CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Intel•added 2024/08/13 12:0 a.m.•23 views

Intel® Connectivity Performance Suite Software Installer Advisory

Summary: A potential security vulnerability in some Intel® Connectivity Performance Suite software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-43747 Description: Incorrect defaul...

6.7CVSS7.2AI score0.00028EPSS

Exploits0

Positive Technologies•added 2024/04/16 12:0 a.m.•3 views

PT-2024-24267 · Ibm · Ibm Security Verify Privilege

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Privilege version 11.6.25 Description: The issue allows an unauthenticated actor to obtain sensitive information from the SOAP API. Recommendations: For IBM Security Verify Privilege version 11.6.25, consider restricting...

7.5CVSS6.7AI score0.0007EPSS

Exploits0References5

OSV•added 2023/04/01 12:0 a.m.•32 views

ASB-A-261858325

In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00166EPSS

Exploits0References2

OSV•added 2023/03/01 12:0 a.m.•3 views

PUB-A-261193664

In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.00014EPSS

Exploits0References2

OSV•added 2023/01/01 12:0 a.m.•15 views

ASB-A-258759189

Messaging do not check the permission , which may cause a Elevation of privilege...

5.5CVSS7AI score0.00034EPSS

Exploits0References1

OSV•added 2022/12/01 12:0 a.m.•2 views

PUB-A-243480506

In ppmpuset of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7AI score0.00037EPSS

Exploits0References1

WPVulnDB•added 2022/04/07 12:0 a.m.•18 views

Plausible Analytics < 1.2.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS3.1AI score0.00498EPSS

Exploits0Affected Software1

WPVulnDB•added 2022/04/04 12:0 a.m.•26 views

Social comments by WpDevArt < 2.5.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC Put the following payload in any of the plugin's text field settings such as Title , Title font-size etc: "...

4.8CVSS3AI score0.00206EPSS

Exploits2Affected Software1