Desktop Security Vulnerabilities
A maliciously crafted DLL file can be forced to install onto a non-default location, and attacker can overwrite parts of the product with malicious DLLs. These files may then have elevated privileges leading to a Privilege Escalation...
7.8CVSS
7.3AI Score
0.001EPSS
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
5.5CVSS
6AI Score
0.001EPSS
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
5.5CVSS
6AI Score
0.001EPSS
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
5.5CVSS
6AI Score
0.001EPSS
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
5.5CVSS
6AI Score
0.001EPSS
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...
7.8CVSS
7.7AI Score
0.004EPSS
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
5.5CVSS
6AI Score
0.001EPSS
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code...
9.8CVSS
8AI Score
0.001EPSS
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of...
5.7CVSS
5.3AI Score
0.0005EPSS
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in...
7.5CVSS
5.4AI Score
0.001EPSS
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege...
8.1CVSS
7.5AI Score
0.001EPSS
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code...
9.8CVSS
7.8AI Score
0.001EPSS
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in...
7.5CVSS
7.3AI Score
0.001EPSS
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and...
6.1CVSS
7.2AI Score
0.0004EPSS
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code...
9.8CVSS
7.4AI Score
0.013EPSS
A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.3AI Score
0.0004EPSS
A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.3AI Score
0.0004EPSS
A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.3AI Score
0.0004EPSS
A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.3AI Score
0.0004EPSS
A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.3AI Score
0.0004EPSS
A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.3AI Score
0.0004EPSS
A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.3AI Score
0.0004EPSS
A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.3AI Score
0.0004EPSS
A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive...
4.4CVSS
7.2AI Score
0.0004EPSS
A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.3AI Score
0.0004EPSS
A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive...
4.4CVSS
7.1AI Score
0.0004EPSS
A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary...
6.7CVSS
7.7AI Score
0.0004EPSS
A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.2AI Score
0.0004EPSS
A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary...
6.7CVSS
8.3AI Score
0.0004EPSS
A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive...
4.4CVSS
7.1AI Score
0.0004EPSS
A SSRF vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0, specifically the /smtpConfig.do component. This vulnerability could allow an authenticated attacker to launch targeted attacks, such as a cross-port attack, service enumeration and other attacks via HTTP...
8.8CVSS
7.1AI Score
0.004EPSS
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fileName parameter in...
6.1CVSS
7.8AI Score
0.005EPSS
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fileName parameter in...
6.1CVSS
7.8AI Score
0.005EPSS
Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard...
3.3CVSS
7.3AI Score
0.0004EPSS
Mattermost Desktop fails to correctly handle permissions or prompt the user for consent on certain sensitive ones allowing media exploitation from a malicious mattermost...
5.3CVSS
7.2AI Score
0.0005EPSS
Mattermost fails to properly validate a RegExp built off the server URL path, allowing an attacker in control of an enrolled server to mount a Denial Of...
5.3CVSS
7.3AI Score
0.0004EPSS
A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to remotely execute code from another windows user session on the same host via a specially crafted TCP...
9.8CVSS
8.5AI Score
0.002EPSS
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source...
9.8CVSS
7.6AI Score
0.001EPSS
Adobe Photoshop versions 23.5.5 (and earlier) and 24.7 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a.....
7.8CVSS
7AI Score
0.002EPSS
A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low...
5CVSS
7.4AI Score
0.0005EPSS
A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low...
5.6CVSS
7.4AI Score
0.0005EPSS
Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before...
6.5CVSS
6.8AI Score
0.001EPSS
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
8.8CVSS
6.8AI Score
0.0004EPSS
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation (LPE).This issue affects Docker Desktop:...
7.8CVSS
7.6AI Score
0.0004EPSS
Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before...
9.8CVSS
9.3AI Score
0.001EPSS
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation (LPE).This issue affects Docker Desktop: before...
7.8CVSS
7.9AI Score
0.0004EPSS
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before...
9.8CVSS
9.2AI Score
0.001EPSS
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local...
5.5CVSS
5AI Score
0.0004EPSS