An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine (KVM) is a full virtualization solution for...
7.3AI Score
Release Information for NEC Storage V Series Plug-In for Veeam Backup & Replication
Release Information for NEC Storage V Series Plug-In for Veeam Backup &...
2.1AI Score
securenvoy-cve-2024-37393 RESPONSIBLE DISCLOSURE...
7.5CVSS
7.7AI Score
0.013EPSS
WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery
WordPress PhonePe Payment Solutions plugin through 1.0.15 is susceptible to server-side request forgery. An attacker can cause a website to execute website requests to an arbitrary domain, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized...
7.5CVSS
6.7AI Score
0.004EPSS
An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine (KVM) is a full virtualization solution for...
7CVSS
7.2AI Score
0.002EPSS
Security Bulletin: NVIDIA GPU Display Driver - June 2024
NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software and Cloud Gaming updates,...
7.8CVSS
8AI Score
0.0004EPSS
Moderate: qemu-kvm security update
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix(es): QEMU: e1000e: heap use-after-free in e1000e_write_packet_to_guest()...
7CVSS
6.8AI Score
0.002EPSS
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...
7.5CVSS
7.7AI Score
0.013EPSS
9.8CVSS
9.3AI Score
0.028EPSS
nec-escrime.fr Cross Site Scripting vulnerability OBB-3900386
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
[8.2.0-11] - kvm-coroutine-cap-per-thread-local-pool-size.patch [RHEL-28947] - kvm-coroutine-reserve-5-000-mappings.patch [RHEL-28947] - Resolves: RHEL-28947 (Qemu crashing with 'failed to set up stack guard page: Cannot allocate memory') [8.2.0-10] -...
7CVSS
7.8AI Score
0.002EPSS
Windows Display Driver Enumeration
Nessus was able to enumerate one or more of the display drivers on the remote host via...
3.4AI Score
(RHSA-2024:2135) Moderate: qemu-kvm security update
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix(es): QEMU: e1000e: heap use-after-free in e1000e_write_packet_to_guest()...
6.7AI Score
0.002EPSS
Dell Display Manager Installed (Windows)
Dell Display Manager was detected on the remote Windows...
7.1AI Score
Grandstream Networking Solutions Device Web Detection
The web interface for a Grandstream Networking Solutions device, such as a router or wireless access point, was detected on the remote...
2.2AI Score
Justice AV Solutions JVS Viewer Installed (Windows)
Justice AV Solutions JVS Viewer is installed on the remote Windows...
7.4AI Score
Automated Solutions Modbus/TCP OPC Server Detection
Automated Solutions' Modbus/TCP OPC Server is installed on the remote Windows...
2.3AI Score
Comments in display names are incorrectly handled in net/mail
The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different...
7.1AI Score
0.0004EPSS
Race condition in Online Solutions Security Suite 1.5.14905.0 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes...
6.9AI Score
0.0004EPSS
h3. Issue Summary This is reproducible on Data Center: yes h3. Steps to Reproduce # Create an Application link to Jira Instance with different "Application" and 'Display URLs' !image-2024-05-14-18-13-31-601.png|thumbnail! # Block the 'Application URL' access on the client system (browser) using...
7.1AI Score
NVIDIA Linux GPU Display Driver (February 2024)
The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities: NVIDIA GPU Display Driver for WIndows and Linux contains a vulnerability in the kernel mode data handler, where an unprivileged regular user can...
7.1CVSS
6AI Score
EPSS
NVIDIA Windows GPU Display Driver (June 2024)
A display driver installed on the remote Windows host is affected by multiple vulnerabilities, including the following: NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of...
7.8CVSS
6.8AI Score
0.0004EPSS
NVIDIA Windows GPU Display Driver (February 2024)
A display driver installed on the remote Windows host is affected by multiple vulnerabilities, including the following: NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write. A successful...
7.8CVSS
6.5AI Score
0.0004EPSS
display-design.de Cross Site Scripting vulnerability OBB-3916592
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
NVIDIA Linux GPU Display Driver (June 2024)
The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, including the following: NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful...
7.8CVSS
6.8AI Score
0.0004EPSS
SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote attackers to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL...
8.7AI Score
0.005EPSS
Turnkey Web Tools SunShop Shopping Cart allows remote attackers to obtain sensitive information via a phpinfo action to (1) index.php, (2) admin/index.php, and (3) admin/adminindex.php, which executes the PHP phpinfo function. NOTE: The vendor has disputed this issue, saying that "Having this in...
