| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-29513 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | An issue in briscKernelDriver.sys in BlueRiSC WindowsSCOPE Cyber Forensics before 3.3 allows a local attacker to execute arbitrary code within the driver and create a local denial-of-service condition due to an improper DACL being applied to the device the driver creates. | ||
| CVE-2024-29165 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher32, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||
| CVE-2024-29163 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||
| CVE-2024-29162 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HG_read, resulting in denial of service or potential code execution. | ||
| CVE-2024-29161 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2024 | HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||
| CVE-2024-29160 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_heap_deserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||
| CVE-2024-29158 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||
| CVE-2024-28279 | Hig | 0.47 | 7.3 | 0.00 | May 14, 2024 | Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via book.php?bookisbn=. | ||
| CVE-2024-27843 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to elevate privileges. | ||
| CVE-2024-27842 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2024-27829 | Hig | 0.51 | 7.8 | 0.01 | May 14, 2024 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5. Processing a file may lead to unexpected app termination or arbitrary code execution. | ||
| CVE-2024-27825 | Hig | 0.46 | 7.1 | 0.00 | May 14, 2024 | A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.5. An app may be able to bypass certain Privacy preferences. | ||
| CVE-2024-27824 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to elevate privileges. | ||
| CVE-2024-27822 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.5. An app may be able to gain root privileges. | ||
| CVE-2024-27818 | Hig | 0.51 | 7.8 | 0.01 | May 14, 2024 | The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An attacker may be able to cause unexpected app termination or arbitrary code execution. | ||
| CVE-2024-27813 | Hig | 0.56 | 8.6 | 0.00 | May 14, 2024 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | ||
| CVE-2024-27798 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | An authorization issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An attacker may be able to elevate privileges. | ||
| CVE-2024-27796 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An attacker may be able to elevate privileges. | ||
| CVE-2024-27793 | Hig | 0.51 | 7.8 | 0.01 | May 14, 2024 | The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows. Parsing a file may lead to an unexpected app termination or arbitrary code execution. | ||
| CVE-2024-27790 | Hig | 0.49 | 7.5 | 0.00 | May 14, 2024 | Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests. | ||
| CVE-2024-27401 | Hig | 0.39 | 7.1 | 0.00 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure user_length is taken into account when fetching packet contents Ensure that packet_buffer_get respects the user_length provided. If the length of the head packet exceeds the user_length,… | ||
| CVE-2024-27398 | Hig | 0.44 | 7.8 | 0.01 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection… | ||
| CVE-2024-27397 | Hig | 0.46 | 7.0 | 0.00 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate… | ||
| CVE-2024-27396 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU… | ||
| CVE-2024-27395 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible… | ||
| CVE-2024-27394 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: Fix Use-After-Free in tcp_ao_connect_init Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of tcp_ao_connect_init, is not part of the RCU read critical section, it is possible… | ||
| CVE-2024-27082 | Hig | 0.49 | 7.6 | 0.01 | May 14, 2024 | Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server and served to users who… | ||
| CVE-2024-25581 | Hig | 0.49 | 7.5 | 0.01 | May 14, 2024 | When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer (AXFR or IXFR) over DNS over HTTPS, causing… | ||
| CVE-2024-23576 | Hig | 0.46 | 7.1 | 0.00 | May 14, 2024 | Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations. | ||
| CVE-2024-23473 | Hig | 0.56 | 8.6 | 0.01 | May 14, 2024 | The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability allows access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership… | ||
| CVE-2024-22774 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component. | ||
| CVE-2024-22064 | Hig | 0.54 | 8.3 | 0.00 | May 14, 2024 | ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are… | ||
| CVE-2024-0097 | Hig | 0.49 | 7.5 | 0.00 | May 14, 2024 | NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to information disclosure,… | ||
| CVE-2024-0096 | Hig | 0.49 | 7.5 | 0.00 | May 14, 2024 | NVIDIA ChatRTX for Windows contains a vulnerability in Chat RTX UI, where a user can cause an improper privilege management issue by sending user inputs to change execution flow. A successful exploit of this vulnerability might lead to information disclosure, escalation of… | ||
