Lucene search

K

SKYLARK HOLDINGS CO., LTD. Security Vulnerabilities

cve
cve

CVE-2023-52345

In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges...

6.2AI Score

0.0004EPSS

2024-04-08 03:15 AM
24
cve
cve

CVE-2023-52341

In Plaintext COUNTER CHECK message accepted before AS security activation, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges...

6.6AI Score

0.0004EPSS

2024-04-08 03:15 AM
25
cve
cve

CVE-2024-23658

In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges...

6.7AI Score

0.0004EPSS

2024-04-08 03:15 AM
26
cve
cve

CVE-2023-52348

In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...

6.7AI Score

0.0004EPSS

2024-04-08 03:15 AM
24
cve
cve

CVE-2023-52536

In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges...

6.5AI Score

0.0004EPSS

2024-04-08 03:15 AM
24
nvd
nvd

CVE-2024-24245

An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fixed in v.3.6.2 allows a local attacker to escalate privileges via the ClamXAV helper tool...

6.6AI Score

0.0004EPSS

2024-04-09 07:15 PM
cve
cve

CVE-2024-24245

An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fixed in v.3.6.2 allows a local attacker to escalate privileges via the ClamXAV helper tool...

6.8AI Score

0.0004EPSS

2024-04-09 07:15 PM
27
cve
cve

CVE-2023-52534

In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges...

6.9AI Score

0.0004EPSS

2024-04-08 03:15 AM
23
cve
cve

CVE-2023-52351

In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...

6.7AI Score

0.0004EPSS

2024-04-08 03:15 AM
24
cve
cve

CVE-2023-52535

In vsp driver, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges...

6.6AI Score

0.0004EPSS

2024-04-08 03:15 AM
28
cve
cve

CVE-2023-52533

In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges...

6.5AI Score

0.0004EPSS

2024-04-08 03:15 AM
25
cve
cve

CVE-2024-25376

An issue discovered in Thesycon Software Solutions Gmbh & Co. KG TUSBAudio MSI-based installers before 5.68.0 allows a local attacker to execute arbitrary code via the msiexec.exe repair...

7.5AI Score

0.0004EPSS

2024-04-11 09:15 PM
25
nvd
nvd

CVE-2024-25376

An issue discovered in Thesycon Software Solutions Gmbh & Co. KG TUSBAudio MSI-based installers before 5.68.0 allows a local attacker to execute arbitrary code via the msiexec.exe repair...

7.2AI Score

0.0004EPSS

2024-04-11 09:15 PM
cve
cve

CVE-2023-52342

In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges...

6.5AI Score

0.0004EPSS

2024-04-08 03:15 AM
27
cvelist
cvelist

CVE-2024-25376

An issue discovered in Thesycon Software Solutions Gmbh & Co. KG TUSBAudio MSI-based installers before 5.68.0 allows a local attacker to execute arbitrary code via the msiexec.exe repair...

7.5AI Score

0.0004EPSS

2024-04-11 12:00 AM
githubexploit
githubexploit

Exploit for Incorrect Authorization in Ivanti Mobileiron Sentry

MobileIron Sentry CVE-2023-38035 information extraction...

9.2AI Score

2023-08-24 07:26 PM
399
cvelist
cvelist

CVE-2024-24245

An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fixed in v.3.6.2 allows a local attacker to escalate privileges via the ClamXAV helper tool...

6.8AI Score

0.0004EPSS

2024-04-09 12:00 AM
1
cnvd
cnvd

SQL Injection Vulnerability in Data Leakage Protection (DLP) System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-13698)

Beijing Yisetong Technology Development Co., Ltd. is a domestic data security, network security and security services provider of three major business. A SQL injection vulnerability exists in the Data Leakage Protection (DLP) system of Beijing Yisetong, which can be exploited by attackers to...

7.8AI Score

2024-02-10 12:00 AM
7
nessus
nessus

RHEL 6 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssh: loading of untrusted PKCS#11 modules in ssh-agent (CVE-2016-10009) openssh: scp allows command...

