| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. |
|
FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common industrial protocol to become unresponsive to any type of packet, resulting in a denial-of-service to FactoryTalk Linx over the common industrial protocol.
|
|
Currently, geomap configuration (Administration -> General -> Geographical maps) allows using HTML in the field “Attribution text” when selected “Other” Tile provider.
|
| An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and potentially crack them offline. |
| An attacker who has gained access to an admin account can perform RCE via null-byte injection
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 |
| IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 could allow an authenticated user send a specially crafted request that could cause a denial of service. IBM X-Force ID: 251704. |
| Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a privileged user to potentially enable escalation of privilege via local access. |
| Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable information disclosure via local access. |
| Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before 4.0.1.
|
| Memory corruption in core services when Diag handler receives a command to configure event listeners. |
| IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397. |
| Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
| Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access. |
| Authenticated users were able to enumerate other users' names via the learning plans page. |
| Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default. |
| A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution. |
|
Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user.
|
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
|
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
|
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
|
