Lucene search
K

23141 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:5 a.m.11 views

CVE-2023-6399

A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, USG20W-VPN series firmware versions from 4.16 through 5.37...

6.5CVSS6.7AI score0.00649EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.19 views

CVE-2023-33011

A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.10 through 5.36 Patch 2, USG20W-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN...

8.8CVSS7.4AI score0.00303EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.11 views

CVE-2023-2186

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

9.8CVSS7AI score0.00706EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:57 a.m.8 views

CVE-2022-43869

IBM Spectrum Scale 5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1 and IBM Elastic Storage System 6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1 could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539...

6.5CVSS6.3AI score0.00994EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/23 12:0 a.m.2 views

Towards a Quantum-Classical Augmented Network

In the past decade, several small-scale quantum key distribution networks have been established. However, the deployment of large-scale quantum networks depends on the development of quantum repeaters, quantum channels, quantum memories, and quantum network protocols. To improve the security of...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/23 12:0 a.m.2 views

JALMBench: Benchmarking Jailbreak Vulnerabilities in Audio Language Models

Whitepaper called JALMBench: Benchmarking Jailbreak Vulnerabilities In Audio Language Models...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:42 p.m.6 views

CVE-2022-41180

Due to lack of proper memory management, when a victim opens a manipulated Portable Document Format .pdf, PDFPublishing.dll file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a...

7.8CVSS7.8AI score0.00342EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:24 p.m.3 views

CVE-2022-3023

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

9.8CVSS6.7AI score0.00562EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:18 p.m.8 views

CVE-2022-24974

Links may not be rewritten according to policy in some specially formatted emails...

5.3CVSS6.9AI score0.0064EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:55 p.m.5 views

CVE-2022-32601

In telephony, there is a possible permission bypass due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319132; Issue ID: ALPS07319132...

7.8CVSS6.7AI score0.00109EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:19 p.m.9 views

CVE-2022-20135

In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12...

7.8CVSS7AI score0.00198EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 p.m.7 views

CVE-2022-39843

123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of a stack-based buffer overflow in the cell format processing routines, as demonstrated by a certain...

7.8CVSS8.2AI score0.00447EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 p.m.6 views

CVE-2022-39237

syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not verify that the hash algorithms used are cryptographically secure when verifying digital signatures. A patch is available in version =...

9.8CVSS6.7AI score0.00477EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:39 p.m.6 views

CVE-2021-26236

FastStone Image Viewer v.= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affecting the CUR file parsing functionality BITMAPINFOHEADER Structure, 'BitCount' file format field, that will end up corrupting the Structure Exception Handler SEH. Attackers could exploit this issue to...

7.8CVSS7.5AI score0.01968EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:32 p.m.3 views

CVE-2021-35331

In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding...

7.8CVSS7.5AI score0.01639EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 p.m.5 views

CVE-2021-37743

app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format...

5.4CVSS5.9AI score0.00672EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:50 p.m.5 views

CVE-2021-34083

Google-it is a Node.js package which allows its users to send search queries to Google and receive the results in a JSON format. When using the 'Open in browser' option in versions up to 1.6.2, google-it will unsafely concat the result's link retrieved from google to a shell command, potentially...

9.3CVSS6.7AI score0.01924EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:38 p.m.4 views

CVE-2021-30145

A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file...

7.8CVSS7.3AI score0.02409EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:34 p.m.6 views

CVE-2021-28789

The unofficial apple/swift-format extension before 1.1.2 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted apple-swift-format.path configuration value that triggers execution upon opening the workspace...

7.8CVSS8.2AI score0.01714EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.7 views

CVE-2021-25345

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...

5.5CVSS6.7AI score0.00119EPSS
Exploits0References1
Rows per page
Query Builder