Lucene search

K

Ryzen™ 3000 Series Desktop Processors Security Vulnerabilities

cve
cve

CVE-2024-6055

Improper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on Windows allows an attacker that obtains the exported settings to recover powershell credentials configured on the data source via stealing the configuration...

6.6AI Score

EPSS

2024-06-17 01:15 PM
2
nvd
nvd

CVE-2024-6057

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode...

EPSS

2024-06-17 01:15 PM
2
nvd
nvd

CVE-2024-6055

Improper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on Windows allows an attacker that obtains the exported settings to recover powershell credentials configured on the data source via stealing the configuration...

EPSS

2024-06-17 01:15 PM
1
cve
cve

CVE-2024-6057

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode...

7AI Score

EPSS

2024-06-17 01:15 PM
1
cvelist
cvelist

CVE-2024-6057

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode...

EPSS

2024-06-17 01:10 PM
1
cvelist
cvelist

CVE-2024-6055

Improper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on Windows allows an attacker that obtains the exported settings to recover powershell credentials configured on the data source via stealing the configuration...

EPSS

2024-06-17 12:55 PM
3
nvd
nvd

CVE-2024-5650

DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to...

8.5CVSS

0.0004EPSS

2024-06-17 07:15 AM
3
cve
cve

CVE-2024-5650

DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to...

8.5CVSS

8.7AI Score

0.0004EPSS

2024-06-17 07:15 AM
2
vulnrichment
vulnrichment

CVE-2024-5650

DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to...

8.5CVSS

7.5AI Score

0.0004EPSS

2024-06-17 06:21 AM
cvelist
cvelist

CVE-2024-5650

DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to...

8.5CVSS

0.0004EPSS

2024-06-17 06:21 AM
2
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0224)

The remote host is missing an update for...

8.5CVSS

7.1AI Score

0.005EPSS

2024-06-17 12:00 AM
nvd
nvd

CVE-2024-6039

A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipulation of the argument dim leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public....

6.3CVSS

0.0004EPSS

2024-06-16 10:15 PM
2
cve
cve

CVE-2024-6039

A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipulation of the argument dim leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-06-16 10:15 PM
5
cvelist
cvelist

CVE-2024-6039 Feng Office Workspaces sql injection

A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipulation of the argument dim leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public....

6.3CVSS

0.0004EPSS

2024-06-16 10:00 PM
3
vulnrichment
vulnrichment

CVE-2024-6039 Feng Office Workspaces sql injection

A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipulation of the argument dim leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-06-16 10:00 PM
mageia
mageia

Updated atril packages fix security vulnerability

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user....

8.5CVSS

7.5AI Score

0.005EPSS

2024-06-16 02:07 AM
6
thn
thn

Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan

Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group's latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile...

7AI Score

2024-06-15 09:51 AM
15
nessus
nessus

Debian dla-3828 : atril - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3828 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3828-1 [email protected] ...

9.6CVSS

9.1AI Score

0.005EPSS

2024-06-15 12:00 AM
cve
cve

CVE-2024-37885

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the...

3.8CVSS

4.8AI Score

0.0004EPSS

2024-06-14 04:15 PM
14
nvd
nvd

CVE-2024-37885

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the...

3.8CVSS

0.0004EPSS

2024-06-14 04:15 PM
2
debiancve
debiancve

CVE-2024-37885

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the...

3.8CVSS

4.7AI Score

0.0004EPSS

2024-06-14 04:15 PM
1
cvelist
cvelist

CVE-2024-37885 Code injection in Nextcloud Desktop Client for macOS

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the...

3.8CVSS

0.0004EPSS

2024-06-14 03:42 PM
6
vulnrichment
vulnrichment

CVE-2024-37885 Code injection in Nextcloud Desktop Client for macOS

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the...

3.8CVSS

7.7AI Score

0.0004EPSS

2024-06-14 03:42 PM
nextcloud
nextcloud

Code injection in Nextcloud Desktop Client for macOS

Description Impact A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. Patches It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0 Workarounds No workaround...

3.8CVSS

7.3AI Score

0.0004EPSS

2024-06-14 02:34 PM
rocky
rocky

NetworkManager-libreswan bug fix update

An update is available for NetworkManager-libreswan. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This package contains software for integrating the...

7.3AI Score

2024-06-14 02:00 PM
3
rocky
rocky

libreoffice security update

An update is available for libreoffice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

8.8CVSS

7.2AI Score

0.001EPSS

2024-06-14 02:00 PM
osv
osv

Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS

7.4AI Score

0.001EPSS

2024-06-14 02:00 PM
5
rocky
rocky

sushi bug fix update

An update is available for sushi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Sushi is a quick file previewer for Nautilus, the GNOME desktop file manager......

