21 matches found
Intel Neural Compressor <2.5.0 - SQL Injection
Improper input validation in some IntelR Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access. id: CVE-2024-22476 info: name: Intel Neural Compressor 2.5.0 - SQL Injection author: ritikchaddha severity:...
UBUNTU-CVE-2026-43408
In the Linux kernel, the following vulnerability has been resolved: ceph: add a bunch of missing cephpathinfo initializers cephmdscbuildpath must be called with a zero-initialized cephpathinfo parameter, or else the following cephmdscfreepathinfo may crash. Example crash on Linux 6.18.12:...
EUVD-2023-43719
Malicious code in bioql PyPI...
CVE-2025-21265 Windows Digital Media Elevation of Privilege Vulnerability
...
CVE-2023-20785
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628524; Issue ID: ALPS07628524...
CVE-2023-3027
The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...
CVE-2023-3027
The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...
CVE-2023-3027
The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...
Code injection
The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...
CVE-2023-3027
The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...
CVE-2023-3027
The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...
CVE-2023-3027
The vulnerability CVE-2023-3027 affects Red Hat Advanced Cluster Management for Kubernetes (ACM) where the grc-policy-propagator can perform privilege escalation by evaluating policies that pull dynamically obtained values, allowing access beyond the policy’s namespace. Root cause: policy propaga...
PT-2023-22620 · Unknown · Grc-Policy-Propagator
Name of the Vulnerable Software and Affected Versions: grc-policy-propagator affected versions not specified Description: The issue allows security escalation within the cluster. It is related to policies that contain dynamically obtained values, which can take advantage of cluster scoped access ...
CVE-2023-3027
The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...
CVE-2022-32629
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310774; Issue ID: ALPS07310774...
CVE-2022-32616
In isp, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341258; Issue ID: ALPS07341258...
Privilege escalation
Modern DRAM devices PC-DDR4, LPDDR4X are affected by a vulnerability in their internal Target Row Refresh TRR mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow triggering bit flips o...
Improper Privilege Management in dolibarr/dolibarr
💥 BUG unprivileged user can modify directory 💥 STEP TO REPRODUCE 1. From admin account add user B as normal user .\ Now dont give any permission for DMS/ECM module for user B .\ So, user B should not see any DMS/ECM details .\ \ 2. Now from admin account goto...
CVE-2017-17103
CVE-2017-17103 affects Fiyo CMS 2.0.7 with an SQL injection in the file /apps/app_user/sys_user.php via POST parameters name or email, enabling escalation from a normal user to administrator privileges. This vulnerability is documented across multiple sources (NVD/NVD-derived entries and CNVD-201...
DLA-397-1 ecryptfs-utils - security update
Bulletin has no description...