8.4AI Score

0.102EPSS

2024-05-11 12:00 AM
8
cnvd
cnvd

Unauthorized Access Vulnerability in Intelligent Park Comprehensive Management Platform of Zhejiang Dahua Technology Co.(CNVD-2024-14380)

Zhejiang Dahua Technology Co., Ltd. is a leading supplier and solution provider of surveillance products. An unauthorized access vulnerability exists in the integrated management platform of Zhejiang Dahua Technology Co. Ltd.'s Intelligent Park, which can be exploited by an attacker to add users...

7AI Score

2024-02-19 12:00 AM
9
cnvd
cnvd

SQL Injection Vulnerability in Data Leakage Protection (DLP) System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-13697)

Beijing Yisetong Technology Development Co., Ltd. is a domestic data security, network security and security services provider of three major business. A SQL injection vulnerability exists in the Data Leakage Protection (DLP) system of Beijing Yisetong, which can be exploited by attackers to...

7.8AI Score

2024-02-10 12:00 AM
12
spring
spring

A Bootiful Podcast: Abdel Sghiouar, Cloud Native Developer Advocate at Google

Hi, Spring fans! Abdel Sghiouar is a senior Cloud Native Developer Advocate at Google, a co-host of the Kubernetes Podcast by Google and a CNCF Ambassador, and it was my pleasure to sit down with him at the amazing Spring IO event in Barcelona and catch up on all things Kubernetes and...

7.1AI Score

2024-06-13 12:00 AM
cnvd
cnvd

SQL Injection Vulnerability in Kirin Fortress of Beijing COSCO Kirin Technology Co. Ltd (CNVD-2022-86537)

KyLinFortress is an all-in-one Fortress, SSL VPN, Dynamic Password and CA Certificate. COSCO KyLin Technology Company Limited KyLin Barrier Machine suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the...

7.4AI Score

2022-10-29 12:00 AM
6
apple
apple

About the security content of watchOS 10.5

About the security content of watchOS 10.5 This document describes the security content of watchOS 10.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

7.3AI Score

0.0005EPSS

2024-05-13 12:00 AM
14
cvelist
cvelist

CVE-2024-29908 WordPress Co-marquage service-public.fr plugin <= 0.5.71 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kienso Co-marquage service-public.Fr allows Stored XSS.This issue affects Co-marquage service-public.Fr: from n/a through...

6.5CVSS

6.6AI Score

0.0004EPSS

2024-03-27 06:56 AM
2
cve
cve

CVE-2024-29243

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at...

7.8AI Score

0.0004EPSS

2024-03-21 03:16 PM
25
nvd
nvd

CVE-2024-29244

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pin_code_3g parameter at...

7.5AI Score

0.0004EPSS

2024-03-21 03:16 PM
cvelist
cvelist

CVE-2024-29243

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at...

7.7AI Score

0.0004EPSS

2024-03-21 12:00 AM
cvelist
cvelist

CVE-2024-29244

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pin_code_3g parameter at...

7.7AI Score

0.0004EPSS

2024-03-21 12:00 AM
1
cve
cve

CVE-2024-29244

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pin_code_3g parameter at...

7.8AI Score

0.0004EPSS

2024-03-21 03:16 PM
27
nvd
nvd

CVE-2024-29243

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at...

7.5AI Score

0.0004EPSS

2024-03-21 03:16 PM
cve
cve

CVE-2024-29908

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kienso Co-marquage service-public.Fr allows Stored XSS.This issue affects Co-marquage service-public.Fr: from n/a through...

6.5CVSS

9.1AI Score

0.0004EPSS

2024-03-27 07:15 AM
29
cnvd
cnvd

SQL Injection Vulnerability in iFair of Beijing Yiharmonic Technology Co.

Enterprise iFair Collaboration Management System is a professional collaborative office software, the management system is highly compatible and suitable for a wide range of business types. There is a SQL injection vulnerability in iFair, which can be exploited by attackers to obtain sensitive...

