Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-29076 |
Description: A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
CVSS: LOW (0.0) EPSS Score: 0.27%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-28895 |
Description: The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip.
Vulnerability found on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.
CVSS: LOW (3.5) EPSS Score: 0.05%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-28461 |
Description: Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."
CVSS: LOW (0.0) EPSS Score: 35.59%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-28022 |
Description: HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.
CVSS: LOW (3.5) EPSS Score: 0.06%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-21401 |
Description: In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS: LOW (0.0) EPSS Score: 0.12%
December 3rd, 2024 (5 months ago)
|
|
CVE-2023-21162 |
Description: In RGXUnbackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS: LOW (0.0) EPSS Score: 0.12%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-45520 |
Description: WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1 allows a remote Denial of Service because of memory corruption during scanning of a PE32 file.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 2nd, 2024 (5 months ago)
|
|
CVE-2024-43703 |
Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 2nd, 2024 (5 months ago)
|
|
CVE-2024-43702 |
Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 2nd, 2024 (5 months ago)
|
|
CVE-2024-43700 |
Description: xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 1st, 2024 (5 months ago)
|