| CVE-2023-52719 | Hig | 0.46 | 7.1 | 0.00 | May 14, 2024 | Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||
| CVE-2023-49781 | Hig | 0.40 | 7.3 | 0.01 | May 14, 2024 | NocoDB is software for building databases as spreadsheets. Prior to 0.202.9, a stored cross-site scripting vulnerability exists within the Formula virtual cell comments functionality. The nc-gui/components/virtual-cell/Formula.vue displays a v-html tag with the value of "urls"… | ||
| CVE-2023-47712 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527. | ||
| CVE-2023-46870 | Hig | 0.47 | 7.3 | 0.00 | May 14, 2024 | extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python… | ||
| CVE-2023-26566 | Hig | 0.56 | 8.6 | 0.01 | May 14, 2024 | Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface (ARI), which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API. | ||
| CVE-2022-4967 | Hig | 0.00 | 7.7 | 0.00 | May 14, 2024 | strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not… | ||
| CVE-2022-32510 | Hig | 0.46 | 7.1 | 0.00 | May 14, 2024 | An issue was discovered on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge used an unencrypted channel to provide an administrative interface. A token can be easily eavesdropped by a malicious actor to impersonate a legitimate user and gain access to the… | ||
| CVE-2022-32509 | Hig | 0.57 | 8.8 | 0.00 | May 14, 2024 | An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.0 and Nuki Bridge v2 before 2.13.2. | ||
| CVE-2022-32508 | Hig | 0.49 | 7.5 | 0.01 | May 14, 2024 | An issue was discovered on certain Nuki Home Solutions devices. By sending a malformed HTTP verb, it is possible to force a reboot of the device. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2. | ||
| CVE-2022-32507 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2024 | An issue was discovered on certain Nuki Home Solutions devices. Some BLE commands, which should have been designed to be only called from privileged accounts, could also be called from unprivileged accounts. This demonstrates that no access controls were implemented for the… | ||
| CVE-2022-32505 | Hig | 0.46 | 7.1 | 0.00 | May 14, 2024 | An issue was discovered on certain Nuki Home Solutions devices. It is possible to send multiple BLE malformed packets to block some of the functionality and reboot the device. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4. | ||
| CVE-2022-32503 | Hig | 0.49 | 7.6 | 0.01 | May 14, 2024 | An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to this JTAG port may be able to connect to the device and bypass both hardware and software security protections. This affects Nuki Keypad before 1.9.2 and Nuki Fob before 1.8.1. | ||
| CVE-2020-18305 | Hig | 0.52 | 8.0 | 0.01 | May 14, 2024 | Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escalate privileges. | ||
| CVE-2024-34244 | Hig | 0.49 | 7.5 | 0.01 | May 8, 2024 | libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors. | ||
| CVE-2024-3951 | Hig | 0.46 | 7.1 | 0.00 | May 8, 2024 | PTC Codebeamer is vulnerable to a cross site scripting vulnerability that could allow an attacker to inject and execute malicious code. | ||
| CVE-2024-34347 | Hig | 0.47 | 8.3 | 0.01 | May 8, 2024 | @hoppscotch/cli is a CLI to run Hoppscotch Test Scripts in CI environments. Prior to 0.8.0, the @hoppscotch/js-sandbox package provides a Javascript sandbox that uses the Node.js vm module. However, the vm module is not safe for sandboxing untrusted Javascript code. This is… |
- risk 0.51cvss 7.8epss 0.00
An issue in briscKernelDriver.sys in BlueRiSC WindowsSCOPE Cyber Forensics before 3.3 allows a local attacker to execute arbitrary code within the driver and create a local denial-of-service condition due to an improper DACL being applied to the device the driver creates.
- risk 0.48cvss 7.4epss 0.00
HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher32, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
- risk 0.48cvss 7.4epss 0.00
HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
- risk 0.48cvss 7.4epss 0.00
HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HG_read, resulting in denial of service or potential code execution.
- risk 0.57cvss 8.8epss 0.01
HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
- risk 0.48cvss 7.4epss 0.00
HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_heap_deserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
- risk 0.48cvss 7.4epss 0.00
HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
- risk 0.47cvss 7.3epss 0.00
Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via book.php?bookisbn=.
- risk 0.51cvss 7.8epss 0.00
A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to elevate privileges.
- risk 0.51cvss 7.8epss 0.00
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.
- risk 0.51cvss 7.8epss 0.01
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5. Processing a file may lead to unexpected app termination or arbitrary code execution.
- risk 0.46cvss 7.1epss 0.00
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.5. An app may be able to bypass certain Privacy preferences.
- risk 0.51cvss 7.8epss 0.00
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to elevate privileges.
- risk 0.51cvss 7.8epss 0.00
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.5. An app may be able to gain root privileges.
