VYPR

CVEs

100,472 total · page 652 of 2,010

  • CVE-2023-7010HigJul 16, 2024
    risk 0.57cvss 8.8epss 0.00

    Use after free in WebRTC in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-6778HigJul 16, 2024
    risk 0.49cvss 7.5epss 0.01

    Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

  • CVE-2024-6776HigJul 16, 2024
    risk 0.57cvss 8.8epss 0.00

    Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-6775HigJul 16, 2024
    risk 0.57cvss 8.8epss 0.00

    Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-6774HigJul 16, 2024
    risk 0.57cvss 8.8epss 0.00

    Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-6773HigJul 16, 2024
    risk 0.57cvss 8.8epss 0.00

    Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-6772HigJul 16, 2024
    risk 0.57cvss 8.8epss 0.01

    Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-5795HigJul 16, 2024
    risk 0.50cvss 7.7epss 0.01

    A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause unbounded resource exhaustion by sending a large payload to the Git server. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was…

  • CVE-2024-21687HigJul 16, 2024
    risk 0.53cvss 8.1epss 0.01

    This High severity File Inclusion vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0 and 9.6.0 of Bamboo Data Center and Server. This File Inclusion vulnerability, with a CVSS Score of 8.1, allows an authenticated attacker to get the application…

  • CVE-2024-21686HigJul 16, 2024
    risk 0.57cvss 8.7epss 0.01

    This High severity Stored XSS vulnerability was introduced in versions 7.13 of Confluence Data Center and Server. This Stored XSS vulnerability, with a CVSS Score of 7.3, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which…

  • CVE-2024-6492HigJul 16, 2024
    risk 0.48cvss 7.4epss 0.01

    Exposure of Sensitive Information in edge browser session proxy feature in Devolutions Remote Desktop Manager 2024.2.14.0 and earlier on Windows allows an attacker to intercept proxy credentials via a specially crafted website.

  • CVE-2024-40516HigJul 16, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue in H3C Technologies Co., Limited H3C Magic RC3000 RC3000V100R009 allows a remote attacker to execute arbitrary code via the Routing functionality.

  • CVE-2024-33181HigJul 16, 2024
    risk 0.57cvss 8.8epss 0.01

    Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter.

  • CVE-2024-6089HigJul 16, 2024
    risk 0.49cvss 7.5epss 0.02

    An input validation vulnerability exists in the Rockwell Automation 5015 - AENFTXT when a manipulated PTP packet is sent, causing the secondary adapter to result in a major nonrecoverable fault. If exploited, a power cycle is required to recover the product.

  • CVE-2024-40626HigJul 16, 2024
    risk 0.40cvss 7.3epss 0.01

    Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting (XSS) vulnerability in Outline. An authenticated user can create a document containing a malicious…

  • CVE-2024-3232HigJul 16, 2024
    risk 0.49cvss 7.6epss 0.00

    A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232

  • CVE-2019-16641HigJul 16, 2024
    risk 0.55cvss 8.4epss 0.00

    An issue was found on the Ruijie EG-2000 series gateway. There is a buffer overflow in client.so. Consequently, an attacker can use login.php to login to any account, without providing its password. This affects EG-2000SE EG_RGOS 11.1(1)B1.

  • CVE-2019-16640HigJul 16, 2024
    risk 0.49cvss 7.5epss 0.00

    An issue was found in upload.php on the Ruijie EG-2000 series gateway. A parameter passed to the class UploadFile is mishandled (%00 and /var/./html are not checked), which can allow an attacker to upload any file to the gateway. This affects EG-2000SE EG_RGOS 11.9 B11P1.

  • CVE-2019-16638HigJul 16, 2024
    risk 0.49cvss 7.5epss 0.00

    An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext stored passwords in /data/config.text with simple XORs. This affects EG-2000SE EG_RGOS 11.1(1)B1.

  • CVE-2024-40322HigJul 16, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in JFinalCMS v.5.0.0. There is a SQL injection vulnerablity via /admin/div_data/data

  • CVE-2024-6655HigJul 16, 2024
    risk 0.46cvss 7.0epss 0.00

    A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.

  • CVE-2024-32861HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions.

