Lucene search
K

94 matches found

CNNVD
CNNVD
added 2025/08/06 12:0 a.m.5 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, an American company. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption that could result from writing to registers using Virtual cdm...

7.8CVSS6.8AI score0.00063EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:29 a.m.7 views

CVE-2024-36068

An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code...

9.8CVSS7.6AI score0.00491EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.4 views

CVE-2023-21120

In multiple functions of cdmengine.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID:...

7.8CVSS6.8AI score0.00072EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/03 5:25 p.m.3 views

Malicious code in lib-automotive-call-cdm (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
OSV
OSV
added 2025/02/03 5:25 p.m.2 views

MAL-2025-1042 Malicious code in lib-automotive-call-cdm (npm)

The package communicates with a domain associated with malicious activity...

7.1AI score
Exploits0
CISA
CISA
added 2024/12/04 12:0 p.m.4 views

CISA Releases New Public Version of CDM Data Model Document

Today, the Cybersecurity and Infrastructure Security Agency CISA released an updated public version of the Continuous Diagnostics and Mitigation CDM Data Model Document. Version 5.0.1 aligns with fiscal year 2023 Federal Information Security Modernization Act FISMA metrics. The CDM Data Model...

7.1AI score
Exploits0References2
NVD
NVD
added 2024/08/27 6:15 p.m.36 views

CVE-2024-36068

An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code...

9.8CVSS0.00491EPSS
Exploits0References2
CVE
CVE
added 2024/08/27 12:0 a.m.65 views

CVE-2024-36068

CVE-2024-36068 affects Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6, and 8.1.3-p12. The vulnerability is described as an incorrect access control that allows an attacker with network access to execute arbitrary code. The connected documents reiterate the affected versions and impact but do not...

9.8CVSS7.6AI score0.00491EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/27 12:0 a.m.8 views

CVE-2024-36068

An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code...

7.8AI score0.00491EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/27 12:0 a.m.23 views

CVE-2024-36068

An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code...

0.00491EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/09 8:11 p.m.14 views

CVE-2024-31320

In setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation due to CDM. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.2AI score0.00259EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 8:11 p.m.26 views

CVE-2024-31320

In setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation due to CDM. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00259EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/15 7:15 p.m.4 views

CVE-2023-21120

In multiple functions of cdmengine.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID:...

7.8CVSS7.3AI score0.00072EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.2 views

SUSE CVE-2016-2837

Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...

6.3CVSS8.2AI score0.04577EPSS
Exploits0References9
NVD
NVD
added 2022/08/26 12:15 a.m.24 views

CVE-2022-30984

A buffer overflow vulnerability in the Rubrik Backup Service RBS Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent...

7.8CVSS0.00209EPSS
Exploits0References2
OSV
OSV
added 2022/08/26 12:15 a.m.5 views

CVE-2022-30984

A buffer overflow vulnerability in the Rubrik Backup Service RBS Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent...

7.8CVSS6.1AI score0.00209EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/08/25 11:18 p.m.32 views

CVE-2022-30984

A buffer overflow vulnerability in the Rubrik Backup Service RBS Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent...

7.9AI score0.00209EPSS
Exploits0References2
Prion
Prion
added 2022/06/10 4:15 p.m.15 views

Cross site request forgery (csrf)

IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 225887...

6.8CVSS8.4AI score0.00319EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/05/14 12:30 a.m.67 views

CVE-2022-24831

OpenClinica (EDC/CDM platform) has a SQL injection vulnerability in versions prior to 3.16.1 caused by building SQL via string concatenation instead of prepared statements. Exploitation можно leads to partial confidentiality, integrity, and availability impact as per CVSS data. The issue has been...

9.8CVSS9.6AI score0.01064EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/05/14 12:15 a.m.25 views

CVE-2022-24830

OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...

9.8CVSS0.02935EPSS
Exploits1References2
Rows per page
Query Builder