Lucene search

K

ALL NIPPON AIRWAYS CO., LTD Security Vulnerabilities

cvelist
cvelist

CVE-2023-34286 Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS

8.2AI Score

0.001EPSS

2024-05-03 01:57 AM
1
vulnrichment
vulnrichment

CVE-2023-34299 Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target....

7.8CVSS

7.5AI Score

0.001EPSS

2024-05-03 01:57 AM
vulnrichment
vulnrichment

CVE-2023-34302 Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

7.8CVSS

7.5AI Score

0.001EPSS

2024-05-03 01:57 AM
2
ubuntucve
ubuntucve

CVE-2024-28285

A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate...

7.6AI Score

EPSS

2024-05-14 12:00 AM
4
cvelist
cvelist

CVE-2023-34299 Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target....

7.8CVSS

8.3AI Score

0.001EPSS

2024-05-03 01:57 AM
1
cvelist
cvelist

CVE-2023-34302 Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

7.8CVSS

8.3AI Score

0.001EPSS

2024-05-03 01:57 AM
1
vulnrichment
vulnrichment

CVE-2023-34286 Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS

7.5AI Score

0.001EPSS

2024-05-03 01:57 AM
redhat
redhat

(RHSA-2024:3324) Important: pcp security, bug fix, and enhancement update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

7.2AI Score

0.0004EPSS

2024-05-23 09:04 AM
3
cvelist
cvelist

CVE-2023-34287 Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

7.8CVSS

8.3AI Score

0.001EPSS

2024-05-03 01:57 AM
1
vulnrichment
vulnrichment

CVE-2023-34287 Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

7.8CVSS

7.5AI Score

0.001EPSS

2024-05-03 01:57 AM
redhat
redhat

(RHSA-2024:3323) Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

7.2AI Score

0.0004EPSS

2024-05-23 08:52 AM
7
redhat
redhat

(RHSA-2024:3325) Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

7.2AI Score

0.0004EPSS

2024-05-23 09:04 AM
3
redhat
redhat

(RHSA-2024:3264) Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

7.6AI Score

0.0004EPSS

2024-05-22 10:41 AM
4
redhat
redhat

(RHSA-2024:3322) Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

7.2AI Score

0.0004EPSS

2024-05-23 08:52 AM
5
redhat
redhat

(RHSA-2024:3321) Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

7.2AI Score

0.0004EPSS

2024-05-23 08:52 AM
5
wpvulndb
wpvulndb

WP Post Author – Enhance Your Posts with the Author Bio, Co-Authors, Guest Authors, and Post Rating System, including User Registration Form Builder <= 3.6.4 - Missing Authorization

Description The WP Post Author plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 3.6.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...

6.7AI Score

0.0004EPSS

2024-05-07 12:00 AM
6
cve
cve

CVE-2024-29758

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kienso Co-marquage service-public.Fr allows Reflected XSS.This issue affects Co-marquage service-public.Fr: from n/a through...

7.1CVSS

9.3AI Score

0.0004EPSS

2024-03-27 02:15 PM
26
cve
cve

CVE-2024-24964

Improper access control vulnerability exists in the resident process of SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows...

6.8AI Score

0.0004EPSS

2024-03-12 08:15 AM
31
cve
cve

CVE-2024-0671

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already....

6.8AI Score

0.0004EPSS

2024-04-19 09:15 AM
31
cvelist
cvelist

CVE-2024-0671 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already....

6.8AI Score

0.0004EPSS

2024-04-19 08:50 AM
vulnrichment
vulnrichment

CVE-2024-1065 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects...

7AI Score

0.0004EPSS

2024-04-19 08:51 AM
wpvulndb
wpvulndb

WP Post Author – Enhance Your Posts with the Author Bio, Co-Authors, Guest Authors, and Post Rating System, including User Registration Form Builder <= 3.6.4 - Missing Authorization to Rating Manipulation

Description The WP Post Author – Enhance Your Posts with the Author Bio, Co-Authors, Guest Authors, and Post Rating System, including User Registration Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and.....

6.7AI Score

0.0004EPSS

2024-05-07 12:00 AM
6
cve
cve

CVE-2024-1065

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects...

6.8AI Score

0.0004EPSS

2024-04-19 09:15 AM
40
cvelist
cvelist

CVE-2024-1065 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects...

6.8AI Score

0.0004EPSS

2024-04-19 08:51 AM
cve
cve

CVE-2024-29734

Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running...

7.2AI Score

0.0004EPSS

2024-04-03 08:15 AM
28
cve
cve

CVE-2024-4610

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0;...

