Lucene search

K

SKYLARK HOLDINGS CO., LTD. Security Vulnerabilities

debiancve
debiancve

CVE-2024-26892

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event after...

6.6AI Score

0.0004EPSS

2024-04-17 11:15 AM
9
debiancve
debiancve

CVE-2024-35853

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in...

6.7AI Score

0.0004EPSS

2024-05-17 03:15 PM
2
cvelist
cvelist

CVE-2023-34301 Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

7.8CVSS

8.2AI Score

0.001EPSS

2024-05-03 01:57 AM
1
ubuntucve
ubuntucve

CVE-2024-26892

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event after deregistration......

6.6AI Score

0.0004EPSS

2024-04-17 12:00 AM
7
ubuntucve
ubuntucve

CVE-2024-35854

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region is destroyed at the end....

6.5AI Score

0.0004EPSS

2024-05-17 12:00 AM
3
ubuntucve
ubuntucve

CVE-2024-35853

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in...

6.5AI Score

0.0004EPSS

2024-05-17 12:00 AM
1
openvas
openvas

Check Point VPN-1 PAT Information Disclosure Vulnerability - Active Check

Check Point VPN-1 PAT is prone to an information disclosure ...

6.2AI Score

0.007EPSS

2008-11-05 12:00 AM
142
debiancve
debiancve

CVE-2024-35854

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region is destroyed at the...

6.6AI Score

0.0004EPSS

2024-05-17 03:15 PM
4
ubuntucve
ubuntucve

CVE-2024-27062

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306] general protection...

6.5AI Score

0.0004EPSS

2024-05-01 12:00 AM
7
githubexploit
githubexploit

Exploit for Command Injection in Paloaltonetworks Pan-Os

CVE-2024-3400-pot Simple honeypot for CVE-2024-3400 Palo Alto...

10CVSS

7.4AI Score

0.957EPSS

2024-04-24 02:21 PM
168
debiancve
debiancve

CVE-2024-27062

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306] general...

6.7AI Score

0.0004EPSS

2024-05-01 01:15 PM
3
nvd
nvd

CVE-2023-23990

Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through...

7.6CVSS

7.6AI Score

0.0004EPSS

2024-05-17 07:15 AM
1
cnvd
cnvd

Command Execution Vulnerability in DAS Green Alliance Database Auditing System of Beijing Shenzhou Green Alliance Technology Co.

Beijing Shenzhou Green Alliance Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application services. A command execution vulnerability exists in the DAS Green Alliance database auditing system of Beijing Shenzhou Green Alliance Technology Co. Ltd,...

7.5AI Score

2024-03-11 12:00 AM
8
redhat
redhat

(RHSA-2024:2213) Moderate: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

6.9AI Score

0.0004EPSS

2024-04-30 06:15 AM
4
nessus
nessus

RHEL 8 : openssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712) Simultaneous Multi-threading...

7.4CVSS

6.8AI Score

0.015EPSS

2024-06-03 12:00 AM
apple
apple

About the security content of visionOS 1.2

About the security content of visionOS 1.2 This document describes the security content of visionOS 1.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

7.8AI Score

0.0005EPSS

2024-06-10 12:00 AM
2
cve
cve

CVE-2023-34310

Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS

8AI Score

0.001EPSS

2024-05-03 02:15 AM
27
cvelist
cvelist

CVE-2023-34310 Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS

8.2AI Score

0.001EPSS

2024-05-03 01:57 AM
2
vulnrichment
vulnrichment

CVE-2023-34310 Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS

7.5AI Score

0.001EPSS

2024-05-03 01:57 AM
vulnrichment
vulnrichment

CVE-2023-34309 Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a....

7.8CVSS

7.5AI Score

0.001EPSS

2024-05-03 01:57 AM
nvd
nvd

CVE-2023-38817

An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...

7.8CVSS

7.8AI Score

0.0004EPSS

2023-10-11 07:15 PM
cve
cve

CVE-2023-34309

Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a....

7.8CVSS

8AI Score

0.001EPSS

2024-05-03 02:15 AM
21
cvelist
cvelist

CVE-2023-34309 Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a....

7.8CVSS

8.2AI Score

0.001EPSS

2024-05-03 01:57 AM
2
cve
cve

CVE-2023-35710

Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS

8.1AI Score

0.001EPSS

2024-05-03 02:15 AM
21
vulnrichment
vulnrichment

CVE-2023-35710 Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS

7.5AI Score

0.001EPSS

2024-05-03 01:57 AM
1
cve
cve

CVE-2024-27062

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306] general protection...

6.6AI Score

0.0004EPSS

2024-05-01 01:15 PM
30
cvelist
cvelist

CVE-2024-27062 nouveau: lock the client object tree.