7.5AI Score

2024-02-27 12:00 AM
4
cnvd
cnvd

SQL Injection Vulnerability in Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-13551)

Beijing Yisaitong Technology Development Co., Ltd. is a company whose business scope includes technical services, technology development, technology consulting, technology exchange, technology transfer, technology promotion and so on. There is a SQL injection vulnerability in the electronic...

7.5AI Score

2024-01-31 12:00 AM
7
nessus
nessus

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8)

The version of AOS installed on the remote host is prior to 6.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8 advisory. Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in...

9.8CVSS

9.4AI Score

0.123EPSS

2024-05-15 12:00 AM
5
nvd
nvd

CVE-2024-29908

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kienso Co-marquage service-public.Fr allows Stored XSS.This issue affects Co-marquage service-public.Fr: from n/a through...

6.5CVSS

6.4AI Score

0.0004EPSS

2024-03-27 07:15 AM
apple
apple

About the security content of tvOS 17.5

About the security content of tvOS 17.5 This document describes the security content of tvOS 17.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available....

7.5AI Score

0.0005EPSS

2024-05-13 12:00 AM
4
cnvd
cnvd

Command Execution Vulnerability in the Operation and Maintenance Audit System of Beijing COSCO Kirin Technology Co. Ltd (CNVD-2022-53245)

COSCO KyLin Technology Co., Ltd. is a R&D-oriented software development company, the company's main products are COSCO KyLin Barrier Machine, KyLin SSL VPN, KyLin Dynamic Password System, KyLin Cloud Desktop and so on. Our main products are COSCO Kirin SSL VPN, Kirin Dynamic Password System, Kirin....

7.5AI Score

2022-06-13 12:00 AM
6
nvd
nvd

CVE-2024-28446

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_netmask parameter at...

7.5AI Score

0.0004EPSS

2024-03-19 06:15 AM
nvd
nvd

CVE-2024-28447

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_ipaddr parameters at...

7.5AI Score

0.0004EPSS

2024-03-19 06:15 AM
2
cve
cve

CVE-2024-28446

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_netmask parameter at...

7.8AI Score

0.0004EPSS

2024-03-19 06:15 AM
32
cve
cve

CVE-2024-28447

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_ipaddr parameters at...

7.8AI Score

0.0004EPSS

2024-03-19 06:15 AM
28
cvelist
cvelist

CVE-2024-28446

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_netmask parameter at...

7.7AI Score

0.0004EPSS

2024-03-19 12:00 AM
1
cvelist
cvelist

CVE-2024-28447

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_ipaddr parameters at...

7.7AI Score

0.0004EPSS

2024-03-19 12:00 AM
1
nvd
nvd

CVE-2024-29758

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kienso Co-marquage service-public.Fr allows Reflected XSS.This issue affects Co-marquage service-public.Fr: from n/a through...

7.1CVSS

6.9AI Score

0.0004EPSS

2024-03-27 02:15 PM
1
redhatcve
redhatcve

CVE-2024-36006

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call list_first_entry() on the respective lists...

6.5AI Score

0.0004EPSS

2024-05-20 06:17 PM
4
zdt

7.4AI Score

2024-03-27 12:00 AM
60
nessus
nessus

EulerOS 2.0 SP8 : openssl (EulerOS-SA-2019-2097)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some...

5.3CVSS

5.7AI Score

0.015EPSS

2019-11-12 12:00 AM
25
redos
redos

ROS-20240503-01

A vulnerability in the Web Audio component of Microsoft Edge and Google Chrome browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code A vulnerability in the Skia graphics library of Google...

9.8CVSS

8.7AI Score

0.001EPSS

2024-05-03 12:00 AM
8
cnvd
cnvd

Arbitrary File Read Vulnerability in Data Leakage Protection (DLP) System of Beijing Yisetong Technology Development Co.

Data Leakage Protection (DLP) system is aimed at serving enterprises and institutions for data asset grooming and data security protection. Data Leakage Protection (DLP) system of Beijing Yisetong Technology Development Co., Ltd. has an arbitrary file reading vulnerability, which can be exploited.....

7.1AI Score

2024-02-06 12:00 AM
5
Total number of security vulnerabilities15425