7.3AI Score

2024-06-14 01:59 PM
1
rocky
rocky

xdg-desktop-portal bug fix and enhancement update

An update is available for xdg-desktop-portal. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

6.8AI Score

2024-06-14 01:59 PM
1
osv
osv

Important: tigervnc security update

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients....

7.8CVSS

7.8AI Score

0.0005EPSS

2024-06-14 01:59 PM
rocky
rocky

open-vm-tools bug fix and enhancement update

An update is available for open-vm-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

tigervnc security update

An update is available for tigervnc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Virtual Network Computing (VNC) is a remote display system which allows...

7.8CVSS

7.8AI Score

0.0005EPSS

2024-06-14 01:59 PM
rocky
rocky

xdg-desktop-portal-gtk bug fix and enhancement update

An update is available for xdg-desktop-portal-gtk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the.....

6.8AI Score

2024-06-14 01:59 PM
nvd
nvd

CVE-2024-37182

Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI...

4.7CVSS

0.0004EPSS

2024-06-14 09:15 AM
2
cve
cve

CVE-2024-37182

Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI...

4.7CVSS

4.9AI Score

0.0004EPSS

2024-06-14 09:15 AM
13
cve
cve

CVE-2024-36287

Mattermost Desktop App versions <=5.7.0 fail to disable certain Electron debug flags which allows for bypassing TCC restrictions on...

3.8CVSS

4.3AI Score

0.0004EPSS

2024-06-14 09:15 AM
11
nvd
nvd

CVE-2024-36287

Mattermost Desktop App versions <=5.7.0 fail to disable certain Electron debug flags which allows for bypassing TCC restrictions on...

3.8CVSS

0.0004EPSS

2024-06-14 09:15 AM
2
cvelist
cvelist

CVE-2024-37182 Lack of permissions prompting when opening external URLs

Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI...

4.7CVSS

0.0004EPSS

2024-06-14 08:39 AM
1
vulnrichment
vulnrichment

CVE-2024-37182 Lack of permissions prompting when opening external URLs

Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI...

4.7CVSS

7.1AI Score

0.0004EPSS

2024-06-14 08:39 AM
vulnrichment
vulnrichment

CVE-2024-36287 Bypass of TCC restrictions on macOS

Mattermost Desktop App versions <=5.7.0 fail to disable certain Electron debug flags which allows for bypassing TCC restrictions on...

3.8CVSS

6.9AI Score

0.0004EPSS

2024-06-14 08:39 AM
cvelist
cvelist

CVE-2024-36287 Bypass of TCC restrictions on macOS

Mattermost Desktop App versions <=5.7.0 fail to disable certain Electron debug flags which allows for bypassing TCC restrictions on...

3.8CVSS

0.0004EPSS

2024-06-14 08:39 AM
2
redhatcve
redhatcve

CVE-2023-46103

A flaw was found in intel-microcode. The sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra processors that may allow an authenticated user to enable a denial of service via local access. Mitigation Mitigation for this issue is either not available or the...

4.7CVSS

4.4AI Score

0.0004EPSS

2024-06-14 01:42 AM
redhatcve
redhatcve

CVE-2023-45733

A flaw was found in intel-microcode. The hardware logic contains race conditions in some Intel(R) processors that may allow an authenticated user to enable partial information disclosure via local access. Mitigation Mitigation for this issue is either not available or the currently available...

2.8CVSS

3.2AI Score

0.0004EPSS

2024-06-14 01:12 AM
ubuntucve
ubuntucve

CVE-2024-36287

Mattermost Desktop App versions <=5.7.0 fail to disable certain Electron debug flags which allows for bypassing TCC restrictions on...

3.8CVSS

7.3AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Debian dla-3827 : libcolorcorrect5 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3827 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3827-1 [email protected] ...

6.4AI Score

EPSS

2024-06-14 12:00 AM
cve
cve

CVE-2024-5924

Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit.....

8.8CVSS

8.7AI Score

0.0004EPSS

2024-06-13 08:15 PM
18
nvd
nvd

CVE-2024-5924

Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit.....

8.8CVSS

0.0004EPSS

2024-06-13 08:15 PM
3
cvelist
cvelist

CVE-2024-5924 Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability

Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit.....

8.8CVSS

0.0004EPSS

2024-06-13 07:40 PM
3
nvd
nvd

CVE-2024-34116

Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to load and execute malicious libraries, leading to arbitrary file delete....

5.5CVSS

0.0004EPSS

2024-06-13 12:15 PM
4
cve
cve

CVE-2024-34116

Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to load and execute malicious libraries, leading to arbitrary file delete....

5.5CVSS

5.7AI Score

0.0004EPSS

2024-06-13 12:15 PM
19
Total number of security vulnerabilities84216