6.8AI Score
0.0004EPSS
6.9AI Score
0.005EPSS
6.9AI Score
0.003EPSS
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. Due to improper authority checks the attacker could perform operations on the PC under the user's authority. IBM X-Force ID: ...
8.8CVSS
7AI Score
0.0005EPSS
An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine (KVM) is a full virtualization solution for...
7.2AI Score
0.002EPSS
Moderate: qemu-kvm security update
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix(es): QEMU: e1000e: heap use-after-free in e1000e_write_packet_to_guest()...
6.8AI Score
0.002EPSS
[8.2.0-11] - kvm-coroutine-cap-per-thread-local-pool-size.patch [RHEL-28947] - kvm-coroutine-reserve-5-000-mappings.patch [RHEL-28947] - Resolves: RHEL-28947 (Qemu crashing with 'failed to set up stack guard page: Cannot allocate memory') [8.2.0-10] -...
7.8AI Score
0.002EPSS
(RHSA-2024:2135) Moderate: qemu-kvm security update
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix(es): QEMU: e1000e: heap use-after-free in e1000e_write_packet_to_guest()...
6.7AI Score
0.002EPSS
Comments in display names are incorrectly handled in net/mail
The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different...
7.1AI Score
0.0004EPSS
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will...
5.5CVSS
6.1AI Score
0.001EPSS
Incorrect mProviderPkg Display in SlicePermissionActivity
In onCreate of SlicePermissionActivity.java, there is a possible misleading string displayed due to improper input validation. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for...
5CVSS
4.8AI Score
0.0004EPSS
Local PDoS using large display padding values
In setDisplayPadding of WallpaperManagerService.java, there is a possible way to cause a persistent DoS due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.7AI Score
0.0004EPSS
Edge < 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Author Display Name
Description The Edge theme for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary....
5.8AI Score
0.0004EPSS
Pliska < 0.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Author Display Name
Description The Pliska theme for WordPress is vulnerable to Stored Cross-Site Scripting via author display names in all versions up to, and including, 0.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
5.9AI Score
0.0004EPSS
Windows Display Driver Enumeration
Nessus was able to enumerate one or more of the display drivers on the remote host via...
3.4AI Score
Dell Display Manager Installed (Windows)
Dell Display Manager was detected on the remote Windows...
7.1AI Score
A vulnerability was found in IET-OU Open Media Player up to 1.5.0. It has been declared as problematic. This vulnerability affects the function webvtt of the file application/controllers/timedtext.php. The manipulation of the argument ttml_url leads to cross site scripting. The attack can be...
6.2AI Score
0.001EPSS
7AI Score
Untrusted entity can create a trusted virtual display
In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a trusted virtual display due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
Grandstream Networking Solutions Device Web Detection
The web interface for a Grandstream Networking Solutions device, such as a router or wireless access point, was detected on the remote...
2.2AI Score
Justice AV Solutions JVS Viewer Installed (Windows)
Justice AV Solutions JVS Viewer is installed on the remote Windows...
7.4AI Score
NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated...
7AI Score
0.0004EPSS
h3. Issue Summary This is reproducible on Data Center: yes h3. Steps to Reproduce # Create an Application link to Jira Instance with different "Application" and 'Display URLs' !image-2024-05-14-18-13-31-601.png|thumbnail! # Block the 'Application URL' access on the client system (browser) using...
7.1AI Score
Automated Solutions Modbus/TCP OPC Server Detection
Automated Solutions' Modbus/TCP OPC Server is installed on the remote Windows...
2.3AI Score
NVIDIA GPU Display Driver February 2024 Security Update
NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows, which might allow escalation of privilege, arbitrary code execution, denial of service, information disclosure. NVIDIA has released updates to mitigate these vulnerabilities. ...
8.2AI Score
0.0004EPSS
nec-escrime.fr Cross Site Scripting vulnerability OBB-3900386
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
solutions-ressources-humaines.com Cross Site Scripting vulnerability OBB-3872295
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Stark Industries Solutions: An Iron Hammer in the Cloud
The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government.....
6.8AI Score
Moodle may display roles to users who don't have access to them
The course participation report required additional checks to prevent roles being displayed which the user did not have access to...
5.4AI Score
0.001EPSS
Moodle may display roles to users who don't have access to them
The course participation report required additional checks to prevent roles being displayed which the user did not have access to...
5.1AI Score
0.001EPSS
A vulnerability classified as critical has been found in Shenzhen Youkate Industrial Facial Love Cloud Payment System up to 1.0.55.0.0.1. This affects an unknown part of the file /SystemMng.ashx of the component Account Handler. The manipulation of the argument operatorRole with the input 00 leads....
