| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH). |
| Linear eMerge E3-Series devices allow a Stack-based Buffer Overflow on the ARM platform. |
| Linear eMerge E3-Series devices have a Version Control Failure. |
| Linear eMerge E3-Series devices allow Cross-Site Request Forgery (CSRF). |
| Linear eMerge E3-Series devices have Hard-coded Credentials. |
| Linear eMerge E3-Series devices have Cleartext Credentials in a Database. |
| Linear eMerge E3-Series devices allow Authorization Bypass with Information Disclosure. |
| Linear eMerge E3-Series devices allow Privilege Escalation. |
| Linear eMerge E3-Series devices allow Unrestricted File Upload. |
| Linear eMerge E3-Series devices allow XSS. |
| Linear eMerge E3-Series devices allow File Inclusion. |
| Linear eMerge E3-Series devices allow Directory Traversal. |
| Linear eMerge E3-Series devices have Default Credentials. |
| An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation. |
| An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code (via SCRIPT elements, event handlers, etc.). Since this code is stored by the plugin, the attacker may be able to target anyone who opens the configuration panel of the plugin. |
| In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs. |
| An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x81112ee0 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. |
| An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0. The vulnerable driver exposes a wrmsr instruction and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. |
| An issue was discovered in GPU-Z.sys in TechPowerUp GPU-Z before 2.23.0. The vulnerable driver exposes a wrmsr instruction via an IOCTL and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. |
| An issue was discovered in kerneld.sys in AIDA64 before 5.99. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x80112084 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. |
