| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-34060 | Hig | 0.50 | 8.8 | 0.01 | May 23, 2024 | IrisEVTXModule is an interface module for Evtx2Splunk and Iris in order to ingest Microsoft EVTX log files. The `iris-evtx-module` is a pipeline plugin of `iris-web` that processes EVTX files through IRIS web application. During the upload of an EVTX through this pipeline, the… | ||
| CVE-2024-26139 | Hig | 0.54 | 8.3 | 0.00 | May 23, 2024 | OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionality, an authenticated attacker with low privileges can gain administrative… | ||
| CVE-2024-4779 | Hig | 0.50 | 8.8 | 0.00 | May 23, 2024 | The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to SQL Injection via the ‘data[post_ids][0]’ parameter in all versions up to, and including, 1.5.107 due to insufficient escaping on the user supplied parameter and lack… | ||
| CVE-2024-35186 | Hig | 0.50 | 8.8 | 0.01 | May 23, 2024 | gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-state` does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads… | ||
| CVE-2024-30280 | Hig | 0.51 | 7.8 | 0.07 | May 23, 2024 | Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute… | ||
| CVE-2024-30279 | Hig | 0.51 | 7.8 | 0.06 | May 23, 2024 | Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a… | ||
| CVE-2024-4835 | Hig | 0.52 | 8.0 | 0.01 | May 23, 2024 | A XSS condition exists within GitLab in versions 15.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. By leveraging this condition, an attacker can craft a malicious page to exfiltrate sensitive user information. | ||
| CVE-2024-36012 | Hig | 0.51 | 7.8 | 0.00 | May 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: fix slab-use-after-free in msft_do_close() Tying the msft->data lifetime to hdev by freeing it in hci_release_dev() to fix the following case: [use] msft_do_close() msft = hdev->msft_data; … | ||
| CVE-2024-2038 | Hig | 0.49 | 7.5 | 0.00 | May 23, 2024 | The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 3.22.6. This is due to the use of hardcoded credentials to authenticate all the incoming API requests. This… | ||
| CVE-2024-4388 | — | Hig | 0.49 | 7.5 | 0.01 | May 23, 2024 | This does not validate a path generated with user input when downloading files, allowing unauthenticated user to download arbitrary files from the server | |
| CVE-2024-4347 | Hig | 0.47 | 7.2 | 0.01 | May 23, 2024 | The WP Fastest Cache plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.6 via the specificDeleteCache function. This makes it possible for authenticated attackers to delete arbitrary files on the server, which can include… | ||
| CVE-2024-3594 | Hig | 0.57 | 8.7 | 0.01 | May 23, 2024 | The IDonate WordPress plugin through 1.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite… | ||
| CVE-2024-4662 | Hig | 0.57 | 8.8 | 0.01 | May 23, 2024 | The Oxygen Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.8.2 via post metadata. This is due to the plugin storing custom data in post metadata without an underscore prefix. This makes it possible for lower privileged… | ||
| CVE-2024-4978 | Hig | 0.69 | 8.4 | 0.27 | KEV | May 23, 2024 | Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands. | |
| CVE-2024-29853 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local privilege escalation. | ||
| CVE-2024-29851 | Hig | 0.47 | 7.2 | 0.01 | May 22, 2024 | Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account. | ||
| CVE-2024-29850 | Hig | 0.57 | 8.8 | 0.01 | May 22, 2024 | Veeam Backup Enterprise Manager allows account takeover via NTLM relay. | ||
| CVE-2024-4454 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an… | ||
| CVE-2024-4453 | Hig | 0.00 | 7.8 | 0.02 | May 22, 2024 | GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | ||
| CVE-2024-27264 | Hig | 0.48 | 7.4 | 0.00 | May 22, 2024 | IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 284563. | ||
| CVE-2023-51636 | Hig | 0.51 | 7.8 | 0.01 | May 22, 2024 | Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order… | ||
| CVE-2024-20360 | Hig | 0.57 | 8.8 | 0.01 | May 22, 2024 | A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface… | ||
| CVE-2024-36077 | Hig | 0.57 | 8.8 | 0.01 | May 22, 2024 | Qlik Sense Enterprise for Windows before 14.187.4 allows a remote attacker to elevate their privilege due to improper validation. The attacker can elevate their privilege to the internal system role, which allows them to execute commands on the server. This affects February 2024… | ||
| CVE-2024-5160 | Hig | 0.57 | 8.8 | 0.01 | May 22, 2024 | Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-5159 | Hig | 0.57 | 8.8 | 0.01 | May 22, 2024 | Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-5158 | Hig | 0.53 | 8.1 | 0.01 | May 22, 2024 | Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-5157 | Hig | 0.57 | 8.8 | 0.01 | May 22, 2024 | Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-34448 | Hig | 0.50 | 8.8 | 0.01 | May 22, 2024 | Ghost before 5.82.0 allows CSV Injection during a member CSV export. | ||