6.8AI Score
0.003EPSS
solutions-ressources-humaines.com Cross Site Scripting vulnerability OBB-3872295
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
NVIDIA Windows GPU Display Driver Multiple Vulnerabilities (February 2019)
The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities: A vulnerability in the 3D vision component in which the stereo service software, when opening a file, does not check for hard links. This...
7.8CVSS
7.7AI Score
0.001EPSS
CVE-2022-48766 drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU. Mirrors the logic for dcn30. Cue lots of WARNs and some kernel panics without this...
0.0004EPSS
CVE-2023-52460 drm/amd/display: Fix NULL pointer dereference at hibernate
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference at hibernate During hibernate sequence the source context might not have a clk_mgr. So don't use it to look for DML2...
6.8AI Score
0.0004EPSS
CVE-2023-52460 drm/amd/display: Fix NULL pointer dereference at hibernate
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference at hibernate During hibernate sequence the source context might not have a clk_mgr. So don't use it to look for DML2...
5.6AI Score
0.0004EPSS
Justice AV Solutions JVS Viewer Embedded Malicious Code (CVE-2024-4978)
The version of Justice AV Solutions JVS Viewer installed on the remote host is 8.3.7. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4978 advisory. Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an...
8.4CVSS
7.2AI Score
0.028EPSS
The remote host contains the Automated Solutions Modbus TCP Slave ActiveX control, which allows a PC to emulate a Modbus Serial and / or TCP slave device. The version of this control installed on the remote host reportedly contains a buffer overflow issue with the Modbus/TCP Diagnostic function...
3.2AI Score
CVE-2023-52634 drm/amd/display: Fix disable_otg_wa logic
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix disable_otg_wa logic [Why] When switching to another HDMI mode, we are unnecesarilly disabling/enabling FIFO causing both HPO and DIG registers to be set at the same time when only HPO is supposed to be set....
6.8AI Score
0.0004EPSS
Investigate Security Vulnerability of getPhysicalDisplayToken
In sanitize of LayerState.cpp, there is a possible way to take over the screen display and swap the display content due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.3AI Score
0.0004EPSS
CVE-2023-52773 drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() When ddc_service_construct() is called, it explicitly checks both the link type and whether there is something on the link which will dictate whether the pin.....
5.3AI Score
0.0004EPSS
CVE-2023-52634 drm/amd/display: Fix disable_otg_wa logic
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix disable_otg_wa logic [Why] When switching to another HDMI mode, we are unnecesarilly disabling/enabling FIFO causing both HPO and DIG registers to be set at the same time when only HPO is supposed to be set....
6.6AI Score
0.0004EPSS
CVE-2023-52773 drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() When ddc_service_construct() is called, it explicitly checks both the link type and whether there is something on the link which will dictate whether the pin.....
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color transformation function. The issue could occur when the index 'i' exceeds the number of transfer...
7.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color transformation function. The issue could occur when the index 'i' exceeds the number of transfer...
7.1AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Clear Clearml
NOTE: this cve was not found by me, i'm simply reuploading a...
8.8CVSS
6.8AI Score
0.001EPSS
LG LED Assistant, a digital signage management application, is running on the remote...
7AI Score
CVE-2022-48698 drm/amd/display: fix memory leak when using debugfs_lookup()
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...
6.7AI Score
0.0004EPSS
CVE-2024-26648 drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay()
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() In edp_setup_replay(), 'struct dc dc' & 'struct dmub_replay replay' was dereferenced before the pointer 'link' & 'replay' NULL check. Fixes the...
6.7AI Score
0.0004EPSS
User with system administrator privilege can search restricted pages.
h3. Issue Summary Starting Confluence 8.5.1 when a user is granted System administrator permission at Global permissions. The user can search for Restricted content and the restricted page gets displayed in search, when tried to access it says "Page can't be found". This behaviour is not...
6.7AI Score
CVE-2024-26767 drm/amd/display: fixed integer types and null check locations
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null...
6.9AI Score
0.0004EPSS
CVE-2024-4978 Malicious Code in Justice AV Solutions (JAVS) Viewer
Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell...
8.4CVSS
7AI Score
0.028EPSS
CVE-2024-35788 drm/amd/display: Fix bounds check for dcn35 DcfClocks
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix bounds check for dcn35 DcfClocks [Why] NumFclkLevelsEnabled is used for DcfClocks bounds check instead of designated NumDcfClkLevelsEnabled. That can cause array index out-of-bounds access. [How] Use...
7.5AI Score
0.0004EPSS
CVE-2024-4978 Malicious Code in Justice AV Solutions (JAVS) Viewer
Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell...
8.4CVSS
8.4AI Score
0.028EPSS