Lucene search
K

1305 matches found

CVE
CVE
added 2024/11/04 10:4 a.m.54 views

CVE-2024-38403

CVE-2024-38403 affects Qualcomm closed‑source WLAN firmware components. It describes a transient denial‑of‑service that occurs when parsing the BTM ML IE if the per‑STA profile is not included. The entry assigns a high impact and network‑level exposure with low attack complexity and no user inter...

7.5CVSS7AI score0.00244EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/04 10:4 a.m.20 views

CVE-2024-38403 Buffer Over-read in WLAN Firmware

Transient DOS while parsing BTM ML IE when per STA profile is not included...

7.5CVSS0.00244EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/04 10:4 a.m.12 views

CVE-2024-38403 Buffer Over-read in WLAN Firmware

Transient DOS while parsing BTM ML IE when per STA profile is not included...

7.5CVSS7.2AI score0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/04 10:4 a.m.19 views

CVE-2024-33068 Use After Free in WLAN Host Communication

Transient DOS while parsing fragments of MBSSID IE from beacon frame...

7.5CVSS0.00244EPSS
Exploits0References1
CVE
CVE
added 2024/11/04 10:4 a.m.44 views

CVE-2024-33068

CVE-2024-33068 is a vulnerability described as a transient DoS during parsing of MBSSID IE fragments in beacon frames. Public sources (NVD, Red Hat, CVE list) tie it to WLAN host communication and a use-after-free style issue in Qualcomm chipsets, with base scores: NVD 6.5 (MEDIUM) and CNA 7.5 (H...

7.5CVSS7AI score0.00244EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/04 10:4 a.m.18 views

CVE-2024-33068 Use After Free in WLAN Host Communication

Transient DOS while parsing fragments of MBSSID IE from beacon frame...

7.5CVSS7.2AI score0.00244EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/10/16 10:50 a.m.65 views

North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware

The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 CVSS score: 7.5, a memory corruption bug in the Scripting Engine...

8.8CVSS8.3AI score0.39196EPSS
Exploits0
NVD
NVD
added 2024/10/07 1:15 p.m.19 views

CVE-2024-33071

Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0...

7.5CVSS0.00311EPSS
Exploits0References1
NVD
NVD
added 2024/10/07 1:15 p.m.23 views

CVE-2024-33070

Transient DOS while parsing ESP IE from beacon/probe response frame...

7.5CVSS0.00311EPSS
Exploits0References1
CVE
CVE
added 2024/10/07 12:58 p.m.58 views

CVE-2024-33073

CVE-2024-33073 corresponds to a Buffer Over-read in WLAN Host Communication affecting Qualcomm chipsets. The vulnerability causes information disclosure during parsing of the BSS parameter change count and MLD capabilities fields within the ML IE. Affected product scope is not exhaustively listed...

8.2CVSS8.2AI score0.00337EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/07 12:58 p.m.13 views

CVE-2024-33073 Buffer Over-read in WLAN Host Communication

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE...

8.2CVSS6.9AI score0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/07 12:58 p.m.25 views

CVE-2024-33073 Buffer Over-read in WLAN Host Communication

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE...

8.2CVSS0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/07 12:58 p.m.20 views

CVE-2024-33071 Buffer Over-read in WLAN Host Communication

Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0...

7.5CVSS0.00311EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/07 12:58 p.m.15 views

CVE-2024-33071 Buffer Over-read in WLAN Host Communication

Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0...

7.5CVSS7AI score0.00311EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/07 12:58 p.m.24 views

CVE-2024-33070 Buffer Over-read in WLAN Host Communication

Transient DOS while parsing ESP IE from beacon/probe response frame...

7.5CVSS0.00311EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/07 12:58 p.m.13 views

CVE-2024-33070 Buffer Over-read in WLAN Host Communication

Transient DOS while parsing ESP IE from beacon/probe response frame...

7.5CVSS7AI score0.00311EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/07 12:58 p.m.18 views

CVE-2024-33049 Buffer Over-read in WLAN Host Communication

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame...

7.5CVSS7AI score0.00311EPSS
Exploits0References1
OSV
OSV
added 2024/09/26 10:15 a.m.4 views

CVE-2024-9125

The kingIE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject...

5.4CVSS5.9AI score0.00259EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/26 12:0 a.m.5 views

PT-2024-39447 · WordPress · King Ie

Name of the Vulnerable Software and Affected Versions: king IE plugin for WordPress version 1.0 and earlier Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output escaping. This allows authenticated attackers with...

6.4CVSS6.2AI score0.00259EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/09/26 12:0 a.m.5 views

WordPress plugin king_IE 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.4CVSS5.8AI score0.00259EPSS
Exploits0References3
Rows per page
Query Builder