| CVE-2024-33228 | Hig | 0.55 | 8.4 | 0.00 | May 22, 2024 | An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | ||
| CVE-2024-33227 | Hig | 0.57 | 8.8 | 0.00 | May 22, 2024 | An issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC v3.7.4.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | ||
| CVE-2024-33225 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | An issue in the component RTKVHD64.sys of Realtek Semiconductor Corp Realtek(r) High Definition Audio Function Driver v6.0.9549.1 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | ||
| CVE-2024-33224 | Hig | 0.55 | 8.4 | 0.00 | May 22, 2024 | An issue in the component rtkio64.sys of Realtek Semiconductor Corp Realtek lO Driver v1.008.0823.2017 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | ||
| CVE-2024-33223 | Hig | 0.57 | 8.8 | 0.00 | May 22, 2024 | An issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | ||
| CVE-2024-33222 | Hig | 0.55 | 8.4 | 0.00 | May 22, 2024 | An issue in the component ATSZIO64.sys of ASUSTeK Computer Inc ASUS ATSZIO Driver v0.2.1.7 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | ||
| CVE-2024-33221 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | ||
| CVE-2024-33220 | Hig | 0.57 | 8.8 | 0.01 | May 22, 2024 | An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | ||
| CVE-2024-33219 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | An issue in the component AsIO64.sys of ASUSTeK Computer Inc ASUS SABERTOOTH X99 Driver v1.0.1.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | ||
| CVE-2024-33218 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | ||
| CVE-2024-35559 | Hig | 0.57 | 8.8 | 0.00 | May 22, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=rev&nohrefStr=close. | ||
| CVE-2024-35558 | Hig | 0.57 | 8.8 | 0.00 | May 22, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=rev&nohrefStr=close. | ||
| CVE-2024-35556 | Hig | 0.57 | 8.8 | 0.00 | May 22, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsSys_deal.php?mudi=infoSet. | ||
| CVE-2024-35553 | Hig | 0.54 | 8.3 | 0.00 | May 22, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=add&nohrefStr=close. | ||
| CVE-2024-35552 | Hig | 0.57 | 8.8 | 0.00 | May 22, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=del&dataType=logo&dataTypeCN. | ||
| CVE-2024-5031 | Hig | 0.55 | 8.5 | 0.00 | May 22, 2024 | The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web… | ||
| CVE-2021-47497 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells If a cell has 'nbits' equal to a multiple of BITS_PER_BYTE the logic *p &= GENMASK((cell->nbits%BITS_PER_BYTE) - 1, 0); will become undefined… | ||
| CVE-2021-47496 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tls_err_abort() calls sk->sk_err appears to expect a positive value, a convention that ktls doesn't always follow and that leads to memory corruption in other code. For instance, … | ||
| CVE-2021-47489 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix even more out of bound writes from debugfs CVE-2021-42327 was fixed by: commit f23750b5b3d98653b31d4469592935ef6364ad67 Author: Thelford Williams <tdwilliamsiv@gmail.com> Date: Wed Oct 13… | ||
| CVE-2021-47486 | Hig | 0.49 | 7.5 | 0.01 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix potential NULL dereference The bpf_jit_binary_free() function requires a non-NULL argument. When the RISC-V BPF JIT fails to converge in NR_JIT_ITERATIONS steps, jit_data->header will be NULL,… | ||
| CVE-2021-47485 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all… | ||
| CVE-2021-47483 | Hig | 0.51 | 7.8 | 0.00 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: regmap: Fix possible double-free in regcache_rbtree_exit() In regcache_rbtree_insert_to_block(), when 'present' realloc failed, the 'blk' which is supposed to assign to 'rbnode->block' will be freed, so… |
- risk 0.50cvss 8.8epss 0.01
IrisEVTXModule is an interface module for Evtx2Splunk and Iris in order to ingest Microsoft EVTX log files. The `iris-evtx-module` is a pipeline plugin of `iris-web` that processes EVTX files through IRIS web application. During the upload of an EVTX through this pipeline, the…
- risk 0.54cvss 8.3epss 0.00
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionality, an authenticated attacker with low privileges can gain administrative…
- risk 0.50cvss 8.8epss 0.00
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to SQL Injection via the ‘data[post_ids][0]’ parameter in all versions up to, and including, 1.5.107 due to insufficient escaping on the user supplied parameter and lack…
- risk 0.50cvss 8.8epss 0.01
gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-state` does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads…
- risk 0.51cvss 7.8epss 0.07
Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute…
- risk 0.51cvss 7.8epss 0.06
Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…
- risk 0.52cvss 8.0epss 0.01
A XSS condition exists within GitLab in versions 15.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. By leveraging this condition, an attacker can craft a malicious page to exfiltrate sensitive user information.
