Improper access control for some Intel(R) Thunderbolt driver software before version 89 may allow an authenticated user to potentially enable escalation of privilege via local...
7CVSS
7.1AI Score
0.0004EPSS
Uncontrolled search path for some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.9AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) DSA software uninstallers before version 23.4.39.10 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.7AI Score
0.0004EPSS
Insecure inherited permissions in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.7AI Score
0.0004EPSS
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7AI Score
0.0004EPSS
Improper neutralization in Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable escalation of privilege via local...
8.8CVSS
8.6AI Score
0.0004EPSS
Uncontrolled search path for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.8AI Score
0.0004EPSS
Creative Contact Form Component for Joomla! File Upload RCE
The Creative Contact Form component for Joomla! (previously known as Sexy Contact Form) running on the remote host is affected by a remote code execution vulnerability within the com_creativecontactform/fileupload/index.php script due to improper sanitization or verification of uploaded files...
7.9AI Score
0.036EPSS
Improper access control in some Intel(R) Ethernet Controller Administrative Tools software before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.7AI Score
0.0004EPSS
Improper access control for some Intel(R) Wireless Bluetooth products for Windows before version 23.20 may allow an authenticated user to potentially enable denial of service via local...
5.5CVSS
5.8AI Score
0.0004EPSS
Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local...
4.7CVSS
5.3AI Score
0.0004EPSS
Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.7AI Score
0.0004EPSS
RHEL 7 : linux-firmware (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362) An issue was discovered on...
8.8CVSS
5AI Score
0.007EPSS
Out of bounds write in firmware for some Intel(R) FPGA products before version 2.9.0 may allow escalation of privilege and information...
5.7CVSS
5.9AI Score
0.0004EPSS
Creative Contact Form Plugin for WordPress File Upload RCE
The Creative Contact Form Plugin for WordPress (previously known as Sexy Contact Form) installed on the remote host is affected by a remote code execution vulnerability due to the failure to properly sanitize user-supplied files that are uploaded to the script...
8.2AI Score
0.036EPSS
PostNuke Trojaned Distribution
The remote host seems to be running a copy of a trojaned version of the 'PostNuke' content management system. PostNuke is a content management system in PHP whose main website has been compromised between the 24th and 26th of October 2004. An attacker modified some of the source code of the tool...
8.4AI Score
Improper buffer restrictions in PlatformPfrDxe driver in UEFI firmware for some Intel(R) Server D50FCP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.2AI Score
0.0004EPSS
Improper input validation in PfrSmiUpdateFw driver in UEFI firmware for some Intel(R) Server M50FCP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.7AI Score
0.0004EPSS
Race condition for some some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent...
4.3CVSS
5.1AI Score
0.0004EPSS
PostNuke Glossary Module page Parameter SQL Injection
The remote host is running a version of PostNuke which is vulnerable to a SQL injection attack. An attacker may use this flaw to gain the control of the database of this...
8.4AI Score
CVE-2024-2248 JFrog Artifactory Header Injection
A Header Injection vulnerability in the JFrog platform in versions below 7.85.0 (SaaS) and 7.84.7 (Self-Hosted) may allow threat actors to take over the end user's account when clicking on a specially crafted URL sent to the victim’s user...
6.4CVSS
6.7AI Score
0.0004EPSS
Improper input validation of EpsdSrMgmtConfig in UEFI firmware for some Intel(R) Server Board S2600BP products may allow a privileged user to potentially enable denial of service via local...
5.8CVSS
5.4AI Score
0.0004EPSS
Improper conditions check in the Intel(R) Data Center GPU Max Series 1100 and 1550 products may allow an privileged user to potentially enable denial of service via local...
6CVSS
5.7AI Score
0.0004EPSS
Improper conditions check in the Intel(R) Data Center GPU Max Series 1100 and 1550 products may allow an privileged user to potentially enable denial of service via local...
6CVSS
6.5AI Score
0.0004EPSS
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local...
8.2CVSS
8.3AI Score
0.0004EPSS
Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent...
