VYPR
Get started

CVEs

1,592 total · page 28 of 32

AllCriticalHighKEV
CVESevRiskCVSSEPSSKEVPublishedDescription
CVE-2025-65540.120.02KEVJun 30, 2025Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2025-65430.120.01KEVJun 25, 2025Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
CVE-2025-62180.120.06KEVJun 21, 2025RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198.
CVE-2025-478270.120.01KEVJun 5, 2025In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.
CVE-2025-214790.120.00KEVJun 3, 2025Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVE-2025-270380.120.01KEVJun 3, 2025Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.
CVE-2025-214800.120.02KEVJun 3, 2025Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVE-2025-54190.120.04KEVJun 2, 2025Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-327090.120.01KEVMay 13, 2025Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2025-327060.120.01KEVMay 13, 2025Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-327010.120.02KEVMay 13, 2025Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-304000.120.01KEVMay 13, 2025Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
CVE-2025-477290.120.04KEVMay 8, 2025The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as exploited in the wild in May 2025.
CVE-2025-19760.120.01KEVApr 24, 2025Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.
CVE-2025-425990.120.01KEVApr 18, 2025Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition.
CVE-2025-311250.120.84KEVMar 31, 2025Vite is a frontend tooling framework for javascript. Vite exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the network (using --host or server.host config option) are affected. This vulnerability is fixed in 6.2.4, 6.1.3, 6.0.13, 5.4.16, and 4.5.11.
CVE-2025-215900.120.02KEVMar 12, 2025An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS:  * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10,  * 22.2 versions before 22.2R3-S6,  * 22.4 versions before 22.4R3-S6,  * 23.2 versions before 23.2R2-S3,  * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2.
CVE-2025-249930.120.02KEVMar 11, 2025Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
CVE-2025-249910.120.01KEVMar 11, 2025Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
CVE-2025-249850.120.02KEVMar 11, 2025Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
CVE-2025-249840.120.04KEVMar 11, 2025Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
CVE-2025-249830.120.01KEVMar 11, 2025Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVE-2025-222260.120.04KEVMar 4, 2025VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
CVE-2025-01110.120.04KEVFeb 12, 2025An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.
CVE-2025-213910.120.05KEVFeb 11, 2025Windows Storage Elevation of Privilege Vulnerability
CVE-2025-213340.120.06KEVJan 14, 2025Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2024-531970.120.02KEVDec 27, 2024In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration.
CVE-2024-531500.120.01KEVDec 24, 2024In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descriptor with a shorter bLength, the driver might hit out-of-bounds reads. For addressing it, this patch adds sanity checks to the validator functions for the clock descriptor traversal. When the descriptor length is shorter than expected, it's skipped in the loop. For the clock source and clock multiplier descriptors, we can just check bLength against the sizeof() of each descriptor type. OTOH, the clock selector descriptor of UAC2 and UAC3 has an array of bNrInPins elements and two more fields at its tail, hence those have to be checked in addition to the sizeof() check.
CVE-2024-490350.120.06KEVNov 26, 2024An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
CVE-2024-430930.120.00KEVNov 13, 2024In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-430470.120.02KEVOct 7, 2024Memory corruption while maintaining memory maps of HLOS memory.
CVE-2024-382260.120.01KEVSep 10, 2024Microsoft Publisher Security Feature Bypass Vulnerability
CVE-2024-397170.120.05KEVAug 22, 2024The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The “Change Favicon” (Favorite Icon) option can be mis-used to upload a malicious file ending with .png extension to masquerade as image file. This is possible only after a user with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin has successfully authenticated and logged in.
CVE-2024-79710.120.01KEVAug 21, 2024Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-381070.120.03KEVAug 13, 2024Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
CVE-2024-381060.120.01KEVAug 13, 2024Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-76940.120.01KEVAug 12, 2024ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.
CVE-2024-203990.120.01KEVJul 1, 2024A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root. Note: To successfully exploit this vulnerability on a Cisco NX-OS device, an attacker must have Administrator credentials. The following Cisco devices already allow administrative users to access the underlying operating system through the bash-shell feature, so, for these devices, this vulnerability does not grant any additional privileges: Nexus 3000 Series Switches Nexus 7000 Series Switches that are running Cisco NX-OS Software releases 8.1(1) and later Nexus 9000 Series Switches in standalone NX-OS mode
CVE-2024-328960.120.00KEVJun 13, 2024there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-369710.120.00KEVJun 10, 2024In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_cache, then call dst_release(old_dst). Note that sk_dst_reset(sk) is implementing this protocol correctly, while __dst_negative_advice() uses the wrong order. Given that ip6_negative_advice() has special logic against RTF_CACHE, this means each of the three ->negative_advice() existing methods must perform the sk_dst_reset() themselves. Note the check against NULL dst is centralized in __dst_negative_advice(), there is no need to duplicate it in various callbacks. Many thanks to Clement Lecigne for tracking this issue. This old bug became visible after the blamed commit, using UDP sockets.
CVE-2024-46100.120.01KEVJun 7, 2024Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.
CVE-2024-49470.120.01KEVMay 15, 2024Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2024-47610.120.03KEVMay 14, 2024Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
CVE-2024-46710.120.00KEVMay 9, 2024Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2023-502240.120.01KEVMay 3, 2024TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. . Was ZDI-CAN-19899.
CVE-2024-203590.120.00KEVApr 24, 2024A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.
CVE-2024-297480.120.00KEVApr 5, 2024there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-297450.120.00KEVApr 5, 2024there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-214100.120.05KEVFeb 13, 2024Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2024-05190.120.00KEVJan 16, 2024Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)