Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
8AI Score
0.0004EPSS
Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code...
8.8CVSS
8.7AI Score
0.01EPSS
IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID:...
5.3CVSS
5.2AI Score
0.001EPSS
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure...
5.5CVSS
6AI Score
0.0004EPSS
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from...
5.5CVSS
6AI Score
0.0004EPSS
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from...
5.5CVSS
6AI Score
0.0004EPSS
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723,...
7.8CVSS
7.7AI Score
0.0004EPSS
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0668, CVE-2020-0669, CVE-2020-0670,...
7.8CVSS
7.5AI Score
0.006EPSS
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0668, CVE-2020-0670, CVE-2020-0671,...
7.8CVSS
7.7AI Score
0.006EPSS
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0668, CVE-2020-0669, CVE-2020-0671,...
7.8CVSS
7.5AI Score
0.006EPSS
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671,...
7.8CVSS
7.7AI Score
0.006EPSS
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0668, CVE-2020-0669, CVE-2020-0670,...
7.8CVSS
7.5AI Score
0.006EPSS
An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the.....
7.5CVSS
7.3AI Score
0.007EPSS
A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP...
6.8CVSS
6.7AI Score
0.001EPSS
IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Queue Manager could cause a SIGSEGV denial of service caused by converting an invalid message. IBM X-Force ID:...
6.5CVSS
6.2AI Score
0.001EPSS
IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel. IBM X-Force ID:...
5.9CVSS
5.8AI Score
0.001EPSS
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure...
5.5CVSS
6.4AI Score
0.0004EPSS
An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST.....
7.5CVSS
7.4AI Score
0.002EPSS
Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted...
8.8CVSS
8.5AI Score
0.0004EPSS
Brackets versions 1.14 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code...
9.8CVSS
9.7AI Score
0.014EPSS
IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a local attacker to execute arbitrary code on the system, caused by an untrusted search path vulnerability. By using a executable file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM...
7.8CVSS
7.7AI Score
0.001EPSS
Tableau Server 10.3 through 2019.4 on Windows and Linux allows XSS via the embeddedAuthRedirect...
6.1CVSS
5.9AI Score
0.001EPSS
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from...
5.5CVSS
6.1AI Score
0.0005EPSS
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from...
5.5CVSS
6.1AI Score
0.0005EPSS
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure...
5.5CVSS
6AI Score
0.0005EPSS
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary...
9.8CVSS
9.6AI Score
0.018EPSS
Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file...
7.8CVSS
7.8AI Score
0.0004EPSS
An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and...
NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of...
6.7CVSS
6.8AI Score
0.0004EPSS
SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Server Side Request Forgery, and/or Potential Denial of Service attacks. This vulnerability also affects....
10CVSS
9.3AI Score
0.004EPSS
Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local...
4.4CVSS
5.4AI Score
0.0004EPSS
Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local...
5.5CVSS
5.8AI Score
0.0004EPSS
Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.8AI Score
0.0004EPSS
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A....
7.8CVSS
8.2AI Score
0.0004EPSS
Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local...
7.8CVSS
7.5AI Score
0.0004EPSS
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local...
7.8CVSS
7.5AI Score
0.0004EPSS
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from...
5.5CVSS
6.4AI Score
0.0005EPSS
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from...
5.5CVSS
6.4AI Score
0.0005EPSS
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396,...
7.8CVSS
7.6AI Score
0.001EPSS
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege...
7.8CVSS
8.3AI Score
0.0004EPSS
A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource...
7.5CVSS
7.5AI Score
0.002EPSS
A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remote user to read internal...
7.5CVSS
7.5AI Score
0.003EPSS
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of...
5.5CVSS
5.9AI Score
0.0004EPSS
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of...
7.8CVSS
6.8AI Score
0.0004EPSS
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the size of an input buffer is not validated, which may lead to denial of service or escalation of...
7.8CVSS
6.9AI Score
0.0004EPSS
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a NULL pointer is dereferenced, which may lead to denial of service or escalation of...
7.8CVSS
6.9AI Score
0.0004EPSS
An arbitrary command injection vulnerability in the Cluster Server component of Veritas InfoScale allows an unauthenticated remote attacker to execute arbitrary commands as root or administrator. These Veritas products are affected: Access 7.4.2 and earlier, Access Appliance 7.4.2 and earlier,...
9.8CVSS
9.9AI Score
0.004EPSS
browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will...
9.1CVSS
8.6AI Score
0.002EPSS
IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID:...
7.8CVSS
7.9AI Score
0.0004EPSS
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from...
7.8CVSS
7.6AI Score
0.001EPSS