In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a race condition, This could lead to local denial of service in wlan...
4.7CVSS
4.6AI Score
0.0004EPSS
In wlan driver, there is a possible missing permission check, This could lead to local information...
5.5CVSS
5.1AI Score
0.0004EPSS
Fujian Strait Information Technology Co., Ltd. is one of the earliest companies in China specializing in independent research and development of network security, product sales and security services. A command execution vulnerability exists in the BlackShield Network Security Audit System of...
7.6AI Score
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing permission check. This could lead to local In wlan driver, information...
5.5CVSS
5.1AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
3.3CVSS
4AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
3.3CVSS
4AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
3.3CVSS
4AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a race condition, This could lead to local denial of service in wlan...
4.7CVSS
4.6AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
4.3CVSS
4.5AI Score
0.001EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
3.3CVSS
4AI Score
0.0004EPSS
In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in...
5.5CVSS
5.4AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing permission check, This could lead to local information...
5.5CVSS
5.1AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan...
5.5CVSS
5.3AI Score
0.0004EPSS
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...
8.2CVSS
8AI Score
0.001EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (November 27, 2023 to December 3, 2023)
Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! Register as a researcher and submit your vulnerabilities today! Last week, there were.....
9.8CVSS
9.6AI Score
EPSS
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and...
8.8CVSS
8.6AI Score
0.0004EPSS
Arbitrary File Read Vulnerability in Reporter of Beijing Huaqing Xin'an Technology Co.
Beijing Huaqing Xinan Technology Co., Ltd. is a network security enterprise, a national high-tech enterprise and Zhongguancun high-tech enterprise. Reporter of Beijing Huaqing Xinan Technology Co., Ltd. has an arbitrary file reading vulnerability that can be exploited by attackers to obtain...
7.1AI Score
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute...
7.8CVSS
8.4AI Score
0.0005EPSS
Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted...
5.1AI Score
0.0004EPSS
JVN#29195731: EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution
EC-CUBE 3 series and 4 series provided by EC-CUBE CO.,LTD. contain an arbitrary code execution vulnerability (CWE-94) due to improper settings of the product's template engine "Twig". ## Impact Arbitrary code may be executed on the server where the product is running by a user with an...
7.2CVSS
7.8AI Score
0.001EPSS
Fujian Strait Information Technology Co., Ltd. is one of the earliest companies in China specializing in independent research and development of network security, product sales and security services. A command execution vulnerability exists in the BlackShield Network Security Audit System of...
7.6AI Score
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.785...
6.1CVSS
6AI Score
0.0005EPSS
JVN#03447226: "Skylark" App fails to restrict custom URL schemes properly
"Skylark" App provided by SKYLARK HOLDINGS CO., LTD. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly (CWE-939) which may be exploited to direct the App to access any sites. ## Impact An arbitrary site may be...
4.7CVSS
6.6AI Score
0.001EPSS
Credit card skimming on the rise for the holiday shopping season
As we head into shopping season, customers aren't the only ones getting excited. More online shopping means more opportunities for cybercriminals to grab their share using scams and data theft. One particular threat we're following closely and expect to increase over the next several weeks is...
7AI Score
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code...
9.8CVSS
9.7AI Score
0.037EPSS
CVE-2022-3059 SQL injection in Schoolbox version 21.0.2, by Schoolbox Pty Ltd
The application was vulnerable to multiple instances of SQL injection (authenticated and unauthenticated) through a vulnerable parameter. Due to the stacked query support, complex SQL commands could be crafted and injected into the vulnerable parameter and using a sleep based inferential SQL...
8.6CVSS
9.2AI Score
0.001EPSS
CVE-2022-39020 Cross-site scripting in Schoolbox version 21.0.2, by Schoolbox Pty Ltd
Multiple instances of XSS (stored and reflected) was found in the application. For example, features such as student assessment submission, file upload, news, ePortfolio and calendar event creation were found to be vulnerable to cross-site...
7.6CVSS
7.4AI Score
0.001EPSS
Administration Console authentication bypass in openfire xmppserver
An important security issue affects a range of versions of Openfire, the cross-platform real-time collaboration server based on the XMPP protocol that is created by the Ignite Realtime community. Impact Openfire's administrative console (the Admin Console), a web-based application, was found to...
8.6CVSS
7AI Score
0.974EPSS
Who’s Behind the SWAT USA Reshipping Service?
Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today's Part II, we'll examine clues about the real-life identity of "Fearlless,"....
7.3AI Score