Lucene search
K

2081 matches found

CNNVD
CNNVD
added 2025/03/06 12:0 a.m.3 views

PublicCMS 代码问题漏洞

PublicCMS is an open source content management system CMS written in Java language by PublicCMS China. A security vulnerability exists in PublicCMS version v4.0.202406, which originates from the /cms/CmsWebFileAdminController.java component that allows the upload of specially crafted svg or xml...

9.8CVSS6.9AI score0.00649EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/03/05 2:49 a.m.3 views

kernel: efi: runtime: Fix potential overflow of soft-reserved region size

A flaw was found in the Linux kernel. Due to an integer overflow, certain EFI-related memory reservations might receive a size other than expected, leading to a denial of service...

6CVSS7.2AI score0.00226EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/02/27 4:14 p.m.4 views

Moderate: Red Hat Security Advisory: Red Hat Developer Hub 1.4.2 release.

Red Hat Developer Hub 1.4.2 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

6.8CVSS6.5AI score0.00803EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2025/02/27 12:0 a.m.5 views

The vulnerability of UEFI microprogramming systems of Intel processors allows a hacker to gain unauthorized access to protected information.

The vulnerability of Intel UEFI microprogramming systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.00237EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/02/27 12:0 a.m.3 views

The vulnerability of UEFI microprogramming systems of Intel processors allows a hacker to gain unauthorized access to protected information.

The vulnerability of Intel UEFI microprogramming systems lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.00186EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/02/27 12:0 a.m.7 views

The vulnerability of UEFI microprogramming systems in Intel processors allows attackers to enhance their privileges.

The vulnerability of Intel UEFI microprogramming system processors is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.5CVSS5.8AI score0.00185EPSS
Exploits0References2
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

UBUNTU-CVE-2022-49357

In the Linux kernel, the following vulnerability has been resolved: efi: Do not import certificates from UEFI Secure Boot for T2 Macs On Apple T2 Macs, when Linux attempts to read the db and dbx efi variables at early boot to load UEFI Secure Boot certificates, a page fault occurs in Apple firmwa...

5.5CVSS6.2AI score0.00155EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2025/02/21 12:0 a.m.6 views

The vulnerability of the task and project management service WEEEK lies in the lack of measures taken to protect the website structure, allowing a perpetrator to execute arbitrary JavaScript code.

The vulnerability of the WEEEK task and project management service is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary JavaScript code by loading an XML file...

8.9CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/19 12:0 a.m.6 views

The vulnerability of Cobalt Ashlar-Vellum’s parametric automated design and 3D modeling software lies in the inability to properly manage memory boundaries during data writing. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in the issue of writing beyond buffer boundaries in memory during the processing of XE format files. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.8CVSS6.1AI score0.00196EPSS
Exploits0References3
OSV
OSV
added 2025/02/12 10:15 p.m.1 views

DEBIAN-CVE-2024-29214

Improper input validation in UEFI firmware CseVariableStorageSmm for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS7.2AI score0.00237EPSS
Exploits0References1
OSV
OSV
added 2025/02/12 10:15 p.m.1 views

UBUNTU-CVE-2024-28127

Improper input validation in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS7.1AI score0.00237EPSS
Exploits0References5
OSV
OSV
added 2025/02/12 10:15 p.m.2 views

UBUNTU-CVE-2023-43758

Improper input validation in UEFI firmware for some IntelR processors may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS5.8AI score0.00259EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.2 views

Intel Processors 输入验证错误漏洞

Intel Processors are a family of processors from Intel Corporation USA. Intel Processors suffers from an input validation error vulnerability that stems from improper UEFI firmware input validation, which could allow a privileged user to elevate privileges via local access...

8.7CVSS7.3AI score0.00237EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.3 views

Intel Processors 输入验证错误漏洞

Intel Processors are a family of processors from Intel Corporation USA. Intel Processors suffers from an input validation error vulnerability that stems from improper UEFI firmware input validation, which could allow a privileged user to elevate privileges via local access...

8.7CVSS7.3AI score0.00237EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.2 views

Intel Processors 安全漏洞

Intel Processors are a family of processors from Intel Corporation USA. A security vulnerability exists in Intel Processors that stems from improper initialization of the OutOfBandXML module of the UEFI firmware, which could allow a privileged user to disclose information via local access...

6.8CVSS5.2AI score0.00222EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.3 views

Intel Processors 输入验证错误漏洞

Intel Processors are a family of processors from Intel Corporation USA. Intel Processors suffers from an input validation error vulnerability that stems from improper UEFI firmware input validation, which could allow a privileged user to disclose information via local access...

6.8CVSS4.9AI score0.00237EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/02/11 11:29 a.m.4 views

firefox: thunderbird: Use-after-free in XSLT

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash...

9.8CVSS7.3AI score0.01163EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.3 views

PT-2025-6631

Name of the Vulnerable Software and Affected Versions IntelR Processors affected versions not specified Description The issue is related to improper input validation in UEFI firmware for some IntelR Processors. This may allow a privileged user to potentially enable escalation of privilege via loc...

8.8CVSS6.6AI score0.00371EPSS
Exploits0References101
OSV
OSV
added 2025/02/11 12:0 a.m.0 views

UBUNTU-CVE-2024-39279

Insufficient granularity of access control in UEFI firmware in some IntelR processors may allow a authenticated user to potentially enable denial of service via local access...

6.8CVSS5.8AI score0.00205EPSS
Exploits0References6
OSV
OSV
added 2025/02/06 3:10 a.m.5 views

USN-7256-1 ruby2.7 vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service...

5.9CVSS6.6AI score0.01493EPSS
Exploits0References3
Rows per page
Query Builder