  • CVE-2024-6435HigJul 16, 2024
    risk 0.57cvss 8.8epss 0.00

    A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data,…

  • CVE-2022-48866HigJul 16, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts Syzbot reported an slab-out-of-bounds Read in thrustmaster_probe() bug. The root case is in missing validation check of actual number of…

  • CVE-2022-48858HigJul 16, 2024
    risk 0.46cvss 7.0epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix a race on command flush flow Fix a refcount use after free warning due to a race on command entry. Such race occurs when one of the commands releases its last refcount and frees its index and…

  • CVE-2022-48855HigJul 16, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak [1] of 4 bytes. After analysis, it turned out r->idiag_expires is not initialized if inet_sctp_diag_fill() calls…

  • CVE-2022-48854HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: arc_emac: Fix use after free in arc_mdio_probe() If bus->state is equal to MDIOBUS_ALLOCATED, mdiobus_free(bus) will free the "bus". But bus->name is still used in the next line, which will lead to a use…

  • CVE-2022-48851HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: staging: gdm724x: fix use after free in gdm_lte_rx() The netif_rx_ni() function frees the skb so we can't dereference it to save the skb->len.

  • CVE-2022-48848HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Do not unregister events twice Nicolas reported that using: # trace-cmd record -e all -M 10 -p osnoise --poll Resulted in the following kernel warning: ------------[ cut here…

  • CVE-2022-48847HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: watch_queue: Fix filter limit check In watch_queue_set_filter(), there are a couple of places where we check that the filter type value does not exceed what the type_filter bitmap can hold. One place…

  • CVE-2022-48837HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndis_set_response() If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow.

  • CVE-2022-48834HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Fix bug in pipe direction for control transfers The syzbot fuzzer reported a minor bug in the usbtmc driver: usb 5-1: BOGUS control dir, pipe 80001e80 doesn't match bRequestType 0 WARNING: CPU: 0…

  • CVE-2022-48827HigJul 16, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSET_MAX Dan Aloni reports: > Due to commit 8cfb9015280d ("NFS: Always provide aligned buffers to > the RPC read layers") on the client, a read of 0xfff is aligned up > to…

  • CVE-2022-48822HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: usb: f_fs: Fix use-after-free for epfile Consider a case where ffs_func_eps_disable is called from ffs_func_disable as part of composition switch and at the same time ffs_epfile_release get called from…

  • CVE-2022-48821HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput() on failed usercopy If the copy back to userland fails for the FASTRPC_IOCTL_ALLOC_DMA_BUFF ioctl(), we shouldn't assume that 'buf->dmabuf' is still valid. In fact,…

  • CVE-2022-48820HigJul 16, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: phy: stm32: fix a refcount leak in stm32_usbphyc_pll_enable() This error path needs to decrement "usbphyc->n_pll_cons.counter" before returning.

  • CVE-2022-48805HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup ax88179_rx_fixup() contains several out-of-bounds accesses that can be triggered by a malicious (or defective) USB device, in particular: - The…

  • CVE-2022-48801HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: buffer: Fix file related error handling in IIO_BUFFER_GET_FD_IOCTL If we fail to copy the just created file descriptor to userland, we try to clean up by putting back 'fd' and freeing 'ib'. The code uses…

  • CVE-2022-48796HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential use-after-free during probe Kasan has reported the following use after free on dev->iommu. when a device probe fails and it is in process of freeing dev->iommu in dev_iommu_free function,…

  • CVE-2022-48792HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task Currently a use-after-free may occur if a sas_task is aborted by the upper layer before we handle the I/O completion in mpi_ssp_completion() or…

  • CVE-2022-48791HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a use-after-free may occur if a TMF sas_task is aborted before we handle the IO completion in mpi_ssp_completion(). The abort occurs due to…

  • CVE-2022-48790HigJul 16, 2024
    risk 0.46cvss 7.0epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load Unlike .queue_rq, in .submit_async_event drivers may not check the ctrl readiness for AER submission. This may lead to a use-after-free…

  • CVE-2022-48789HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix possible use-after-free in transport error_recovery work While nvme_tcp_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in…

  • CVE-2022-48788HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in…

  • CVE-2022-48787HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which…

  • CVE-2022-48783HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus).

  • CVE-2022-48782HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mctp: fix use after free Clang static analysis reports this problem route.c:425:4: warning: Use of memory after it is freed trace_mctp_key_acquire(key); ^~~~~~~~~~~~~~~~~~~~~~~~~~~ When mctp_key_add()…

  • CVE-2022-48779HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix use-after-free in ocelot_vlan_del() ocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so if this is the same as the port's pvid_vlan which we access afterwards, what…

  • CVE-2022-48778HigJul 16, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped.

  • CVE-2021-47624HigJul 16, 2024
    risk 0.46cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling path. When the 3rd argument buf doesn't match with "offline", "online" or "remove",…