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306] general protection...

6.8AI Score

0.0004EPSS

2024-05-01 01:00 PM
1
cve
cve

CVE-2023-38817

An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...

7.8CVSS

7.8AI Score

0.0004EPSS

2023-10-11 07:15 PM
58
openvas
openvas

Report default community names of the SNMP Agent

Simple Network Management Protocol (SNMP) is a protocol which can be used by administrators to remotely manage a computer or network device. There are typically 2 modes of remote SNMP monitoring. These modes are...

7.5CVSS

7.2AI Score

EPSS

2014-03-12 12:00 AM
1292
nvd
nvd

CVE-2024-31680

File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...

7.2AI Score

0.0004EPSS

2024-04-17 12:15 AM
nessus
nessus

OpenSSL 1.0.2 < 1.0.2t Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2t. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2t advisory. In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker,...

4.7CVSS

5.8AI Score

0.015EPSS

2019-08-23 12:00 AM
70
cvelist
cvelist

CVE-2023-35710 Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS

8.3AI Score

0.001EPSS

2024-05-03 01:57 AM
cve
cve

CVE-2024-31680

File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...

7.5AI Score

0.0004EPSS

2024-04-17 12:15 AM
30
vulnrichment
vulnrichment

CVE-2024-27062 nouveau: lock the client object tree.

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306] general protection...

6.9AI Score

0.0004EPSS

2024-05-01 01:00 PM
cvelist
cvelist

CVE-2024-31680

File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...

7.4AI Score

0.0004EPSS

2024-04-16 12:00 AM
nessus
nessus

OpenSSL 1.1.0 < 1.1.0l Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.0l. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0l advisory. In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker,...

4.7CVSS

5.8AI Score

0.015EPSS

2019-08-23 12:00 AM
19
cve
cve

CVE-2022-0555

Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all...

7.1AI Score

0.0004EPSS

2024-06-03 07:15 PM
25
nvd
nvd

CVE-2024-28285

A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate...

6.7AI Score

EPSS

2024-05-14 03:14 PM
1
cve
cve

CVE-2022-4968

netplan leaks the private key of wireguard to local users. A security fix will be released...

6.5CVSS

7AI Score

0.0004EPSS

2024-06-07 01:15 AM
7
cve
cve

CVE-2024-5138

The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of.....

6.8AI Score

0.0004EPSS

2024-05-31 09:15 PM
28
githubexploit
githubexploit

Exploit for OS Command Injection in Contec Sv-Cpt-Mc310 Firmware

CVE-2022-29303-Exploit Exploit for CVE-2022-29303 Usage...

9.8CVSS

9.7AI Score

0.966EPSS

2022-05-31 10:55 PM
224
cve
cve

CVE-2024-36006

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call list_first_entry() on the respective lists...

6.6AI Score

0.0004EPSS

2024-05-20 10:15 AM
28
cve
cve

CVE-2024-28285

A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate...

6.9AI Score

EPSS

2024-05-14 03:14 PM
19
cve
cve

CVE-2022-1242

Apport can be tricked into connecting to arbitrary sockets as the root...

6.7AI Score

0.0004EPSS

2024-06-03 07:15 PM
323
2
cnvd
cnvd

File upload vulnerability in web-based network management system of Xinhua San Technologies Co.(CNVD-2024-18761)

Xinhua San Technology Co., Ltd. is a company that mainly provides research, development, production, sales and service of IT infrastructure products and solutions. A file upload vulnerability exists in the web-based network management system of Xinhua San Technologies Limited, which can be...

7.3AI Score

2024-03-11 12:00 AM
9
cve
cve

CVE-2021-3899

There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as...

7.2AI Score

0.0004EPSS

2024-06-03 07:15 PM
326
2
nessus
nessus

RHEL 8 : grafana-pcp (RHSA-2024:1644)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1644 advisory. The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace...

7.5CVSS

7.9AI Score

0.0005EPSS

2024-04-02 12:00 AM
9
cnvd
cnvd

Arbitrary File Download Vulnerability in Yonghong Z-Suite of Beijing Yonghong Business Intelligence Technology Co.

Yonghong Z-Suite is a one-stop big data analytics platform. Yonghong Z-Suite has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive...

7AI Score

2024-04-02 12:00 AM
6
cvelist
cvelist

CVE-2024-28285

A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate...

6.9AI Score

EPSS

1976-01-01 12:00 AM
1
cvelist
cvelist

CVE-2024-36006 mlxsw: spectrum_acl_tcam: Fix incorrect list API usage

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call list_first_entry() on the respective lists...

6.4AI Score

0.0004EPSS

2024-05-20 09:48 AM
Total number of security vulnerabilities15425