| CVE-2024-38014 | | 0.13 | — | 0.13 | KEV | Sep 10, 2024 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2024-7262 | | 0.13 | — | 0.12 | KEV | Aug 15, 2024 | Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library.
The vulnerability was found weaponized as a single-click exploit in the form of a deceptive spreadsheet document |
| CVE-2024-38080 | | 0.13 | — | 0.14 | KEV | Jul 9, 2024 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2024-39891 | | 0.13 | — | 0.17 | KEV | Jul 2, 2024 | In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024. Specifically, the endpoint accepted a stream of requests containing phone numbers, and responded with information about whether each phone number was registered with Authy. (Authy accounts were not compromised, however.) |
| CVE-2024-5274 | | 0.13 | — | 0.07 | KEV | May 28, 2024 | Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2024-4978 | | 0.13 | — | 0.13 | KEV | May 23, 2024 | Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands. |
| CVE-2024-21351 | | 0.13 | — | 0.11 | KEV | Feb 13, 2024 | Windows SmartScreen Security Feature Bypass Vulnerability |
| CVE-2023-6548 | | 0.13 | — | 0.08 | KEV | Jan 17, 2024 | Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface. |
| CVE-2023-6448 | | 0.13 | — | 0.13 | KEV | Dec 5, 2023 | Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system. |
| CVE-2023-36584 | | 0.13 | — | 0.15 | KEV | Oct 10, 2023 | Windows Mark of the Web Security Feature Bypass Vulnerability |
| CVE-2023-41763 | | 0.13 | — | 0.17 | KEV | Oct 10, 2023 | Skype for Business Elevation of Privilege Vulnerability |
| CVE-2023-36851 | | 0.13 | — | 0.15 | KEV | Sep 26, 2023 | A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.
With a specific request to
webauth_operation.php
that doesn't require authentication, an attacker is able to upload and download arbitrary files via J-Web, leading to a loss of
integrity or confidentiality, which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on SRX Series:
*
21.2 versions prior to 21.2R3-S8;
* 21.4
versions prior to
21.4R3-S6;
* 22.1
versions prior to
22.1R3-S5;
* 22.2
versions prior to
22.2R3-S3;
* 22.3
versions prior to
22.3R3-S2;
* 22.4 versions prior to 22,4R2-S2, 22.4R3;
* 23.2 versions prior to
23.2R1-S2, 23.2R2. |
| CVE-2023-32049 | | 0.13 | — | 0.09 | KEV | Jul 11, 2023 | Windows SmartScreen Security Feature Bypass Vulnerability |
| CVE-2023-28229 | | 0.13 | — | 0.09 | KEV | Apr 11, 2023 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability |
| CVE-2023-29492 | | 0.13 | — | 0.17 | KEV | Apr 11, 2023 | Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data. |
| CVE-2023-21674 | | 0.13 | — | 0.12 | KEV | Jan 10, 2023 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability |
| CVE-2022-26485 | | 0.13 | — | 0.07 | KEV | Dec 22, 2022 | Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. |
| CVE-2022-4262 | | 0.13 | — | 0.09 | KEV | Dec 2, 2022 | Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2022-23748 | | 0.13 | — | 0.12 | KEV | Nov 17, 2022 | mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files. |
| CVE-2022-41049 | | 0.13 | — | 0.13 | KEV | Nov 9, 2022 | Windows Mark of the Web Security Feature Bypass Vulnerability |
| CVE-2022-40139 | | 0.13 | — | 0.09 | KEV | Sep 19, 2022 | Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution. Please note: an attacker must first obtain Apex One server administration console access in order to exploit this vulnerability. |
| CVE-2022-37969 | | 0.13 | — | 0.12 | KEV | Sep 13, 2022 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2022-1364 | | 0.13 | — | 0.18 | KEV | Jul 26, 2022 | Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2022-20821 | | 0.13 | — | 0.09 | KEV | May 26, 2022 | A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attacker could exploit this vulnerability by connecting to the Redis instance on the open port. A successful exploit could allow the attacker to write to the Redis in-memory database, write arbitrary files to the container filesystem, and retrieve information about the Redis database. Given the configuration of the sandboxed container that the Redis instance runs in, a remote attacker would be unable to execute remote code or abuse the integrity of the Cisco IOS XR Software host system. |
