1.9.0.6. This issue affects some unknown processing of the file /checkout of the component Checkout Page. The manipu...

CWE-8412024

CVE-2024-44128

MEDIUM
CVSS:5.5(Medium)

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An Automator Quick Action workflow may be able...

CWE-8412024