Lucene search
K

213680 matches found

Prion
Prion
•added 2024/03/11 6:15 p.m.•16 views

Cross site scripting

The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...

6.3AI score0.00398EPSS
Exploits1References1
Prion
Prion
•added 2024/03/11 6:15 p.m.•26 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from raw to noinc regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent $00, followed by all the FIFO data without having to...

7.1AI score0.00289EPSS
Exploits0References4
Prion
Prion
•added 2024/03/11 6:15 p.m.•32 views

Open redirect

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.8AI score
Exploits0
Prion
Prion
•added 2024/03/11 6:15 p.m.•15 views

Cross site request forgery (csrf)

The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address which by default is the admin email address via an unauthenticated crafted request...

7.2AI score0.02463EPSS
Exploits3References1
Prion
Prion
•added 2024/03/11 6:15 p.m.•24 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop chan lock before queuing buffers Ensure read and write locks for the channel are not taken in succession by dropping the read lock from parsexferevent such that a callback given to client can potentially queu...

7.2AI score0.00209EPSS
Exploits0References6
Prion
Prion
•added 2024/03/11 6:15 p.m.•30 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to error path handling in mtkjpegdecdevicerun In mtkjpegprobe, &jpeg-jobtimeoutwork is bound with mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if error happens in mtkjpegsetdecdst, it...

7.2AI score0.00276EPSS
Exploits0References6
Prion
Prion
•added 2024/03/11 6:15 p.m.•34 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwlfwinitriggertlv::data is a pointer to a le32, which means that if we copy to iwlfwinitriggertlv::data + offset while offset is in bytes, we'll write past the buffer...

7.2AI score0.00307EPSS
Exploits0References6
Prion
Prion
•added 2024/03/11 6:15 p.m.•42 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: always filter entire AP matrix The vfioapmdevfiltermatrix function is called whenever a new adapter or domain is assigned to the mdev. The purpose of the function is to update the guest's AP configuration by filteri...

7.2AI score0.0095EPSS
Exploits0References4
Prion
Prion
•added 2024/03/11 6:15 p.m.•14 views

Spoofing

The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site...

6.9AI score0.00636EPSS
Exploits2References2
Prion
Prion
•added 2024/03/11 6:15 p.m.•30 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because asyncscheduledev executes its argument function synchronously if it...

7.2AI score0.00238EPSS
Exploits0References6
Prion
Prion
•added 2024/03/11 6:15 p.m.•35 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit smealloc early with existing storage When smealloc is called with existing storage and we are not flushing we will always allocate new storage, both leaking the existing storage and corrupting the state. Fi...

7.2AI score0.00239EPSS
Exploits0References3
Prion
Prion
•added 2024/03/11 6:15 p.m.•31 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: Prevent Oops in fscacheputcache This function dereferences "cache" and then checks if it's ISERRORNULL. Check first, then dereference...

7.2AI score0.00239EPSS
Exploits0References4
Prion
Prion
•added 2024/03/11 6:15 p.m.•37 views

Sql injection

The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...

7.2AI score0.00756EPSS
Exploits2References1
Prion
Prion
•added 2024/03/11 6:15 p.m.•37 views

Race condition

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: move mmu notification mechanism inside mm lock Move mmu notification mechanism inside mm lock to prevent race condition in other components which depend on it. The notifier will invalidate memory range. Depending...

7.2AI score0.00163EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 6:15 p.m.•39 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...

7.2AI score0.00173EPSS
Exploits0References6
Prion
Prion
•added 2024/03/11 6:15 p.m.•22 views

Cross site scripting

The Enhanced Text Widget WordPress plugin before 1.6.6 does not validate and escape some of its Widget options before outputting them back in attributes, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is...

5.9AI score0.00497EPSS
Exploits2References2
Prion
Prion
•added 2024/03/11 6:15 p.m.•31 views

Cross site scripting

The Ultimate Posts Widget WordPress plugin before 2.3.1 does not validate and escape some of its Widget options before outputting them back in attributes, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is...

5.6AI score0.00442EPSS
Exploits2References1
Prion
Prion
•added 2024/03/11 6:15 p.m.•28 views

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix peer flow lists handling The cited change refactored mlx5etcdelfdbpeerflow to only clear DUP flag when list of peer flows has become empty. However, if any concurrent user holds a reference to a peer flow for...

7AI score0.00272EPSS
Exploits0References3
Prion
Prion
•added 2024/03/11 6:15 p.m.•24 views

Code injection

The Paid Memberships Pro WordPress plugin before 2.12.9 does not prevent user with at least the contributor role from leaking other users' sensitive metadata...

6.6AI score0.00548EPSS
Exploits2References1
Prion
Prion
•added 2024/03/11 6:15 p.m.•25 views

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration When running stress-ng testing, we found below kernel crash after a few hours: Unable to handle kernel NULL pointer dereference at virtual address...

7AI score0.00276EPSS
Exploits0References3
Prion
Prion
•added 2024/03/11 6:15 p.m.•36 views

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmbdesc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smcrun nginx smcrun wrk -t 16 -c 1000 -d -H 'Connection...

7AI score0.00257EPSS
Exploits0References8
Prion
Prion
•added 2024/03/11 6:15 p.m.•30 views

Open redirect

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.8AI score
Exploits0
Prion
Prion
•added 2024/03/11 6:15 p.m.•33 views

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that ZONENORMAL ZONEDEVICE ZONENORMAL...

