Lucene search

K

Ragic, Inc. Security Vulnerabilities

debiancve
debiancve

CVE-2021-47552

In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release() For avoiding to slow down queue destroy, we don't call blk_mq_quiesce_queue() in blk_cleanup_queue(), instead of delaying to cancel dispatch work...

6.5AI Score

0.0004EPSS

2024-05-24 03:15 PM
5
cve
cve

CVE-2023-43556

Memory corruption in Hypervisor when platform information mentioned is not...

9.3CVSS

6.8AI Score

0.001EPSS

2024-06-03 10:15 AM
28
cve
cve

CVE-2024-20075

In eemgpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08713302; Issue ID:...

7.3AI Score

0.0004EPSS

2024-06-03 02:15 AM
15
cve
cve

CVE-2024-20074

In dmc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08668110; Issue ID:...

7.3AI Score

0.0004EPSS

2024-06-03 02:15 AM
18
cvelist
cvelist

CVE-2022-48197

Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the...

6.2AI Score

0.006EPSS

2023-01-02 12:00 AM
1
vulnrichment
vulnrichment

CVE-2022-48197

Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the...

5.8AI Score

0.006EPSS

2023-01-02 12:00 AM
1
cve
cve

CVE-2024-5143

A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be...

6.8AI Score

0.0004EPSS

2024-05-23 05:15 PM
55
cve
cve

CVE-2024-20048

In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541769; Issue ID:...

6AI Score

0.0004EPSS

2024-04-01 03:15 AM
32
cve
cve

CVE-2024-20045

In audio, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08024748; Issue ID:...

6.1AI Score

0.0004EPSS

2024-04-01 03:15 AM
32
cve
cve

CVE-2024-20047

In battery, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08587865; Issue ID:...

5.9AI Score

0.0004EPSS

2024-04-01 03:15 AM
33
cve
cve

CVE-2024-20026

In da, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID:...

6AI Score

0.0004EPSS

2024-03-04 03:15 AM
32
cve
cve

CVE-2024-21474

Memory corruption when size of buffer from previous call is used without validation or...

8.4CVSS

7.3AI Score

0.001EPSS

2024-05-06 03:15 PM
25
cve
cve

CVE-2024-3371

MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to...

7.1CVSS

6.6AI Score

0.0004EPSS

2024-04-24 05:15 PM
40
cve
cve

CVE-2024-3372

Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior to....

7.5CVSS

6.5AI Score

0.0004EPSS

2024-05-14 04:17 PM
25
cve
cve

CVE-2023-43530

Memory corruption in HLOS while checking for the storage...

5.9CVSS

7.1AI Score

0.0004EPSS

2024-05-06 03:15 PM
24
cve
cve

CVE-2023-43529

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is...

7.5CVSS

6.9AI Score

0.0005EPSS

2024-05-06 03:15 PM
24
cve
cve

CVE-2023-33100

Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP...

7.5CVSS

6.8AI Score

0.0004EPSS

2024-04-01 03:15 PM
50
cve
cve

CVE-2023-33119

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor...

8.4CVSS

7AI Score

0.001EPSS

2024-05-06 03:15 PM
26
cve
cve

CVE-2024-23354

Memory corruption when the IOCTL call is interrupted by a...

8.4CVSS

7.1AI Score

0.001EPSS

2024-05-06 03:15 PM
30
cve
cve

CVE-2024-20033

In nvram, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08499945; Issue ID:...

6AI Score

0.0004EPSS

2024-03-04 03:15 AM
33
cve
cve

CVE-2024-20068

In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID:...

6.8AI Score

0.0004EPSS

2024-06-03 02:15 AM
24
cve
cve

CVE-2024-20054

In gnss, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08580200; Issue ID:...

6.9AI Score

0.0004EPSS

2024-04-01 03:15 AM
30
cve
cve

CVE-2024-20057

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08587881; Issue ID:...

7AI Score

0.0004EPSS

2024-05-06 03:15 AM
25
cve
cve

CVE-2024-20046

In battery, there is a possible escalation of privilege due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08485622; Issue ID:...

6.9AI Score

0.0004EPSS

2024-04-01 03:15 AM
34
cve
cve

CVE-2024-21475

Memory corruption when the payload received from firmware is not as per the expected protocol...

7.8CVSS

7.2AI Score

0.0004EPSS

2024-05-06 03:15 PM
29
cve
cve

CVE-2023-43545

Memory corruption when more scan frequency list or channels are sent from the user...

6.7CVSS

7.5AI Score

0.0004EPSS

2024-06-03 10:15 AM
14
cve
cve

CVE-2023-43543

Memory corruption in Audio during a playback or a recording due to race condition between allocation and deallocation of graph...

