Latest CVE Feed
-
7.2
CVSS31CVE-2024-21781
Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to enable information disclosure or denial of service via local access.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
5.3
CVSS31CVE-2023-43753
Improper conditions check in some Intel(R) Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
7.5
CVSS31CVE-2023-43626
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
8.2
CVSS31CVE-2023-42772
Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
7.5
CVSS31CVE-2023-41833
A race condition in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
2.5
CVSS31CVE-2023-25546
Out-of-bounds read in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
6.1
CVSS31CVE-2023-23904
NULL pointer dereference in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
6.1
CVSS31CVE-2023-22351
Out-of-bounds write in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
0.0
NONECVE-2024-8752
The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
0.0
NONECVE-2024-44623
An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
0.0
NONECVE-2024-7104
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
0.0
NONECVE-2024-7098
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
0.0
NONECVE-2024-6401
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection.This issue affects InsureE GL: before 4.6.2.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
2.5
CVSS31CVE-2024-45835
Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
3.7
CVSS31CVE-2024-39772
Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
6.3
CVSS31CVE-2024-38315
IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
0.0
NONECVE-2024-46419
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg function via the ssid5g parameter.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
0.0
NONECVE-2024-46937
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server (SAS) 1.8.x through 1.9.x before 1.9.040924 allows remote attackers gain access to user tokens without authen... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
0.0
NONECVE-2024-46451
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024
-
0.0
NONECVE-2024-46424
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the UploadCustomModule function, which allows attackers to cause a Denial of Service (DoS) via the File parameter.... Read more
Affected Products :- Published: Sep. 16, 2024
- Modified: Sep. 16, 2024