How severe is CVE-2024-23708?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-23708?

This is classified as CWE-451, which is a common weakness in software security.

CVE-2024-23708

CRITICAL Year: 2024

CVSS v3 Score

9.8

Critical

Weakness Type

CWE-451

View all →

Vulnerability Description

In multiple functions of NotificationManagerService.java, there is a possible way to not show a toast message when a clipboard message has been accessed. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2020-9236

HIGH

CVSS:8.8(High)

There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability t...

CWE-4512020

CVE-2021-22866

HIGH

CVSS:8.8(High)

A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the ...

CWE-4512021

CVE-2021-41598

HIGH

CVSS:8.8(High)

CWE-4512021

CVE-2024-43461

HIGH

CVSS:8.8(High)

Windows MSHTML Platform Spoofing Vulnerability

CWE-4512024

CVE-2024-52269

HIGH

CVSS:8.1(High)

User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing. The SaaS AI assistant ignores hidden content that is rendered after signing, misleading...

CWE-4512024

CVE-2024-7529

HIGH

CVSS:8.1(High)

The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115....

CWE-4512024

CVE-2024-23708

Vulnerability Description

Related Vulnerabilities

CVE-2020-9236

CVE-2021-22866

CVE-2021-41598

CVE-2024-43461

CVE-2024-52269

CVE-2024-7529