Lucene search

K

B&R Security Vulnerabilities

osv
osv

CVE-2022-41646

Insufficient control flow management in the Intel(R) IPP Cryptography software before version 2021.6 may allow an unauthenticated user to potentially enable information disclosure via local...

5.5CVSS

6.6AI Score

0.0004EPSS

2023-05-10 02:15 PM
4
osv
osv

CVE-2022-37409

Insufficient control flow management for the Intel(R) IPP Cryptography software before version 2021.6 may allow an authenticated user to potentially enable information disclosure via local...

5.5CVSS

6.4AI Score

0.0004EPSS

2023-05-10 02:15 PM
5
githubexploit
githubexploit

Exploit for CVE-2024-31777

CVE-2024-31777 | GUnet OpenEclass E-learning platform...

7.5AI Score

0.001EPSS

2024-04-11 01:48 PM
83
osv
osv

CVE-2020-21489

File Upload vulnerability in Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via the /admin/index.php?r=admin-user%2Fupdate-self...

9.8CVSS

8.1AI Score

0.012EPSS

2023-06-20 03:15 PM
1
osv
osv

CVE-2022-43320

FeehiCMS v2.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the id parameter at...

6.1CVSS

6.1AI Score

0.001EPSS

2022-11-09 02:15 PM
3
githubexploit
githubexploit

Exploit for Injection in Atlassian Confluence Data Center

Atlassian Confluence CVE-2023-22527 Scanner πŸ›‘οΈ Overview 🌟...

9.8CVSS

9.2AI Score

0.973EPSS

2024-01-23 10:55 AM
112
osv
osv

CVE-2022-36369

Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local...

7.8CVSS

7.7AI Score

0.0004EPSS

2023-02-16 09:15 PM
5
githubexploit
githubexploit

Exploit for Cleartext Transmission of Sensitive Information in Keepass

Keepass-Dumper This is my PoC implementation for...

6.5AI Score

2023-05-22 12:11 AM
276
osv
osv

CVE-2023-22338

Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local...

5.5CVSS

6.3AI Score

0.0004EPSS

2023-08-11 03:15 AM
2
githubexploit

8.8CVSS

0.9AI Score

0.003EPSS

2022-03-06 05:05 PM
551
osv
osv

CVE-2022-21812

Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local...

7.8CVSS

7.1AI Score

0.0004EPSS

2022-08-18 08:15 PM
2
nvd
nvd

CVE-2024-21823

Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local...

6.4CVSS

6.3AI Score

0.0004EPSS

2024-05-16 09:16 PM
1
osv
osv

CVE-2023-28736

Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local...

6.7CVSS

7.6AI Score

0.0004EPSS

2023-08-11 03:15 AM
6
alpinelinux
alpinelinux

CVE-2023-22655

Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...

6.1CVSS

6.6AI Score

0.001EPSS

2024-03-14 05:15 PM
17
cve
cve

CVE-2024-21823

Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local...

6.4CVSS

6.1AI Score

0.0004EPSS

2024-05-16 09:16 PM
33
cve
cve

CVE-2023-28746

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...

6.5CVSS

8.3AI Score

0.0004EPSS

2024-03-14 05:15 PM
128
osv
osv

CVE-2023-22840

Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local...

5.5CVSS

6.8AI Score

0.0004EPSS

2023-08-11 03:15 AM
4
osv
osv

CVE-2023-22355

Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local...

7.8CVSS

7.3AI Score

0.0004EPSS

2023-05-10 02:15 PM
4
githubexploit
githubexploit

Exploit for CVE-2024-31777

CVE-2024-31777 | GUnet OpenEclass E-learning platform...

7.5AI Score

0.001EPSS

2024-04-11 01:48 PM
109
osv
osv

CVE-2022-26086

Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local...

7.3CVSS

7.1AI Score

0.0004EPSS

2022-11-11 04:15 PM
3
osv
osv

CVE-2022-29486

Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may allow an unauthenticated user to potentially enable escalation of privilege via network...

9.8CVSS

7.4AI Score

0.002EPSS

2022-11-11 04:15 PM
4
osv
osv

CVE-2023-28741

Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local...

7.9CVSS

7.4AI Score

0.0004EPSS

2023-11-14 07:15 PM
5
githubexploit
githubexploit

Exploit for Code Injection in Apache Commons Text

CVE-2022-42889-POC A simple demo application that shows how...

9.8CVSS

0.3AI Score

0.972EPSS

2022-10-18 11:15 PM
451
osv
osv

CVE-2022-34140

A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username...

5.4CVSS

5.4AI Score

0.002EPSS

2022-07-28 12:15 AM
3
nvd
nvd

CVE-2023-28746

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...

6.5CVSS

6.7AI Score

0.0004EPSS

2024-03-14 05:15 PM
3
githubexploit
githubexploit

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

PoC for the ThemeBleed CVE-2023-38146 exploit (Windows 11...

8.8CVSS

8.7AI Score

0.905EPSS

2023-10-13 03:33 PM
294
nuclei
nuclei

XWiki < 4.10.15 - Email Disclosure

The Solr-based search in XWiki discloses the email addresses of users even when obfuscation of email addresses is enabled. To demonstrate the vulnerability, search for objcontent:email* using XWiki's regular search...