5.5CVSS

6.6AI Score

0.213EPSS

2024-06-07 12:15 PM
31
In Wild
cve
cve

CVE-2024-32051

Insertion of sensitive information into log file issue exists in RoamWiFi R10 prior to 4.8.45. If this vulnerability is exploited, a network-adjacent unauthenticated attacker with access to the device may obtain sensitive...

6.3AI Score

0.0004EPSS

2024-04-24 06:15 AM
27
cve
cve

CVE-2023-6116

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the camera. An attacker could inject malicious into http request packets to execute arbitrary code. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report...

8.9CVSS

8.3AI Score

0.0004EPSS

2024-04-26 08:15 AM
30
vulnrichment
vulnrichment

CVE-2024-4610 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0;...

7AI Score

0.213EPSS

2024-06-07 11:25 AM
nvd
nvd

CVE-2024-4610

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0;...

5.5CVSS

0.213EPSS

2024-06-07 12:15 PM
15
cvelist
cvelist

CVE-2024-4610 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0;...

0.213EPSS

2024-06-07 11:25 AM
34
cve
cve

CVE-2024-1067

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the...

6.5AI Score

0.0004EPSS

2024-05-03 02:15 PM
31
cve
cve

CVE-2023-6095

Vladimir Kononovich, a Security Researcher has found a flaw that allows for a remote code execution on the DVR. An attacker could inject malicious HTTP headers into request packets to execute arbitrary code. The manufacturer has released patch firmware for the flaw, please refer to the...

8.9CVSS

8.3AI Score

0.0004EPSS

2024-04-26 08:15 AM
26
cve
cve

CVE-2023-6096

Vladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and...

7.4CVSS

6.9AI Score

0.0004EPSS

2024-04-26 08:15 AM
36
cvelist
cvelist

CVE-2024-1067 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the...

6.5AI Score

0.0004EPSS

2024-05-03 01:25 PM
2
debiancve
debiancve

CVE-2024-36006

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call list_first_entry() on the respective lists...

6.6AI Score

0.0004EPSS

2024-05-20 10:15 AM
3
ubuntucve
ubuntucve

CVE-2024-36006

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call list_first_entry() on the respective lists...

6.5AI Score

0.0004EPSS

2024-05-20 12:00 AM
3
cvelist
cvelist

CVE-2023-6363 Mali GPU Kernel Driver allows improper GPU processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them...

6.5AI Score

0.0004EPSS

2024-05-03 01:25 PM
cve
cve

CVE-2023-6363

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them...

6.5AI Score

0.0004EPSS

2024-05-03 02:15 PM
37
osv
osv

Important: pcp security, bug fix, and enhancement update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

8.8CVSS

8.9AI Score

0.0004EPSS

2024-05-10 02:32 PM
2
cve
cve

CVE-2023-52346

In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges...

6.2AI Score

0.0004EPSS

2024-04-08 03:15 AM
24
cve
cve

CVE-2023-52347

In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...

6.7AI Score

0.0004EPSS

2024-04-08 03:15 AM
24
cve
cve

CVE-2023-52344

In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges...

6.5AI Score

0.0004EPSS

2024-04-08 03:15 AM
24
cve
cve

CVE-2023-52349

In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...

6.7AI Score

0.0004EPSS

2024-04-08 03:15 AM
24
cve
cve

CVE-2024-26892

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event after deregistration......

6.6AI Score

0.0004EPSS

2024-04-17 11:15 AM
55
packetstorm

7.4AI Score

0.001EPSS

2024-04-30 12:00 AM
151
cve
cve

CVE-2023-52343

In SecurityCommand message after as security has been actived., there is a possible improper input validation. This could lead to remote information disclosure no additional execution privileges...

6.6AI Score

0.0004EPSS

2024-04-08 03:15 AM
24
cve
cve

CVE-2023-52352

In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges...

6.6AI Score

0.0004EPSS

2024-04-08 03:15 AM
24
cvelist
cvelist

CVE-2024-26892 wifi: mt76: mt7921e: fix use-after-free in free_irq()

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event after deregistration......

7.5AI Score

0.0004EPSS

2024-04-17 10:27 AM
1
cve
cve

CVE-2023-42427

Cross-site scripting vulnerability exists in UNIVERSAL PASSPORT RX versions 1.0.0 to 1.0.7, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is using the...

6.7AI Score

0.0004EPSS

2024-06-03 04:15 AM
15
Total number of security vulnerabilities15434