Lucene search
K

213680 matches found

Prion
Prion
added 2024/02/19 5:15 a.m.27 views

Code injection

An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c does not set NumVFs to PCISRIOVTOTALVF, and thus interaction with hw/nvme/ctrl.c is mishandled...

7.1AI score0.0029EPSS
Exploits0References1
Prion
Prion
added 2024/02/19 5:15 a.m.27 views

Buffer overflow

An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations...

7.7AI score0.00529EPSS
Exploits0References1
Prion
Prion
added 2024/02/19 4:15 a.m.19 views

Cross site scripting

Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character...

6.1AI score0.00386EPSS
Exploits0References1
Prion
Prion
added 2024/02/19 2:15 a.m.8 views

Code injection

plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service application crash...

7.3AI score0.00214EPSS
Exploits0References2
Prion
Prion
added 2024/02/19 1:15 a.m.29 views

Design/Logic Flaw

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

7.4AI score0.01059EPSS
Exploits0References3
Prion
Prion
added 2024/02/18 8:15 a.m.16 views

Design/Logic Flaw

Signed to unsigned conversion esp32ipmsend...

4.6CVSS7.1AI score0.00441EPSS
Exploits1References1
Prion
Prion
added 2024/02/18 8:15 a.m.10 views

Server side request forgery (ssrf)

can: out of bounds in removerxfilter function...

3.2CVSS7.2AI score0.00436EPSS
Exploits1References1
Prion
Prion
added 2024/02/18 7:15 a.m.15 views

Code injection

Script injection vulnerability in the email module.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability...

7.7AI score0.00446EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 7:15 a.m.16 views

Input validation

Unchecked length coming from user input in settings shell...

4.6CVSS7.2AI score0.00441EPSS
Exploits1References1
Prion
Prion
added 2024/02/18 7:15 a.m.13 views

Privilege escalation

Permission control vulnerability in the calendarProvider module.Successful exploitation of this vulnerability may affect service confidentiality...

7.4AI score0.00319EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 7:15 a.m.17 views

Design/Logic Flaw

Vulnerability of incorrect service logic in the WindowManagerServices module.Successful exploitation of this vulnerability may cause features to perform abnormally...

7.3AI score0.00458EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 7:15 a.m.22 views

Authentication flaw

Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality...

7.7AI score0.00242EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 7:15 a.m.15 views

Improper access control

Vulnerability of improper access control in the email module.Successful exploitation of this vulnerability may affect service confidentiality...

7.3AI score0.00257EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 6:15 a.m.16 views

Privilege escalation

Permission control vulnerability in the WindowManagerServices module.Successful exploitation of this vulnerability may affect availability...

7.4AI score0.0023EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 6:15 a.m.20 views

Out-of-bounds

Vulnerability of input data not being verified in the cellular data module.Successful exploitation of this vulnerability may cause out-of-bounds access...

7.3AI score0.00367EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 6:15 a.m.18 views

Information disclosure

Information management vulnerability in the Gallery module.Successful exploitation of this vulnerability may affect service confidentiality...

7.3AI score0.00337EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 4:15 a.m.18 views

Stack overflow

Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may affect service availability and integrity...

7.6AI score0.00418EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 4:15 a.m.14 views

Privilege escalation

Permission control vulnerability in the package management module.Successful exploitation of this vulnerability may affect service confidentiality...

7.4AI score0.00319EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 4:15 a.m.20 views

Privilege escalation

Vulnerability of null references in the motor module.Successful exploitation of this vulnerability may affect availability...

7.3AI score0.0017EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 4:15 a.m.14 views

Design/Logic Flaw

Vulnerability of permission verification in the content sharing pop-up module.Successful exploitation of this vulnerability may cause unauthorized file sharing...

7.3AI score0.00319EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 4:15 a.m.18 views

Privilege escalation

Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally...

7.2AI score0.00379EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 4:15 a.m.15 views

Stack overflow

Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file access...

7.6AI score0.00456EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 4:15 a.m.13 views

Privilege escalation

Vulnerability of input parameter verification in the motor module.Successful exploitation of this vulnerability may affect availability...

7.3AI score0.00379EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 4:15 a.m.17 views

Input validation

Input verification vulnerability in the account module.Successful exploitation of this vulnerability may cause features to perform abnormally...

7.3AI score0.00255EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 4:15 a.m.15 views

Improper access control

Vulnerability of improper access control in the media library module.Successful exploitation of this vulnerability may affect service availability and integrity...

7.3AI score0.00119EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 3:15 a.m.17 views

Design/Logic Flaw

Logic vulnerabilities in the baseband.Successful exploitation of this vulnerability may affect service integrity...

7.5AI score0.00293EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 3:15 a.m.13 views

Privilege escalation

The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful exploitation of this vulnerability may affect integrity...

7.6AI score0.00306EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 3:15 a.m.19 views

Privilege escalation

Vulnerability of foreground service restrictions being bypassed in the NMS module.Successful exploitation of this vulnerability may affect service confidentiality...

7.1AI score0.0034EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 3:15 a.m.17 views

Privilege escalation

Vulnerability of defects introduced in the design process in the Control Panel module.Successful exploitation of this vulnerability may cause app processes to be started by mistake...

7.2AI score0.00217EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 3:15 a.m.18 views

Privilege escalation

Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally...