5.3CVSS

6.8AI Score

0.007EPSS

2024-06-18 10:34 AM
1
debiancve
debiancve

CVE-2021-47342

In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread...

6.9AI Score

0.0004EPSS

2024-05-21 03:15 PM
3
githubexploit
githubexploit

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094-info CVE-2024-3094 PoC Exploration...

10CVSS

9.9AI Score

0.133EPSS

2024-03-29 05:03 PM
200
nuclei
nuclei

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 is susceptible to local file inclusion because of insecure handling of a download function that leads to disclosure of internal files due to path traversal with root...

7.5CVSS

7.3AI Score

0.605EPSS

2022-04-27 03:43 PM
1
osv
osv

Cosign malicious attachments can cause system-wide denial of service

Summary A remote image with a malicious attachment can cause denial of service of the host machine running Cosign. This can impact other services on the machine that rely on having memory available such as a Redis database which can result in data loss. It can also impact the availability of other....

4.2CVSS

4.7AI Score

0.0004EPSS

2024-04-11 05:05 PM
6
osv
osv

CVE-2023-24540

Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during...

9.8CVSS

7.1AI Score

0.003EPSS

2023-05-11 04:15 PM
12
openbugbounty
openbugbounty

r-sky.co.jp Improper Access Control vulnerability OBB-3844078

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

7AI Score

2024-01-26 11:27 PM
6
osv
osv

CVE-2023-30536

slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline (\n) into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An....

6.5CVSS

6.9AI Score

0.001EPSS

2023-04-17 10:15 PM
3
osv
osv

CVE-2020-36657

uptimed before 0.4.6-r1 on Gentoo allows local users (with access to the uptimed user account) to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R...

7.8CVSS

7.7AI Score

0.0004EPSS

2023-01-26 09:15 PM
4
ubuntucve
ubuntucve

CVE-2021-47342

In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread...

6.5AI Score

0.0004EPSS

2024-05-21 12:00 AM
2
githubexploit
githubexploit

Exploit for CVE-2023-6553

CVE-2023-6553 Exploit V2 πŸš€ Description πŸ“ The Backup...

9.8CVSS

10AI Score

0.929EPSS

2023-12-13 08:26 PM
353
debian
debian

[SECURITY] [DLA 3808-1] intel-microcode security update

Debian LTS Advisory DLA-3808-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost May 04, 2024 https://wiki.debian.org/LTS Package : intel-microcode Version : 3.20240312.1~deb10u1 CVE...

6.5CVSS

7.8AI Score

0.001EPSS

2024-05-04 03:21 PM
12
nuclei
nuclei

Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution

Oracle E-Business Suite 12.2.3 through 12.2.11 is susceptible to remote code execution via the Oracle Web Applications Desktop Integrator product, Upload component. An attacker with HTTP network access can execute malware, obtain sensitive information, modify data, and/or gain full control over a.....

9.8CVSS

9.6AI Score

0.974EPSS

2023-01-20 02:15 PM
91
nvd
nvd

CVE-2024-27322

Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user’s system when interacted....

8.8CVSS

8.8AI Score

0.0004EPSS

2024-04-29 01:15 PM
1
githubexploit

9.8CVSS

9.8AI Score

0.973EPSS

2023-10-11 11:21 AM
186
osv
osv

CVE-2022-41954

MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of File.createTempFile(..) results in temporary files being created with the permissions -rw-r--r--. This means that any...

3.3CVSS

3.4AI Score

0.0004EPSS

2022-11-25 07:15 PM
5
cvelist
cvelist

CVE-2024-36963 tracefs: Reset permissions on remount if permissions are options

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

6.6AI Score

0.0004EPSS

2024-06-03 07:50 AM
2
cve
cve

CVE-2024-36963

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

6.8AI Score

0.0004EPSS

2024-06-03 08:15 AM
27
vulnrichment
vulnrichment

CVE-2024-36963 tracefs: Reset permissions on remount if permissions are options

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

7AI Score

0.0004EPSS

2024-06-03 07:50 AM
2
nuclei
nuclei

XWiki < 4.10.15 - Sensitive Information Disclosure

XWiki Platform is a generic wiki platform. Starting in 7.2-milestone-2 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, the Solr-based search in XWiki discloses the password hashes of all users to anyone with view right on the respective user profiles. By default, all user profiles are...

7.5CVSS

6.7AI Score

0.333EPSS

2024-06-18 10:34 AM
4
nessus
nessus

Intel Converged Security Management Engine (CSME) Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391)

The Intel Converged Security Management Engine (CSME) on the remote host is affected by multiple vulnerabilities in the Active Management Technology (AMT) feature, including the following: Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, ...

9.8CVSS

3.4AI Score

0.003EPSS

2020-11-20 12:00 AM
12
nessus
nessus

RHEL 7 : linux-firmware (RHSA-2024:3939)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3939 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hw:...

8.2CVSS

7.4AI Score

0.0005EPSS

2024-06-17 12:00 AM
5
osv
osv

CVE-2023-22945

In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related...

4.3CVSS

4.6AI Score

0.001EPSS

2023-01-11 01:15 AM
2
nvd
nvd

CVE-2024-36963

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

6.6AI Score

0.0004EPSS

2024-06-03 08:15 AM
2
Total number of security vulnerabilities101215