B&R Security Vulnerabilities
r-models.eu Cross Site Scripting vulnerability OBB-3846919
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Exploit for OS Command Injection in Dolibarr Dolibarr Erp\/Crm
CVE-2023-30253 Exploit Dolibarr...
7.5AI Score
0.005EPSS
Exploit for OS Command Injection in Dolibarr Dolibarr Erp\/Crm
CVE-2023-30253 Exploit Dolibarr...
7.5AI Score
0.005EPSS
Exploit for Race Condition in Apple Watchos
desc_race "desc_race" (CVE-2021-30955) exploit for iOS 15.0 -...
6.8AI Score
n-e-r-v-o-u-s.com Cross Site Scripting vulnerability OBB-3857032
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
6.8AI Score
0.001EPSS
Exploit for Vulnerability in Cisco Ios Xe
CVE-2023-20273 CVE-2023-20273 Exploit PoC Usage ```...
7.4AI Score
0.026EPSS
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...
5.6AI Score
0.0004EPSS
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local...
7AI Score
0.0004EPSS
Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local...
6.3AI Score
0.0004EPSS
r-b-a.ru Cross Site Scripting vulnerability OBB-3906108
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local...
6.4CVSS
6.7AI Score
0.0004EPSS
Arbitrary File Overwrite in Eclipse JGit
Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensiti...
8.8AI Score
0.001EPSS
6.5AI Score
0.019EPSS
Exploit for Improper Initialization in Linux Linux Kernel
CVE-2022-0847 The Dirty Pipe Vulnerability For educational...
8.2AI Score
0.076EPSS
Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local access. Bugs https://bugzilla.redhat.com/show_bug.cgi?id=2278989...
6.4AI Score
0.0004EPSS
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local...
6AI Score
0.0004EPSS
7.4AI Score
0.019EPSS
Exploit for OS Command Injection in Tp-Link Tl-Wr840N Firmware
CVE-2022-25064 TP-LINK TL-WR840N RCE via the function...
10AI Score
0.012EPSS
B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive...
8.3CVSS
8.5AI Score
0.0004EPSS
Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local...
4.7AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
6.5AI Score
0.0004EPSS
(RHSA-2024:3422) Important: linux-firmware security update
The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): linux-firmware: hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-27635) linux-firmware: hw: intel: Improper access control for...
7AI Score
0.0004EPSS
r-toyota.co.jp Cross Site Scripting vulnerability OBB-3916414
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2021-47342 ext4: fix possible UAF when remounting r/o a mmp-protected file system
In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread...
7AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
CVE-2024-21762 out-of-bounds write in Fortinet FortiOS ...
8.7AI Score
0.018EPSS
Exploit for Inadequate Encryption Strength in Alpha-Innotec Heat Pumps Firmware
CVE-2024-22894 Downloaded the latest heatpump firmware...
7AI Score
0.001EPSS
r-sky.co.jp Improper Access Control vulnerability OBB-3844078
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
7.3AI Score
Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated user to potentially enable information disclosure via network...
5.3CVSS
6.6AI Score
0.0004EPSS
Exploit for Off-by-one Error in F5 Nginx
CVE-2021-23017-PoC ``` pip install -r requirements.txt...
8.1AI Score
0.52EPSS
Improper neutralization in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.5081 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent network...
7.8CVSS
7.8AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) Quartus(R) Prime Standard Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
7AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
7AI Score
0.0004EPSS
Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user’s system when interacted....
8.8CVSS
7.8AI Score
0.0004EPSS
Unchecked return value in SDM firmware for Intel(R) Stratix 10 and Intel(R) Agilex 7 FPGAs before version 23.3 may allow an authenticated user to potentially enable denial of service via adjacent...
7.6CVSS
6.7AI Score
0.0004EPSS
Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local...
3.9CVSS
6.9AI Score
0.0004EPSS
Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an authenticated user to potentially enable escalation of privilege via local...
8.4CVSS
7.1AI Score
0.0004EPSS
Improper conditions check for some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
7.1AI Score
0.0004EPSS
Uncaught exception in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local...
7.2CVSS
7AI Score
0.0004EPSS
Improper neutralization in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local...
7.2CVSS
7AI Score
0.0004EPSS
Improper conditions check for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.20 may allow a privileged user to potentially enable denial of service via local...
4.4CVSS
6.4AI Score
0.0004EPSS
Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local...
7.2CVSS
7AI Score
0.0004EPSS
Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local...
7.2CVSS
7AI Score
0.0004EPSS
Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable denial of service via local...
6CVSS
6.5AI Score
0.0004EPSS
Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated user to potentially enable denial of service via network...
8.6CVSS
6.9AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro Edition Design software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
7AI Score
0.0004EPSS
Insufficient control flow management in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local...
7.2CVSS
7AI Score
0.0004EPSS
6.4AI Score
0.019EPSS
Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local...
3.9CVSS
7AI Score
0.0004EPSS