6.3CVSS
6.8AI Score
0.0005EPSS
7.3CVSS
9AI Score
0.0004EPSS
7.5CVSS
7.6AI Score
0.0005EPSS
7.5CVSS
7.7AI Score
0.0005EPSS
9.8CVSS
9.3AI Score
0.001EPSS
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a...
5.9CVSS
6.7AI Score
0.963EPSS
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and...
8.8CVSS
8.9AI Score
0.002EPSS
6.5CVSS
6.1AI Score
0.0005EPSS
7.5CVSS
7.3AI Score
0.002EPSS
7.5CVSS
7.3AI Score
0.001EPSS
6.5CVSS
6.6AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS
In PowerShell App Deployment Toolkit (aka PSAppDeployToolkit) through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
8.1CVSS
8.2AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.002EPSS
7.8CVSS
8.7AI Score
0.002EPSS
7.8CVSS
8.2AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
6.5CVSS
6.8AI Score
0.001EPSS
7.3CVSS
7.4AI Score
0.001EPSS
7.3CVSS
7.7AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.002EPSS
Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier allows an authenticated user to access sensitive data on entries that were edited using the affected...
6.5CVSS
6.4AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.001EPSS
7.5CVSS
7.3AI Score
0.002EPSS
7.8CVSS
8.2AI Score
0.002EPSS
7.8CVSS
7.5AI Score
0.0004EPSS
8.5CVSS
8.4AI Score
0.01EPSS
The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafted....
7.2CVSS
6.9AI Score
0.002EPSS
Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and...
8.8CVSS
8.5AI Score
0.002EPSS
5.9CVSS
5.7AI Score
0.001EPSS
7.5CVSS
7.3AI Score
0.002EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
6.3CVSS
7AI Score
0.006EPSS
5.5CVSS
5.6AI Score
0.002EPSS
5.7CVSS
5.4AI Score
0.006EPSS
5CVSS
5.7AI Score
0.001EPSS
7.5CVSS
7.2AI Score
0.002EPSS
8.1CVSS
8.3AI Score
0.081EPSS
6.5CVSS
6.8AI Score
0.002EPSS
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...
6.5CVSS
7AI Score
0.006EPSS
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC. To exploit the...
6.7CVSS
7.6AI Score
0.0004EPSS
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service...
7.5CVSS
7.3AI Score
0.001EPSS
A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service...
7.5CVSS
7.2AI Score
0.001EPSS
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass...
4.1CVSS
4.2AI Score
0.0004EPSS
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631,...
7.8CVSS
8.3AI Score
0.001EPSS
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627,...
7.8CVSS
8.3AI Score
0.001EPSS