7.2AI score0.00294EPSS
Exploits1References6
Prion
Prion
•added 2024/03/11 6:15 p.m.•35 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drmmodepageflipioctl we proceed to unref the fb and then retry the whole thing from the top. But we forget to...

7AI score0.0022EPSS
Exploits0References8
Prion
Prion
•added 2024/03/11 5:15 p.m.•18 views

Design/Logic Flaw

In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.4AI score0.00121EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 5:15 p.m.•19 views

Heap overflow

In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.7AI score0.00222EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 5:15 p.m.•26 views

Input validation

In accesssecureservicefromtempbond of btmsec.cc, there is a possible way to achieve keystroke injection due to improper input validation. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

8AI score0.00366EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 5:15 p.m.•26 views

Input validation

In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.4AI score0.0146EPSS
Exploits17References4
Prion
Prion
•added 2024/03/11 5:15 p.m.•21 views

Heap overflow

In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.7AI score0.00133EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 5:15 p.m.•23 views

Code injection

In writeUserLP of UserManagerService.java, device policies are serialized with an incorrect tag due to a logic error in the code. This could lead to local denial of service when policies are deserialized on reboot with no additional execution privileges needed. User interaction is not needed for...

6.9AI score0.00147EPSS
Exploits0References4
Prion
Prion
•added 2024/03/11 5:15 p.m.•21 views

Out-of-bounds

In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for exploitation...

7.3AI score0.00126EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 5:15 p.m.•20 views

Design/Logic Flaw

In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...

7.4AI score0.00126EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 5:15 p.m.•23 views

Out-of-bounds

In smpprocsecreq of smpact.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.8AI score0.00317EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 5:15 p.m.•28 views

Out-of-bounds

In attpbuildvaluecmd of attprotocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.1AI score0.01512EPSS
Exploits1References4
Prion
Prion
•added 2024/03/11 5:15 p.m.•27 views

Out-of-bounds

In Santesoft Sante FFT Imaging versions 1.4.1 and prior once a user opens a malicious DCM file on affected FFT Imaging installations, a local attacker could perform an out-of-bounds write, which could allow for arbitrary code execution...

4.4CVSS7.7AI score0.00341EPSS
Exploits0References1
Prion
Prion
•added 2024/03/11 5:15 p.m.•25 views

Information disclosure

In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5AI score0.00103EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 5:15 p.m.•17 views

Information disclosure

In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.4AI score0.00118EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 4:15 p.m.•25 views

Input validation

An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions...

4.3CVSS7.8AI score0.00604EPSS
Exploits0References1
Prion
Prion
•added 2024/03/11 4:15 p.m.•20 views

Input validation

An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions...

4.3CVSS7.8AI score0.00591EPSS
Exploits0References1
Prion
Prion
•added 2024/03/11 4:15 p.m.•34 views

Out-of-bounds

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions...

4.3CVSS7.9AI score0.00591EPSS
Exploits0References1
Prion
Prion
•added 2024/03/11 4:15 p.m.•51 views

Out-of-bounds

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions...

4.3CVSS7.9AI score0.00604EPSS
Exploits0References1
Prion
Prion
•added 2024/03/11 4:15 p.m.•31 views

Out-of-bounds

An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions...

4.3CVSS7.9AI score0.00591EPSS
Exploits0References1
Prion
Prion
•added 2024/03/11 3:15 p.m.•15 views

Privilege escalation

Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 EOL allows local user to escalate privileges...

4.3CVSS8.7AI score0.00342EPSS
Exploits5References2
Prion
Prion
•added 2024/03/11 2:15 p.m.•25 views

Design/Logic Flaw

An off-by-one error flaw was found in the udevListInterfacesByStatus function in libvirt when the number of interfaces exceeds the size of the names array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of...

1.7CVSS5.4AI score0.00398EPSS
Exploits0References2
Prion
Prion
•added 2024/03/11 1:15 a.m.•17 views

Buffer overflow

Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.:Satera MF740C Series/Satera MF640C...

7.5CVSS8.4AI score0.00815EPSS
Exploits0References1
Prion
Prion
•added 2024/03/10 11:15 p.m.•13 views

Default credentials

If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

1CVSS6.8AI score0.00184EPSS
Exploits0References2
Prion
Prion
•added 2024/03/10 11:15 p.m.•9 views

Default credentials

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

1CVSS6.8AI score0.00218EPSS
Exploits0References2
Prion
Prion
•added 2024/03/10 12:15 p.m.•19 views

Design/Logic Flaw

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /secretcoder.sql. The manipulation leads to inclusion of sensitive information in source code. The attack can be launched...

2.6CVSS6.6AI score0.00639EPSS
Exploits0References3
Prion
Prion
•added 2024/03/10 11:15 a.m.•18 views

Cross site request forgery (csrf)

A vulnerability, which was classified as problematic, was found in Dreamer CMS 4.1.3. Affected is an unknown function of the file /admin/menu/toEdit. The manipulation of the argument id leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclos...

5CVSS6.9AI score0.00299EPSS
Exploits0References3
Prion
Prion
•added 2024/03/10 8:15 a.m.•15 views

Command injection

A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu.85220230719. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation of the argument ip leads to os command injection. The attack may be...

9CVSS7.7AI score0.03952EPSS
Exploits2References3
Total number of security vulnerabilities213680