7.2AI score0.0027EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 3:15 a.m.19 views

Privilege escalation

Permission management vulnerability in the lock screen module.Successful exploitation of this vulnerability may affect availability...

7.4AI score0.00353EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 3:15 a.m.17 views

Design/Logic Flaw

Vulnerability of serialization/deserialization mismatch in the vibration framework.Successful exploitation of this vulnerability may affect availability...

7.3AI score0.00292EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 3:15 a.m.17 views

Design/Logic Flaw

Vulnerability of configuration defects in some APIs of the audio module.Successful exploitation of this vulnerability may affect availability...

7.3AI score0.00126EPSS
Exploits0References2
Prion
Prion
added 2024/02/18 3:15 a.m.21 views

Design/Logic Flaw

Resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality...

7.4AI score0.00337EPSS
Exploits0References2
Prion
Prion
added 2024/02/17 10:15 p.m.14 views

Open redirect

Rejected reason: This CVE was misassigned. See CVE-2023-47623 for the canonical reference...

7.4AI score0.00424EPSS
Exploits1
Prion
Prion
added 2024/02/17 5:15 p.m.19 views

Design/Logic Flaw

IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local attacker to initiate connections from a container outside the current namespace. IBM X-Force ID: 237811...

6.4AI score0.0014EPSS
Exploits0References2
Prion
Prion
added 2024/02/17 5:15 p.m.18 views

Code injection

IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an attacker to initiate connections to containers from external networks. IBM X-Force ID: 237812...

6.6AI score0.00395EPSS
Exploits0References2
Prion
Prion
added 2024/02/17 5:15 p.m.18 views

Code injection

An undisclosed issue in Trusteer iOS SDK for mobile versions prior to 5.7 and Trusteer Android SDK for mobile versions prior to 5.7 may allow uploading of files. IBM X-Force ID: 238535...

6.4AI score0.0046EPSS
Exploits0References2
Prion
Prion
added 2024/02/17 4:15 p.m.19 views

Authorization

IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts. IBM X-Force ID: 275747...

2.1CVSS6.3AI score0.00402EPSS
Exploits0References2
Prion
Prion
added 2024/02/17 4:15 p.m.20 views

Code injection

IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279976...

1.2CVSS5.9AI score0.00195EPSS
Exploits0References2
Prion
Prion
added 2024/02/17 4:15 p.m.20 views

Code injection

IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279977...

1.2CVSS5.9AI score0.00191EPSS
Exploits0References2
Prion
Prion
added 2024/02/17 4:15 p.m.20 views

Code injection

IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279975...

1.2CVSS5.9AI score0.00191EPSS
Exploits0References2
Prion
Prion
added 2024/02/17 8:15 a.m.32 views

Sql injection

The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'MerchantReference' parameter in all versions up to, and including, 1.6.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

7.5CVSS8.1AI score0.00659EPSS
Exploits0References2
Prion
Prion
added 2024/02/17 8:15 a.m.25 views

Sql injection

The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to union based SQL Injection via the 'user' parameter of the /lms/stm-lms/order/items REST route in all versions up to, and including, 3.2.5 due to insufficient escaping on the user supplied...

7.5CVSS7.8AI score0.77729EPSS
Exploits1References2
Prion
Prion
added 2024/02/17 6:15 a.m.17 views

Code injection

An issue was discovered in REDAXO version 5.15.1, allows attackers to execute arbitrary code and obtain sensitive information via modules.modules.php...

7.8AI score0.01108EPSS
Exploits1References1
Prion
Prion
added 2024/02/17 6:15 a.m.19 views

Design/Logic Flaw

An issue in TOTOLINK X5000R V.9.1.0u.6369B20230113 allows a remote attacker to cause a denial of service via the hosttime parameter of the NTPSyncWithHost component...

7.2AI score0.00927EPSS
Exploits1References1
Prion
Prion
added 2024/02/17 6:15 a.m.17 views

Cross site scripting

Cross Site Scripting XSS vulnerability in Bludit CMS version 3.15, allows remote attackers to execute arbitrary code and obtain sensitive information via edit-content.php...

6.6AI score0.00566EPSS
Exploits1References1
Prion
Prion
added 2024/02/17 5:15 a.m.17 views

Design/Logic Flaw

All versions of the package github.com/greenpau/caddy-security are vulnerable to HTTP Header Injection via the X-Forwarded-Proto header due to redirecting to the injected protocol.Exploiting this vulnerability could lead to bypass of security mechanisms or confusion in handling TLS...

4.3CVSS7.5AI score0.00499EPSS
Exploits0References3
Prion
Prion
added 2024/02/17 5:15 a.m.18 views

Authentication flaw

All versions of the package github.com/greenpau/caddy-security are vulnerable to Authentication Bypass by Spoofing via the X-Forwarded-For header due to improper input sanitization. An attacker can spoof an IP address used in the user identity module /whoami API endpoint. This could lead to...

5.8CVSS7AI score0.00523EPSS
Exploits0References3
Prion
Prion
added 2024/02/17 5:15 a.m.20 views

Session fixation

All versions of the package github.com/greenpau/caddy-security are vulnerable to Insufficient Session Expiration due to improper user session invalidation upon clicking the "Sign Out" button. User sessions remain valid even after requests are sent to /logout and /oauth2/google/logout. Attackers w...

4CVSS7.3AI score0.00711EPSS
Exploits1References3
Total number of security vulnerabilities213680