Lucene search
K

117 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/28 12:0 a.m.14 views

Fedora 39 : prometheus-podman-exporter (2024-ee9f0f22b6)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ee9f0f22b6 advisory. release 1.13.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

8.6CVSS7.5AI score0.18087EPSS
Exploits18References3
OSV
OSV
added 2024/10/01 12:0 a.m.14 views

ASB-A-340332428

In RGXMMUCacheInvalidate of rgxmem.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS7.9AI score0.00073EPSS
Exploits0References1
OSV
OSV
added 2024/07/24 5:57 a.m.1 views

BELL-CVE-2024-4076

Bulletin has no description...

7.5CVSS8.1AI score0.02111EPSS
Exploits0References2
OSV
OSV
added 2024/06/06 6:55 p.m.7 views

CVE-2024-2359 Improper Neutralization of Special Elements used in an OS Command in parisneo/lollms-webui

A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended access restrictions and execute arbitrary code. The issue arises from the application's handling of the /executecode endpoint, which is intended to be blocked from external access by default. However,...

9.8CVSS7.7AI score0.01219EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.7 views

PT-2024-15908 · WordPress · Fancy Product Designer

Name of the Vulnerable Software and Affected Versions: The Fancy Product Designer WordPress plugin versions prior to 6.1.81 Description: The issue is related to the lack of sanitization and escaping of some settings in the plugin, which could allow high-privilege users, such as admins, to perform...

5.9CVSS5.5AI score0.00584EPSS
Exploits2References7
OSV
OSV
added 2024/04/01 12:0 a.m.11 views

PUB-A-318507136

there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.3AI score0.00482EPSS
Exploits0References1
OSV
OSV
added 2024/02/17 2:15 a.m.7 views

CVE-2024-20919

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM...

5.9CVSS5.8AI score
Exploits0References3
CNVD
CNVD
added 2023/10/31 12:0 a.m.6 views

Rockwell Automation Arena Simulation Software Buffer Overflow Vulnerability (CNVD-2025-06476)

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A security vulnerability exists in Rockwell Automation Arena Simulation, which can be exploited by an attacker to submit unauthorized code...

7.8CVSS6.9AI score0.00249EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/03 4:39 p.m.41 views

CVE-2023-33200 Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations

A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory...

4.8AI score0.00292EPSS
Exploits0References1
OSV
OSV
added 2023/06/15 9:30 p.m.8 views

GHSA-354H-FPMQ-68V7 Magento Open Source allows Incorrect Authorization

Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitati...

5.3CVSS4.4AI score0.00585EPSS
Exploits0References3
OSV
OSV
added 2023/06/15 9:30 p.m.10 views

GHSA-28VP-39RF-3Q2J Magento Open Source has Business Logic Errors Vulnerability

Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation ...

5.3CVSS4.3AI score0.00668EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/06/15 9:30 p.m.11 views

Magento Open Source allows Incorrect Authorization

Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass a minor functionality. Exploitation of this iss...

5.3CVSS6.8AI score0.00566EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2023/06/01 12:0 a.m.5 views

PUB-A-262235998

In multiple files, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.4AI score0.00094EPSS
Exploits0References1
OSV
OSV
added 2023/05/01 12:0 a.m.9 views

ASB-A-267357916

In tbd of tbd, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS7.5AI score0.02703EPSS
Exploits4References1
OSV
OSV
added 2023/03/01 12:0 a.m.6 views

PUB-A-246749936

In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.6AI score0.00092EPSS
Exploits0References2
OSV
OSV
added 2023/03/01 12:0 a.m.8 views

PUB-A-261193664

In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.0009EPSS
Exploits0References2
OSV
OSV
added 2023/02/27 3:24 p.m.5 views

CVE-2023-0230 VK All in One Expansion Unit < 9.86.0.0 - Contributor+ Stored XSS

The VK All in One Expansion Unit WordPress plugin before 9.86.0.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.8AI score0.0056EPSS
Exploits2References4
OSV
OSV
added 2022/12/01 12:0 a.m.33 views

PUB-A-244713317

In mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS7.1AI score0.00173EPSS
Exploits0References2
OSV
OSV
added 2022/12/01 12:0 a.m.6 views

PUB-A-243480506

In ppmpuset of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7AI score0.00174EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2022/10/18 9:47 a.m.48 views

European Police Arrest a Gang That Hacked Wireless Key Fobs to Steal Cars

Law enforcement authorities in France, in collaboration with Spain and Latvia, have disrupted a cybercrime ring that leveraged a hacking tool to steal cars without having to use a physical key fob. "The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to...

0.5AI score
Exploits0
Rows per page
Query Builder