Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-22042 | 2024-02-13 | N/A | 7.8 HIGH | ||
A vulnerability has been identified in Unicam FX (All versions). The windows installer agent used in affected product contains incorrect use of privileged APIs that trigger the Windows Console Host (conhost.exe) as a child process with SYSTEM privileges. This could be exploited by an attacker to perform a local privilege escalation attack. | |||||
CVE-2022-4687 | 2024-02-04 | N/A | 8.1 HIGH | ||
Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0. | |||||
CVE-2022-24821 | 1 Xwiki | 1 Xwiki | 2024-02-04 | 5.5 MEDIUM | 8.1 HIGH |
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Simple users can create global SSX/JSX without specific rights: in theory only users with Programming Rights should be allowed to create SSX or JSX that are executed everywhere on a wiki. But a bug allow anyone with edit rights to actually create those. This issue has been patched in XWiki 13.10-rc-1, 12.10.11 and 13.4.6. There's no easy workaround for this issue, administrators should upgrade their wiki. |