- risk 0.51cvss 7.8epss 0.01
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An attacker may be able to cause unexpected app termination or arbitrary code execution.
- risk 0.56cvss 8.6epss 0.00
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
- risk 0.51cvss 7.8epss 0.00
An authorization issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An attacker may be able to elevate privileges.
- risk 0.51cvss 7.8epss 0.00
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An attacker may be able to elevate privileges.
- risk 0.51cvss 7.8epss 0.01
The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows. Parsing a file may lead to an unexpected app termination or arbitrary code execution.
- risk 0.49cvss 7.5epss 0.00
Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests.
- risk 0.39cvss 7.1epss 0.00
In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure user_length is taken into account when fetching packet contents Ensure that packet_buffer_get respects the user_length provided. If the length of the head packet exceeds the user_length,…
- risk 0.44cvss 7.8epss 0.01
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection…
- risk 0.46cvss 7.0epss 0.00
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate…
- risk 0.51cvss 7.8epss 0.00
In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU…
- risk 0.51cvss 7.8epss 0.00
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible…
- risk 0.48cvss 7.4epss 0.00
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix Use-After-Free in tcp_ao_connect_init Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of tcp_ao_connect_init, is not part of the RCU read critical section, it is possible…
- risk 0.49cvss 7.6epss 0.01
Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server and served to users who…
- risk 0.49cvss 7.5epss 0.01
When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer (AXFR or IXFR) over DNS over HTTPS, causing…
- risk 0.46cvss 7.1epss 0.00
Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.
- risk 0.56cvss 8.6epss 0.01
The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability allows access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership…
- risk 0.51cvss 7.8epss 0.00
An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component.
- risk 0.54cvss 8.3epss 0.00
ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are…
- risk 0.49cvss 7.5epss 0.00
NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to information disclosure,…
- risk 0.49cvss 7.5epss 0.00
NVIDIA ChatRTX for Windows contains a vulnerability in Chat RTX UI, where a user can cause an improper privilege management issue by sending user inputs to change execution flow. A successful exploit of this vulnerability might lead to information disclosure, escalation of…
- risk 0.46cvss 7.1epss 0.00
Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- risk 0.40cvss 7.3epss 0.01
NocoDB is software for building databases as spreadsheets. Prior to 0.202.9, a stored cross-site scripting vulnerability exists within the Formula virtual cell comments functionality. The nc-gui/components/virtual-cell/Formula.vue displays a v-html tag with the value of "urls"…
- risk 0.51cvss 7.8epss 0.00
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527.
- risk 0.47cvss 7.3epss 0.00
extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python…
- risk 0.56cvss 8.6epss 0.01
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface (ARI), which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API.
- risk 0.00cvss 7.7epss 0.00
strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not…
- risk 0.46cvss 7.1epss 0.00
An issue was discovered on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge used an unencrypted channel to provide an administrative interface. A token can be easily eavesdropped by a malicious actor to impersonate a legitimate user and gain access to the…
- risk 0.57cvss 8.8epss 0.00
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.0 and Nuki Bridge v2 before 2.13.2.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on certain Nuki Home Solutions devices. By sending a malformed HTTP verb, it is possible to force a reboot of the device. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered on certain Nuki Home Solutions devices. Some BLE commands, which should have been designed to be only called from privileged accounts, could also be called from unprivileged accounts. This demonstrates that no access controls were implemented for the…
- risk 0.46cvss 7.1epss 0.00
An issue was discovered on certain Nuki Home Solutions devices. It is possible to send multiple BLE malformed packets to block some of the functionality and reboot the device. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4.
- risk 0.49cvss 7.6epss 0.01
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to this JTAG port may be able to connect to the device and bypass both hardware and software security protections. This affects Nuki Keypad before 1.9.2 and Nuki Fob before 1.8.1.
- risk 0.52cvss 8.0epss 0.01
Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escalate privileges.
- risk 0.49cvss 7.5epss 0.01
libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors.
- risk 0.46cvss 7.1epss 0.00
PTC Codebeamer is vulnerable to a cross site scripting vulnerability that could allow an attacker to inject and execute malicious code.
- risk 0.47cvss 8.3epss 0.01
@hoppscotch/cli is a CLI to run Hoppscotch Test Scripts in CI environments. Prior to 0.8.0, the @hoppscotch/js-sandbox package provides a Javascript sandbox that uses the Node.js vm module. However, the vm module is not safe for sandboxing untrusted Javascript code. This is…