4.3CVSS
5.1AI Score
0.0004EPSS
Use after free in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local...
7.9CVSS
8.3AI Score
0.0004EPSS
Improper initialization in some Intel(R) Power Gadget software for Windwos all versions may allow an authenticated user to potentially enable denial of service via local...
5.5CVSS
5.3AI Score
0.0004EPSS
Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local...
8.8CVSS
8.8AI Score
0.0004EPSS
Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
7AI Score
0.0004EPSS
Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local...
7.2CVSS
7.1AI Score
0.0004EPSS
Improper input validation in UserAuthenticationSmm driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.7AI Score
0.0004EPSS
Improper input validation in PlatformVariableInitDxe driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local...
7.2CVSS
7.1AI Score
0.0004EPSS
Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local...
4.7CVSS
4.7AI Score
0.0004EPSS
Atlassian JIRA Common Credentials
Nessus was able to gain access to the Atlassian JIRA web application using a common set of credentials. A remote attacker can exploit this issue to disclose sensitive information or otherwise affect the operation of the application and underlying...
7.2AI Score
10CVSS
10AI Score
0.001EPSS
10CVSS
10AI Score
0.001EPSS
Oracle Linux 7 : thunderbird (ELSA-2019-0160)
From Red Hat Security Advisory 2019:0160 : An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity...
9.8CVSS
9.9AI Score
0.019EPSS
This module will test ssh logins on a range of machines using a defined private key file, and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access. Key files may be a single...
7.1AI Score
A Header Injection vulnerability in the JFrog platform in versions below 7.85.0 (SaaS) and 7.84.7 (Self-Hosted) may allow threat actors to take over the end user's account when clicking on a specially crafted URL sent to the victim’s user...
6.4CVSS
6.5AI Score
0.0004EPSS
RHEL 8 : virt:8.1 and virt-devel:8.1 (RHSA-2020:4290)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4290 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by...
7.5CVSS
7.7AI Score
0.001EPSS
Ubuntu 18.04 LTS : Linux kernel regression (USN-3871-2)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3871-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
8.8CVSS
7AI Score
0.001EPSS
PostNuke Sections Module Information Disclosure
The remote host is running PostNuke. It is possible to use the CMS to determine the full path to its installation on the server or the name of the database used, by doing a request like : /modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid= An attacker may use these flaws to...
7.6AI Score
Uncontrolled search path for some Intel(R) Computing Improvement Program software before version 2.4.0.10654 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.8AI Score
0.0004EPSS
Summary A number of vulnerabilities have been found in cosign verify-blob, where Cosign would successfully verify an artifact when verification should have failed. Vulnerability 1: Bundle mismatch causes invalid verification. Summary A cosign bundle can be crafted to successfully verify a blob...
5.5CVSS
6.4AI Score
0.0004EPSS
Novell ZENworks Configuration Console Login.jsp language Parameter XSS
The remote web server hosts a version of the ZENworks Configuration Console that is affected by a cross-site scripting vulnerability. The 'language' parameter is not properly validated in 'Login.jsp' and can be tampered with to inject arbitrary script code in a user's browser via a specially...
6.2AI Score
0.002EPSS
Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2022.0.0 published Nov 2023 may allow an authenticated user to potentially enable information disclosure via local...
2.8CVSS
3.5AI Score
0.0004EPSS
Improper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.7AI Score
0.0004EPSS
CVE-2024-35993 mm: turn folio_test_hugetlb into a PageType
In the Linux kernel, the following vulnerability has been resolved: mm: turn folio_test_hugetlb into a PageType The current folio_test_hugetlb() can be fooled by a concurrent folio split into returning true for a folio which has never belonged to hugetlbfs. This can't happen if the caller holds a.....
6.3AI Score
0.0004EPSS
Improper buffer restrictions in PlatformPfrDxe driver in UEFI firmware for some Intel(R) Server D50FCP Family products may allow a privileged user to enable escalation of privilege via local...
7.5CVSS
7.7AI Score
0.0004EPSS