| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. |
| A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. |
| A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. |
| mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries. |
| In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are refused in wxWebRequestCURL. |
| A denial-of-service vulnerability exists in the "GetWebLoginCredentials" function in "Sante PACS Server.exe". |
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
| Folo organizes feeds content into one timeline. Using pull_request_target on .github/workflows/auto-fix-lint-format-commit.yml can be exploited by attackers, since untrusted code can be executed having full access to secrets (from the base repo). By exploiting the vulnerability is possible to exfiltrate GITHUB_TOKEN which has high privileges. GITHUB_TOKEN can be used to completely overtake the repo since the token has content write privileges. This vulnerability is fixed in commit 585c6a591440cd39f92374230ac5d65d7dd23d6a. |
| Win32k Elevation of Privilege Vulnerability |
| Windows DWM Core Library Elevation of Privilege Vulnerability |
| Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability |
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
| NT OS Kernel Elevation of Privilege Vulnerability |
| Windows Hyper-V Remote Code Execution Vulnerability |
| Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability |
