An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Microsoft
Denial Of Service
Nomachine
Windows 10
Windows 7
+1
NVD
Exploit-DB
CVSS 3.0
7.8
EPSS
3.1%
The K2 component 2.8.0 for Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Path Traversal
PHP
K2
NVD
Exploit-DB
CVSS 3.0
7.5
EPSS
2.4%