9.8CVSS
7.3AI Score
0.001EPSS
CVE-2023-52634 drm/amd/display: Fix disable_otg_wa logic
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix disable_otg_wa logic [Why] When switching to another HDMI mode, we are unnecesarilly disabling/enabling FIFO causing both HPO and DIG registers to be set at the same time when only HPO is supposed to be set....
6.4AI Score
0.0004EPSS
Criminal IP: Enhancing Security Solutions through AWS Marketplace Integration
By Cyber Newswire AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced today that its proprietary search engine, Criminal… This is a post from HackRead.com Read the original post: Criminal IP: Enhancing Security Solutions through AWS Marketplace...
7.3AI Score
7.4AI Score
Quanxun Huiju Network Technology (Beijing) Co.,Ltd IK-Q3000 3.7.10 x64 Build202401261655 was discovered to be vulnerable to an ICMP redirect...
7.6AI Score
CVE-2024-4978 Malicious Code in Justice AV Solutions (JAVS) Viewer
Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell...
7.2AI Score
0.002EPSS
CVE-2024-26914 drm/amd/display: fix incorrect mpc_combine array size
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix incorrect mpc_combine array size [why] MAX_SURFACES is per stream, while MAX_PLANES is per asic. The mpc_combine is an array that records all the planes per asic. Therefore MAX_PLANES should be used as the...
6.9AI Score
0.0004EPSS
An issue in Quanxun Huiju Network Technology(Beijing) Co.,Ltd IK-Q3000 3.7.10 x64 Build202401261655 allows attackers to cause a Denial of Service (DoS) when attempting to make TCP...
7.2AI Score
6.3AI Score
0.001EPSS
CVE-2024-26833 drm/amd/display: Fix memory leak in dm_sw_fini()
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix memory leak in dm_sw_fini() After destroying dmub_srv, the memory associated with it is not freed, causing a memory leak: unreferenced object 0xffff896302b45800 (size 1024): comm "(udev-worker)", pid 222,...
6.3AI Score
0.0004EPSS
CVE-2021-47042 drm/amd/display: Free local data after use
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Free local data after use Fixes the following memory leak in dc_link_construct(): unreferenced object 0xffffa03e81471400 (size 1024): comm "amd_module_load", pid 2486, jiffies 4294946026 (age 10.544s) hex dump...
6.2AI Score
0.0004EPSS
gnome-shell, gnome-menus, and gnome-shell-extensions bug fix update
An update is available for gnome-menus, gnome-shell, gnome-shell-extensions. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNOME Shell acts as a compositing...
7.3AI Score
Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through...
7.6CVSS
6.9AI Score
0.0004EPSS
CVE-2024-35799 drm/amd/display: Prevent crash when disable stream
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent crash when disable stream [Why] Disabling stream encoder invokes a function that no longer exists. [How] Check if the function declaration is NULL in disable stream...
6.7AI Score
0.0004EPSS
CVE-2023-52695 drm/amd/display: Check writeback connectors in create_validate_stream_for_sink
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check writeback connectors in create_validate_stream_for_sink [WHY & HOW] This is to check connector type to avoid unhandled null pointer for writeback...
6.5AI Score
0.0004EPSS
CVE-2023-52625 drm/amd/display: Refactor DMCUB enter/exit idle interface
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface [Why] We can hang in place trying to send commands when the DMCUB isn't powered on. [How] We need to exit out of the idle state prior to sending a command, but the process.....
6.7AI Score
0.0004EPSS
CVE-2024-26797 drm/amd/display: Prevent potential buffer overflow in map_hw_resources
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent potential buffer overflow in map_hw_resources Adds a check in the map_hw_resources function to prevent a potential buffer overflow. The function was accessing arrays using an index that could potentially...
7.5AI Score
0.0004EPSS
CVE-2024-26700 drm/amd/display: Fix MST Null Ptr for RV
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV The change try to fix below error specific to RV platform: BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 4 PID: 917...
6.3AI Score
0.0004EPSS
CVE-2023-52673 drm/amd/display: Fix a debugfs null pointer error
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a debugfs null pointer error [WHY & HOW] Check whether get_subvp_en() callback exists before calling...
6.8AI Score
0.0004EPSS
CVE-2023-52624 drm/amd/display: Wake DMCUB before executing GPINT commands
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. [How] Add dc_wake_and_execute_gpint() to wrap...
6.5AI Score
0.0004EPSS