| CVE-2022-24816 | | 0.13 | — | 0.94 | KEV | Apr 13, 2022 | JAI-EXT is an open-source project which aims to extend the Java Advanced Imaging (JAI) API. Programs allowing Jiffle script to be provided via network request can lead to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, and executed. In particular, this affects the downstream GeoServer project. Version 1.2.22 will contain a patch that disables the ability to inject malicious code into the resulting script. Users unable to upgrade may negate the ability to compile Jiffle scripts from the final application, by removing janino-x.y.z.jar from the classpath. |
| CVE-2022-23176 | | 0.13 | — | 0.10 | KEV | Feb 24, 2022 | WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3. |
| CVE-2022-20708 | | 0.13 | — | 0.09 | KEV | Feb 10, 2022 | Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. |
| CVE-2022-22718 | | 0.13 | — | 0.08 | KEV | Feb 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2021-44207 | | 0.13 | — | 0.09 | KEV | Dec 21, 2021 | Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. |
| CVE-2021-43226 | | 0.13 | — | 0.08 | KEV | Dec 15, 2021 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2021-37976 | | 0.13 | — | 0.16 | KEV | Oct 8, 2021 | Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. |
| CVE-2021-37973 | | 0.13 | — | 0.15 | KEV | Oct 8, 2021 | Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
| CVE-2021-39226 | | 0.13 | — | 0.94 | KEV | Oct 5, 2021 | Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects. |
| CVE-2021-38645 | | 0.13 | — | 0.12 | KEV | Sep 15, 2021 | Open Management Infrastructure Elevation of Privilege Vulnerability |
| CVE-2021-33771 | | 0.13 | — | 0.07 | KEV | Jul 14, 2021 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2021-31979 | | 0.13 | — | 0.07 | KEV | Jul 14, 2021 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2021-26829 | | 0.13 | — | 0.08 | KEV | Jun 11, 2021 | OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm. |
| CVE-2021-30533 | | 0.13 | — | 0.11 | KEV | Jun 7, 2021 | Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe. |
| CVE-2021-22899 | | 0.13 | — | 0.16 | KEV | May 27, 2021 | A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature |
| CVE-2021-22506 | | 0.13 | — | 0.11 | KEV | Mar 26, 2021 | Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage. |
| CVE-2021-22681 | | 0.13 | — | 0.18 | KEV | Mar 3, 2021 | Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. |
| CVE-2021-21315 | | 0.13 | — | 0.94 | KEV | Feb 16, 2021 | The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected. |
| CVE-2021-21311 | | 0.13 | — | 0.94 | KEV | Feb 11, 2021 | Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9. |
| CVE-2020-2506 | | 0.13 | — | 0.18 | KEV | Feb 3, 2021 | The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to compromise the security of the software by gaining privileges, or reading sensitive information. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3. |
| CVE-2020-29574 | | 0.13 | — | 0.12 | KEV | Dec 11, 2020 | An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely. |
| CVE-2020-27932 | | 0.13 | — | 0.13 | KEV | Dec 8, 2020 | A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to execute arbitrary code with kernel privileges. |
| CVE-2020-4006 | | 0.13 | — | 0.13 | KEV | Nov 23, 2020 | VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability. |
| CVE-2020-8243 | | 0.13 | — | 0.12 | KEV | Sep 29, 2020 | A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution. |
| CVE-2020-1464 | | 0.13 | — | 0.08 | KEV | Aug 17, 2020 | A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.
In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded.
The update addresses the vulnerability by correcting how Windows validates file signatures. |
| CVE-2020-17463 | | 0.13 | — | 0.18 | KEV | Aug 13, 2020 | FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items. |
