Search Results (363401 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-0185 1 Nia 1 Rrj Nueva Ecija Engineer Online Portal 2024-11-21 4.7 Medium
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file dasboard_teacher.php of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249443.
CVE-2024-0171 1 Dell 12 Poweredge C6615, Poweredge C6615 Firmware, Poweredge R6615 and 9 more 2024-11-21 5.3 Medium
Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources.
CVE-2024-0168 1 Dell 1 Unity Operating Environment 2024-11-21 7.8 High
Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svc_oscheck utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to inject arbitrary operating system commands. This vulnerability allows an authenticated attacker to execute commands with root privileges.
CVE-2024-0164 1 Dell 1 Unity Operating Environment 2024-11-21 7.8 High
Dell Unity, versions prior to 5.4, contain an OS Command Injection Vulnerability in its svc_topstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary commands with elevated privileges.
CVE-2024-0160 1 Dell 30 G3 3500, G3 3500 Firmware, G5 5500 and 27 more 2024-11-21 6.8 Medium
Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS.
CVE-2024-0158 1 Dell 776 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 773 more 2024-11-21 5.1 Medium
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges
CVE-2024-0093 5 Canonical, Citrix, Nvidia and 2 more 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more 2024-11-21 6.5 Medium
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure.
CVE-2024-0092 6 Canonical, Citrix, Microsoft and 3 more 14 Ubuntu Linux, Hypervisor, Azure Stack Hci and 11 more 2024-11-21 5.5 Medium
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
CVE-2024-0091 7 Canonical, Citrix, Linux and 4 more 16 Ubuntu Linux, Hypervisor, Linux Kernel and 13 more 2024-11-21 7.8 High
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
CVE-2024-0090 7 Canonical, Citrix, Linux and 4 more 16 Ubuntu Linux, Hypervisor, Linux Kernel and 13 more 2024-11-21 7.8 High
NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2024-0089 2 Microsoft, Nvidia 10 Windows, Cloud Gaming, Geforce and 7 more 2024-11-21 7.8 High
NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering.
CVE-2024-0086 5 Canonical, Citrix, Nvidia and 2 more 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more 2024-11-21 5.5 Medium
NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin.
CVE-2024-0085 6 Canonical, Citrix, Microsoft and 3 more 7 Ubuntu Linux, Hypervisor, Azure Stack Hci and 4 more 2024-11-21 6.3 Medium
NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service.
CVE-2024-0084 5 Canonical, Citrix, Nvidia and 2 more 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more 2024-11-21 7.8 High
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.
CVE-2023-7271 1 Huawei 2 Emui, Harmonyos 2024-11-21 5.5 Medium
Privilege escalation vulnerability in the NMS module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-7248 1 Opentext 1 Vertica 2024-11-21 5 Medium
Certain functionality in OpenText Vertica Management console might be prone to bypass via crafted requests.  The vulnerability would affect one of Vertica’s authentication functionalities by allowing specially crafted requests and sequences. This issue impacts the following Vertica Management Console versions: 10.x 11.1.1-24 or lower 12.0.4-18 or lower Please upgrade to one of the following Vertica Management Console versions: 10.x to upgrade to latest versions from below. 11.1.1-25 12.0.4-19 23.x 24.x
CVE-2023-7244 1 Cisa 1 Icsnpp-ethercat 2024-11-21 9.8 Critical
Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write in their primary analyses function for Ethercat communication packets. This could allow an attacker to cause arbitrary code execution.
CVE-2023-7243 1 Cisa 1 Icsnpp-ethercat 2024-11-21 9.8 Critical
Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write while analyzing specific Ethercat datagrams. This could allow an attacker to cause arbitrary code execution.
CVE-2023-7242 1 Cisa 1 Icsnpp-ethercat 2024-11-21 8.2 High
Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds read during the process of analyzing a specific Ethercat packet. This could allow an attacker to crash the Zeek process and leak some information in memory.
CVE-2023-7226 1 Meiyou 1 Big Whale 2024-11-21 6.3 Medium
A vulnerability was found in meetyoucrop big-whale 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /auth/user/all.api of the component Admin Module. The manipulation of the argument id leads to improper ownership management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250232.