Total
61593 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-37410 | 2024-05-17 | N/A | 7.0 HIGH | ||
Improper access control for some Intel(R) Thunderbolt driver software before version 89 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-27260 | 2024-05-17 | N/A | 8.4 HIGH | ||
IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 283985. | |||||
CVE-2021-33158 | 2024-05-17 | N/A | 7.2 HIGH | ||
Improper neutralization in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2021-33145 | 2024-05-17 | N/A | 7.2 HIGH | ||
Uncaught exception in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2021-33141 | 2024-05-17 | N/A | 8.6 HIGH | ||
Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated user to potentially enable denial of service via network access. | |||||
CVE-2023-27504 | 2024-05-17 | N/A | 7.2 HIGH | ||
Improper conditions check in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2021-33162 | 2024-05-17 | N/A | 8.4 HIGH | ||
Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2023-28402 | 2024-05-17 | N/A | 7.2 HIGH | ||
Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-4733 | 2024-05-17 | N/A | 7.5 HIGH | ||
The ShiftController Employee Shift Scheduling plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the `hc3_session`-cookie in versions up to, and including, 4.9.57. This makes it possible for an authenticated attacker with contributor access-level or above to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | |||||
CVE-2021-33157 | 2024-05-17 | N/A | 7.2 HIGH | ||
Insufficient control flow management in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2021-33161 | 2024-05-17 | N/A | 7.2 HIGH | ||
Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-4956 | 2024-05-17 | N/A | 7.5 HIGH | ||
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1. | |||||
CVE-2022-37341 | 2024-05-17 | N/A | 7.2 HIGH | ||
Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-3286 | 2024-05-17 | N/A | 7.5 HIGH | ||
A buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request. | |||||
CVE-2024-1417 | 2024-05-17 | N/A | 7.8 HIGH | ||
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in WatchGuard AuthPoint Password Manager on MacOS allows an a adversary with local access to execute code under the context of the AuthPoint Password Manager application. This issue affects AuthPoint Password Manager for MacOS versions before 1.0.6. | |||||
CVE-2023-24460 | 2024-05-17 | N/A | 8.2 HIGH | ||
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2023-45217 | 2024-05-17 | N/A | 8.8 HIGH | ||
Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-27955 | 2024-05-17 | N/A | 8.3 HIGH | ||
Cross-Site Request Forgery (CSRF) vulnerability in WP Automatic Automatic allows Privilege Escalation.This issue affects Automatic: from n/a through 3.92.0. | |||||
CVE-2023-41243 | 2024-05-17 | N/A | 8.8 HIGH | ||
Improper Privilege Management vulnerability in WPvivid Team WPvivid Backup and Migration allows Privilege Escalation.This issue affects WPvivid Backup and Migration: from n/a through 0.9.90. | |||||
CVE-2023-51356 | 2024-05-17 | N/A | 8.8 HIGH | ||
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10. |