In eemgpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08713302; Issue ID:...
In dmc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08668110; Issue ID:...
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00367704; Issue ID:...
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364732; Issue ID:...
In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364733; Issue ID:...
In modem, there is a possible out of bounds write due to improper input invalidation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01267285; Issue ID:...
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID:...
Decompressors can crash the JVM and leak memory content in Aircompressor
Summary All decompressor implementations of Aircompressor (LZ4, LZO, Snappy, Zstandard) can crash the JVM for certain input, and in some cases also leak the content of other memory of the Java process (which could contain sensitive information). Details When decompressing certain data, the...
0.0004EPSS
Sensitive Data Disclosure Vulnerability in Connection Configuration Endpoints
The Fides webserver has a number of endpoints that retrieve ConnectionConfiguration records and their associated secrets which can contain sensitive data (e.g. passwords, private keys, etc.). These secrets are stored encrypted at rest (in the application database), and the associated endpoints are....
Reflected Cross-site Scripting in yiisoft/yii2 Debug mode
During the internal penetration testing of our product based on Yii2, we discovered an XSS vulnerability within the framework itself. This issue is relevant for the latest version of Yii2 (2.0.49.3). Conditions for vulnerability reproduction The framework is in debug mode (YII_DEBUG set to true)......
CVE-2022-31629 affecting package php 7.4.14-3
CVE-2022-31629 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.9AI Score
0.006EPSS
CVE-2022-36033 affecting package jsoup 1.11.3-3
CVE-2022-36033 affecting package jsoup 1.11.3-3. No patch is available...
8AI Score
0.001EPSS
CVE-2017-9120 affecting package php 7.4.14-3
CVE-2017-9120 affecting package php 7.4.14-3. This CVE either no longer is or was never...
7.5AI Score
0.009EPSS
CVE-2017-8923 affecting package php 7.4.14-3
CVE-2017-8923 affecting package php 7.4.14-3. This CVE either no longer is or was never...
7.5AI Score
0.005EPSS
CVE-1999-0901 affecting package ypserv 4.1-4
CVE-1999-0901 affecting package ypserv 4.1-4. No patch is available...
6.9AI Score
0.0004EPSS
CVE-2021-28543 affecting package varnish-modules 0.16.0-4
CVE-2021-28543 affecting package varnish-modules 0.16.0-4. This CVE either no longer is or was never...
7AI Score
0.002EPSS
CVE-2018-1057 affecting package samba 4.12.5-4
CVE-2018-1057 affecting package samba 4.12.5-4. This CVE either no longer is or was never...
8.9AI Score
0.011EPSS
CVE-2021-21704 affecting package php 7.4.14-3
CVE-2021-21704 affecting package php 7.4.14-3. This CVE either no longer is or was never...
7AI Score
0.004EPSS
CVE-2007-3205 affecting package php 7.4.14-3
CVE-2007-3205 affecting package php 7.4.14-3. This CVE either no longer is or was never...
6.9AI Score
0.065EPSS
CVE-2022-45639 affecting package sleuthkit 4.9.0-4
CVE-2022-45639 affecting package sleuthkit 4.9.0-4. No patch is available...
7.5AI Score
0.004EPSS
CVE-2022-42969 affecting package python-py 1.10.0-3
CVE-2022-42969 affecting package python-py 1.10.0-3. No patch is available...
7.7AI Score
0.006EPSS
CVE-2022-31628 affecting package php 7.4.14-3
CVE-2022-31628 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.9AI Score
0.0005EPSS
CVE-2022-38128 affecting package binutils 2.37-4
CVE-2022-38128 affecting package binutils 2.37-4. This CVE either no longer is or was never...
8AI Score
CVE-2017-9118 affecting package php 7.4.14-3
CVE-2017-9118 affecting package php 7.4.14-3. This CVE either no longer is or was never...
7.5AI Score
0.002EPSS
CVE-2022-25345 affecting package opus 1.3.1-4
CVE-2022-25345 affecting package opus 1.3.1-4. No patch is available...
7.7AI Score
0.001EPSS
CVE-1999-0902 affecting package ypserv 4.1-4
CVE-1999-0902 affecting package ypserv 4.1-4. No patch is available...
