Enterprise Security Vulnerabilities
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege...
8.8CVSS
8.8AI Score
0.0004EPSS
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate...
8.8CVSS
8.8AI Score
0.0004EPSS
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can execute a specially crafted query that they can then use to serialize untrusted data. The attacker can use the query to execute arbitrary...
8.8CVSS
8.8AI Score
0.001EPSS
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the printf SPL function to perform a denial of service (DoS) against the Splunk Enterprise...
7.5CVSS
7.4AI Score
0.0005EPSS
In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the /saml/acs REST endpoint which can cause a denial of service through a crash or hang of the Splunk...
7.5CVSS
7.4AI Score
0.0005EPSS
In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the...
8.4CVSS
6.1AI Score
0.001EPSS
A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information...
7CVSS
5.8AI Score
0.0004EPSS
A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory...
5.5CVSS
5.7AI Score
0.0004EPSS
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate....
6.5CVSS
6.3AI Score
0.0005EPSS
A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux...
5.5CVSS
6.2AI Score
0.003EPSS
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the...
7.8CVSS
7.3AI Score
0.0004EPSS
libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x before 6.0.11r5, has an out-of-bounds memory access during base64 decoding, leading to both authentication bypass and information disclosure; however, the exact attack surface will depend on the particular VCL (Varnish Configuration.....
6.5CVSS
6.5AI Score
0.001EPSS
A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during...
5.5CVSS
5.8AI Score
0.0004EPSS
Improper authentication vulnerability in Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote unauthenticated attacker to log in to the product's Control Panel and perform an...
7.5CVSS
7.7AI Score
0.001EPSS
Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote authenticated attacker with an administrative privilege to execute arbitrary OS...
7.2CVSS
7.1AI Score
0.001EPSS
Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific...
5.3CVSS
5.1AI Score
0.0005EPSS
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing...
4.3CVSS
4.5AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla:...
6.1CVSS
6.2AI Score
0.0005EPSS
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from...
4.3CVSS
4.6AI Score
0.0004EPSS
A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel...
6.7CVSS
5.5AI Score
0.0004EPSS
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An...
7.8CVSS
7.8AI Score
0.0004EPSS
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating system CLI. An attacker...
5.5CVSS
5.5AI Score
0.0004EPSS
A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also...
7.1CVSS
6.5AI Score
0.0004EPSS
A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel...
7.1CVSS
6.5AI Score
0.0004EPSS
A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity...
5.5CVSS
5.8AI Score
0.0004EPSS
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with...
9.1CVSS
8.8AI Score
0.001EPSS
A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an...
9.8CVSS
9.5AI Score
0.001EPSS
An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this...
9.8CVSS
9.5AI Score
0.001EPSS
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with...
8.8CVSS
9.2AI Score
0.001EPSS
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such...
4.3CVSS
6AI Score
0.001EPSS
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
6.5CVSS
6.9AI Score
0.001EPSS
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and earlier) All UniFi Switches...
9.8CVSS
9.2AI Score
0.002EPSS
A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.53 and earlier) All UniFi Switches (Version 6.5.32 and earlier) ....
9.8CVSS
8.6AI Score
0.003EPSS
HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in...
7.4CVSS
7AI Score
0.0005EPSS
A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file...
6.7CVSS
6.6AI Score
0.0004EPSS
6.5CVSS
6.4AI Score
0.001EPSS
8.1CVSS
6.9AI Score
0.001EPSS
7.8CVSS
8.1AI Score
0.001EPSS
7.8CVSS
8.6AI Score
0.001EPSS
6.5CVSS
6.2AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS
7.8CVSS
8.1AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the...
7.8CVSS
7.5AI Score
0.0004EPSS
A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits -...
5.5CVSS
6.4AI Score
0.0004EPSS
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue.....
5CVSS
4.5AI Score
0.001EPSS
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can...
6.5CVSS
6.3AI Score
0.0004EPSS
Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local...
7.8CVSS
7.6AI Score
0.0004EPSS
A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service...
5.5CVSS
5.4AI Score
0.0004EPSS