Enterprise Security Vulnerabilities
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to read registry information of the operating system by creating a symbolic...
4.3CVSS
4.3AI Score
0.0004EPSS
An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the...
5.5CVSS
5.4AI Score
0.0004EPSS
HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. Vault will attempt to map the request to memory, resulting in the exhaustion of...
7.5CVSS
7.3AI Score
0.0005EPSS
A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of...
5.5CVSS
4.9AI Score
0.0004EPSS
An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel...
7.1CVSS
6.8AI Score
0.0004EPSS
An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel...
7.1CVSS
6.4AI Score
0.0004EPSS
KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to...
7.5CVSS
7.5AI Score
0.001EPSS
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak...
9.1CVSS
9.2AI Score
0.001EPSS
An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to version 11.6.9 allows a remote administrator to execute arbitrary code as root on the ESM. This is possible as the input isn't correctly sanitized when adding a new data...
8.4CVSS
7.4AI Score
0.001EPSS
A server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary content, potentially altering configuration. This is possible through the certificate validation functionality where the API accepts uploaded content and...
4.3CVSS
4.7AI Score
0.0004EPSS
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5...
5.9CVSS
6.7AI Score
0.001EPSS
A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of...
5.3CVSS
5.1AI Score
0.001EPSS
An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379...
6.5CVSS
6.1AI Score
0.002EPSS
A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the...
7.8CVSS
7.2AI Score
0.0004EPSS
A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel...
6.7CVSS
6.5AI Score
0.0004EPSS
6.2CVSS
5.2AI Score
0.0004EPSS
In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web...
4.8CVSS
5.3AI Score
0.0005EPSS
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise...
8.8CVSS
8.9AI Score
0.363EPSS
A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their...
4.7CVSS
4.6AI Score
0.0004EPSS
An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer...
4.3CVSS
4.8AI Score
0.003EPSS
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary...
7.3CVSS
7AI Score
0.0004EPSS
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target...
7.8CVSS
7.8AI Score
0.0004EPSS
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of...
7.1CVSS
6.8AI Score
0.0004EPSS
6.8CVSS
8AI Score
0.001EPSS
6.5CVSS
7.5AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.001EPSS
7.8CVSS
8.6AI Score
0.003EPSS
7.8CVSS
7.9AI Score
0.001EPSS
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original...
3.3CVSS
6.1AI Score
0.0004EPSS
HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and...
7.5CVSS
7.3AI Score
0.0005EPSS
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other...
3.3CVSS
4AI Score
0.0004EPSS
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code...
9.8CVSS
9.3AI Score
0.003EPSS
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS...
5.4CVSS
5AI Score
0.001EPSS
Stronger revision number limitations were required on file serving endpoints to improve cache poisoning...
5.3CVSS
7AI Score
0.001EPSS
6.1CVSS
7.3AI Score
0.001EPSS
Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to...
5.3CVSS
5AI Score
0.001EPSS
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR...
6.5CVSS
6.8AI Score
0.001EPSS
Students in "Only see own membership" groups could see other students in the group, which should be...
4.3CVSS
4.4AI Score
0.001EPSS
A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and...
8.8CVSS
8.7AI Score
0.002EPSS
H5P metadata automatically populated the author with the user's username, which could be sensitive...
5.3CVSS
5.1AI Score
0.001EPSS
A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and...
8.8CVSS
9.3AI Score
0.002EPSS
A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value....
7.5CVSS
6.2AI Score
0.0004EPSS
A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device...
5.5CVSS
5.8AI Score
0.0004EPSS
A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the...
6.5CVSS
5.9AI Score
0.001EPSS
A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive...
7.5CVSS
6.4AI Score
0.001EPSS
Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML...
9.8CVSS
9.3AI Score
0.001EPSS
Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages. This issue affects Proofpoint Enterprise Protection: from 8.20.0...
6.1CVSS
5.9AI Score
0.001EPSS
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
4.5CVSS
4.3AI Score
0.001EPSS
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...
6.4CVSS
6.3AI Score
0.0004EPSS
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock...
6.6CVSS
6.2AI Score
0.001EPSS