6.9AI Score
0.0004EPSS
CVE-2020-7071 affecting package php 7.4.14-3
CVE-2020-7071 affecting package php 7.4.14-3. This CVE either no longer is or was never...
6.6AI Score
0.006EPSS
CVE-2022-38126 affecting package binutils 2.37-4
CVE-2022-38126 affecting package binutils 2.37-4. This CVE either no longer is or was never...
8AI Score
CVE-2022-31626 affecting package php 7.4.14-3
CVE-2022-31626 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.8AI Score
0.008EPSS
CVE-2007-1397 affecting package fish 3.1.2-4
CVE-2007-1397 affecting package fish 3.1.2-4. This CVE either no longer is or was never...
7.5AI Score
0.171EPSS
CVE-2021-21705 affecting package php 7.4.14-3
CVE-2021-21705 affecting package php 7.4.14-3. This CVE either no longer is or was never...
6.6AI Score
0.001EPSS
CVE-2021-21703 affecting package php 7.4.14-3
CVE-2021-21703 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.6AI Score
0.001EPSS
CVE-2017-5834 affecting package libplist 2.1.0-4
CVE-2017-5834 affecting package libplist 2.1.0-4. No patch is available...
7.1AI Score
0.002EPSS
CVE-2020-27827 affecting package lldpd 1.0.4-3
CVE-2020-27827 affecting package lldpd 1.0.4-3. This CVE either no longer is or was never...
7.6AI Score
0.006EPSS
CVE-2022-38127 affecting package binutils 2.37-4
CVE-2022-38127 affecting package binutils 2.37-4. This CVE either no longer is or was never...
8AI Score
CVE-2022-20001 affecting package fish 3.1.2-4
CVE-2022-20001 affecting package fish 3.1.2-4. This CVE either no longer is or was never...
8AI Score
0.002EPSS
CVE-2018-1050 affecting package samba 4.12.5-4
CVE-2018-1050 affecting package samba 4.12.5-4. This CVE either no longer is or was never...
4.9AI Score
0.027EPSS
CVE-2021-21707 affecting package php 7.4.14-3
CVE-2021-21707 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.6AI Score
0.001EPSS
CVE-2017-5836 affecting package libplist 2.1.0-4
CVE-2017-5836 affecting package libplist 2.1.0-4. No patch is available...
7.7AI Score
0.003EPSS
CVE-2017-5835 affecting package libplist 2.1.0-4
CVE-2017-5835 affecting package libplist 2.1.0-4. No patch is available...
7.1AI Score
0.003EPSS
CVE-2013-7381 affecting package libnotify 0.7.9-4
CVE-2013-7381 affecting package libnotify 0.7.9-4. This CVE either no longer is or was never...
7AI Score
0.003EPSS
CVE-2022-1941 affecting package mysql 8.0.35-4
CVE-2022-1941 affecting package mysql 8.0.35-4. No patch is available...
7.7AI Score
0.002EPSS
CVE-2023-25136 affecting package openssh 8.9p1-4
CVE-2023-25136 affecting package openssh 8.9p1-4. This CVE either no longer is or was never...
7AI Score
0.011EPSS
CVE-2022-31625 affecting package php 7.4.14-3
CVE-2022-31625 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.8AI Score
0.004EPSS
CVE-2021-21708 affecting package php 7.4.14-3
CVE-2021-21708 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.9AI Score
0.003EPSS
CVE-2020-1472 affecting package samba for versions less than 4.12.5-4
CVE-2020-1472 affecting package samba for versions less than 4.12.5-4. A patched version of the package is...
7.2AI Score
0.511EPSS
CVE-2021-21702 affecting package php 7.4.14-3
CVE-2021-21702 affecting package php 7.4.14-3. This CVE either no longer is or was never...
8.2AI Score
0.012EPSS
CVE-2021-37714 affecting package jsoup 1.11.3-3
CVE-2021-37714 affecting package jsoup 1.11.3-3. No patch is available...
7.8AI Score
0.009EPSS
CVE-2000-0006 affecting package strace 5.16-4
CVE-2000-0006 affecting package strace 5.16-4. This CVE either no longer is or was never...
6.7AI Score
0.001EPSS
CVE-2016-2568 affecting package polkit 0.119-3
CVE-2016-2568 affecting package polkit 0.119-3. No patch is available...
7.9AI Score
0.0004EPSS