6.7CVSS

7.3AI Score

0.0004EPSS

2024-06-03 10:15 AM
14
cve
cve

CVE-2023-43525

Memory corruption while copying the sound model data from user to kernel buffer during sound model...

6.7CVSS

7AI Score

0.0004EPSS

2024-05-06 03:15 PM
25
cve
cve

CVE-2024-36473

Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of...

5.3CVSS

6.9AI Score

0.0005EPSS

2024-06-10 10:15 PM
24
cve
cve

CVE-2024-20065

In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08698617; Issue ID:...

6AI Score

0.0004EPSS

2024-06-03 02:15 AM
26
cve
cve

CVE-2024-20042

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541780; Issue ID:...

7AI Score

0.0004EPSS

2024-04-01 03:15 AM
38
cve
cve

CVE-2024-20058

In keyInstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08580204; Issue ID:...

5.9AI Score

0.0004EPSS

2024-05-06 03:15 AM
28
cve
cve

CVE-2024-20059

In da, there is a possible escalation of privilege due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541749; Issue ID:...

6.9AI Score

0.0004EPSS

2024-05-06 03:15 AM
28
cve
cve

CVE-2024-20055

In imgsys, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation Patch ID: ALPS08518692; Issue ID:...

6AI Score

0.0004EPSS

2024-04-01 03:15 AM
35
cve
cve

CVE-2024-20041

In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541746; Issue ID:...

5.9AI Score

0.0004EPSS

2024-04-01 03:15 AM
32
cve
cve

CVE-2024-21480

Memory corruption while playing audio file having large-sized input...

7.3CVSS

7.1AI Score

0.0005EPSS

2024-05-06 03:15 PM
28
cve
cve

CVE-2024-21476

Memory corruption when the channel ID passed by user is not validated and further...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-05-06 03:15 PM
27
cve
cve

CVE-2023-32873

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08583919; Issue ID:...

7AI Score

0.0004EPSS

2024-05-06 03:15 AM
27
cve
cve

CVE-2023-32871

In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID:...

7AI Score

0.0004EPSS

2024-05-06 03:15 AM
27
cve
cve

CVE-2023-43526

Memory corruption while querying module parameters from Listen Sound model client in kernel from user...

6.7CVSS

6.9AI Score

0.0004EPSS

2024-05-06 03:15 PM
24
cve
cve

CVE-2023-33099

Transient DOS while processing SMS container of non-standard size received in DL NAS transport in...

7.5CVSS

6.8AI Score

0.0005EPSS

2024-04-01 03:15 PM
50
cve
cve

CVE-2022-31734

Cisco Catalyst 2940 Series Switches provided by Cisco Systems, Inc. contain a reflected cross-site scripting vulnerability regarding error page generation. An arbitrary script may be executed on the web browser of the user who is using the product. The affected firmware is prior to 12.2(50)SY...

6.1CVSS

6.1AI Score

0.001EPSS

2022-06-20 10:15 AM
40
4
cve
cve

CVE-2024-20066

In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID:...

6.9AI Score

0.0004EPSS

2024-06-03 02:15 AM
26
cve
cve

CVE-2024-36359

A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...

5.4CVSS

6.1AI Score

0.0005EPSS

2024-06-10 10:15 PM
21
cve
cve

CVE-2024-32849

Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its...

7.8CVSS

6.6AI Score

0.0005EPSS

2024-06-10 10:15 PM
21
cve
cve

CVE-2023-2098

A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /inc/topBarNav.php. The manipulation of the argument search leads to cross site scripting. The attack may be...

6.1CVSS

6AI Score

0.001EPSS

2023-04-15 12:15 PM
21
nvd
nvd

CVE-2023-2098

A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /inc/topBarNav.php. The manipulation of the argument search leads to cross site scripting. The attack may be...

6.1CVSS

4.5AI Score

0.001EPSS

2023-04-15 12:15 PM
1
nvd
nvd

CVE-2023-6581

A vulnerability has been found in D-Link DAR-7000 up to 20231126 and classified as critical. This vulnerability affects unknown code of the file /user/inc/workidajax.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used....

9.8CVSS

0.001EPSS

2023-12-07 10:15 PM
2
cve
cve

CVE-2024-23363

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management...

7.5CVSS

6.9AI Score

0.0005EPSS

2024-06-03 10:15 AM
23
cve
cve

CVE-2024-20067

In modem, there is a possible out of bounds write due to improper input invalidation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01267285; Issue ID:...

6.9AI Score

0.0004EPSS

2024-06-03 02:15 AM
23
Total number of security vulnerabilities288601