- risk 0.51cvss 7.8epss 0.00
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: fix slab-use-after-free in msft_do_close() Tying the msft->data lifetime to hdev by freeing it in hci_release_dev() to fix the following case: [use] msft_do_close() msft = hdev->msft_data; …
- risk 0.49cvss 7.5epss 0.00
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 3.22.6. This is due to the use of hardcoded credentials to authenticate all the incoming API requests. This…
- risk 0.49cvss 7.5epss 0.01
This does not validate a path generated with user input when downloading files, allowing unauthenticated user to download arbitrary files from the server
- risk 0.47cvss 7.2epss 0.01
The WP Fastest Cache plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.6 via the specificDeleteCache function. This makes it possible for authenticated attackers to delete arbitrary files on the server, which can include…
- risk 0.57cvss 8.7epss 0.01
The IDonate WordPress plugin through 1.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite…
- risk 0.57cvss 8.8epss 0.01
The Oxygen Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.8.2 via post metadata. This is due to the plugin storing custom data in post metadata without an underscore prefix. This makes it possible for lower privileged…
- risk 0.69cvss 8.4epss 0.27
Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands.
- risk 0.51cvss 7.8epss 0.00
An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local privilege escalation.
- risk 0.47cvss 7.2epss 0.01
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
- risk 0.57cvss 8.8epss 0.01
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
- risk 0.51cvss 7.8epss 0.00
WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an…
- risk 0.00cvss 7.8epss 0.02
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- risk 0.48cvss 7.4epss 0.00
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 284563.
- risk 0.51cvss 7.8epss 0.01
Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order…
- risk 0.57cvss 8.8epss 0.01
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface…
- risk 0.57cvss 8.8epss 0.01
Qlik Sense Enterprise for Windows before 14.187.4 allows a remote attacker to elevate their privilege due to improper validation. The attacker can elevate their privilege to the internal system role, which allows them to execute commands on the server. This affects February 2024…
- risk 0.57cvss 8.8epss 0.01
Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.01
Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
- risk 0.53cvss 8.1epss 0.01
Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.01
Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.50cvss 8.8epss 0.01
Ghost before 5.82.0 allows CSV Injection during a member CSV export.
- risk 0.55cvss 8.4epss 0.00
An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
- risk 0.57cvss 8.8epss 0.00
An issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC v3.7.4.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
- risk 0.51cvss 7.8epss 0.00
An issue in the component RTKVHD64.sys of Realtek Semiconductor Corp Realtek(r) High Definition Audio Function Driver v6.0.9549.1 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
- risk 0.55cvss 8.4epss 0.00
An issue in the component rtkio64.sys of Realtek Semiconductor Corp Realtek lO Driver v1.008.0823.2017 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
- risk 0.57cvss 8.8epss 0.00
An issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
- risk 0.55cvss 8.4epss 0.00
An issue in the component ATSZIO64.sys of ASUSTeK Computer Inc ASUS ATSZIO Driver v0.2.1.7 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
- risk 0.51cvss 7.8epss 0.00
An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
- risk 0.57cvss 8.8epss 0.01
An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
- risk 0.51cvss 7.8epss 0.00
An issue in the component AsIO64.sys of ASUSTeK Computer Inc ASUS SABERTOOTH X99 Driver v1.0.1.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
- risk 0.51cvss 7.8epss 0.00
An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
- risk 0.57cvss 8.8epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=rev&nohrefStr=close.
- risk 0.57cvss 8.8epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=rev&nohrefStr=close.
- risk 0.57cvss 8.8epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsSys_deal.php?mudi=infoSet.
- risk 0.54cvss 8.3epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=add&nohrefStr=close.
- risk 0.57cvss 8.8epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=del&dataType=logo&dataTypeCN.
- risk 0.55cvss 8.5epss 0.00
The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web…
- risk 0.51cvss 7.8epss 0.00
In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells If a cell has 'nbits' equal to a multiple of BITS_PER_BYTE the logic *p &= GENMASK((cell->nbits%BITS_PER_BYTE) - 1, 0); will become undefined…
- risk 0.51cvss 7.8epss 0.00
In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tls_err_abort() calls sk->sk_err appears to expect a positive value, a convention that ktls doesn't always follow and that leads to memory corruption in other code. For instance, …
- risk 0.51cvss 7.8epss 0.00
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix even more out of bound writes from debugfs CVE-2021-42327 was fixed by: commit f23750b5b3d98653b31d4469592935ef6364ad67 Author: Thelford Williams <tdwilliamsiv@gmail.com> Date: Wed Oct 13…
- risk 0.49cvss 7.5epss 0.01
In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix potential NULL dereference The bpf_jit_binary_free() function requires a non-NULL argument. When the RISC-V BPF JIT fails to converge in NR_JIT_ITERATIONS steps, jit_data->header will be NULL,…
- risk 0.51cvss 7.8epss 0.00
In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all…
- risk 0.51cvss 7.8epss 0.00
In the Linux kernel, the following vulnerability has been resolved: regmap: Fix possible double-free in regcache_rbtree_exit() In regcache_rbtree_insert_to_block(), when 'present' realloc failed, the 'blk' which is supposed to assign to 'rbnode->block' will be freed, so…