| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read. |
| A vulnerability was reported in the Lenovo LeCloud client application that, under certain conditions, could allow information disclosure. |
| A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability. |
| BYTEVALUE Intelligent Flow Control Router contains a command injection vulnerability via the /goform/webRead/open endpoint. The `path` parameter is not properly validated and is echoed into a shell context, allowing an attacker to inject and execute arbitrary shell commands on the device. Successful exploitation can lead to writing backdoors, privilege escalation on the host, and full compromise of the router and its management functions. VulnCheck has observed this vulnerability being targeted by the RondoDox botnet campaign. |
| Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. The Owncast application exposes an administrator API at the URL /api/admin. The emoji/delete endpoint of said API allows administrators to delete custom emojis, which are saved on disk. The parameter name is taken from the JSON request and directly appended to the filepath that points to the emoji to delete. By using path traversal sequences (../), attackers with administrative privileges can exploit this endpoint to delete arbitrary files on the system, outside of the emoji directory. This vulnerability is fixed in 0.1.3. |
| Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
| Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
| External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. |
| Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to deny service locally. |
| Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally. |
| Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally. |
| Use of uninitialized resource in Windows Management Services allows an authorized attacker to disclose information locally. |
| Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
