In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
There is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to impersonate the service account bound to this ClusterRole and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A stack-based buffer overflow vulnerability exists in GStreamer's AV1 video parsing functionality that allows remote attackers to execute arbitrary code when processing specially crafted AV1 video files. The vulnerability affects all versions of GStreamer prior to the patched release and requires user interaction to exploit, though attack vectors may vary depending on implementation. With an EPSS score of 9.18% (93rd percentile), this vulnerability has a higher-than-average likelihood of exploitation in the wild, though it is not currently listed in CISA's KEV catalog.
A heap-based buffer overflow vulnerability in GStreamer's PGS (Presentation Graphic Stream) subtitle file parser allows remote attackers to execute arbitrary code when processing malicious subtitle files. The vulnerability affects all GStreamer installations and requires user interaction to exploit, typically by opening a media file with crafted PGS subtitles. With an EPSS score of 7.71% (92nd percentile), this vulnerability represents a significant exploitation risk in the wild.
A critical integer overflow vulnerability in GStreamer's MXF (Material eXchange Format) video file parser allows remote attackers to execute arbitrary code when processing specially crafted media files. The vulnerability affects all versions of GStreamer prior to the patched releases and requires user interaction (such as opening a malicious video file) to exploit, with an EPSS score of 6.53% indicating moderate real-world exploitation likelihood. While not currently listed in CISA's KEV catalog, the vulnerability has a high CVSS score of 8.8 and patches are available from the vendor.
A stack-based buffer overflow vulnerability in GStreamer's H265 video parsing functionality allows remote attackers to execute arbitrary code when processing maliciously crafted H265 encoded video files. The vulnerability affects all GStreamer installations and requires user interaction (such as opening a malicious video file) but can lead to full system compromise in the context of the running application. With an EPSS score of 6.22% (91st percentile), this vulnerability has a higher-than-average likelihood of exploitation in the wild, and patches are available from the vendor.
A heap-based buffer overflow vulnerability exists in GStreamer's AV1 codec parsing functionality that allows remote attackers to execute arbitrary code. The vulnerability affects all versions of GStreamer prior to the patched release and requires user interaction to exploit, such as opening a malicious AV1 video file. With a CVSS score of 8.8 and patches available since the disclosure, this represents a high-risk vulnerability for applications using GStreamer for media processing.
A critical integer overflow vulnerability in GStreamer's FLAC file parsing functionality allows remote attackers to execute arbitrary code when processing malicious FLAC audio files. The vulnerability affects all versions of GStreamer prior to the patched release and requires user interaction (opening/processing a malicious file) to exploit. With an EPSS score of 5.34% (90th percentile), this vulnerability poses a significant real-world risk, though no active exploitation has been reported in KEV.
An integer overflow vulnerability in GStreamer's RealMedia file parsing functionality allows remote attackers to execute arbitrary code when processing malicious MDPR chunks. The vulnerability affects GStreamer version 1.22.3 and potentially earlier versions, requiring user interaction to trigger but potentially exploitable through various attack vectors depending on implementation. With an EPSS score of 4.97% (90th percentile), this vulnerability poses a significant exploitation risk and has patches available from the vendor.
A heap-based buffer overflow vulnerability in GStreamer's SRT subtitle file parsing functionality allows remote attackers to execute arbitrary code when processing maliciously crafted SRT files. The vulnerability affects all versions of GStreamer and requires user interaction (such as opening a malicious subtitle file), making it particularly dangerous for media players and applications that use GStreamer for subtitle processing. With an EPSS score of 4.74% (89th percentile), this vulnerability has a higher-than-average likelihood of exploitation in the wild.
A critical integer overflow vulnerability exists in GStreamer's RealMedia file parser that allows remote code execution when processing specially crafted MDPR chunks. The vulnerability affects GStreamer version 1.22.3 and potentially earlier versions, enabling attackers to execute arbitrary code in the context of the current process through maliciously crafted RealMedia files. With an EPSS score of 4.54% (89th percentile), this vulnerability has a higher-than-average likelihood of exploitation in the wild, though it requires user interaction to trigger.
A critical integer overflow vulnerability in GStreamer's MXF (Material Exchange Format) video file parser allows remote attackers to execute arbitrary code on affected systems. The vulnerability affects all versions of GStreamer prior to the patched releases and requires user interaction (opening a malicious MXF file) to exploit, with an EPSS score of 4.28% indicating moderate real-world exploitation likelihood. While not currently listed in CISA's Known Exploited Vulnerabilities catalog, the vulnerability has a high CVSS score of 8.8 and patches are available from the vendor.
A use-after-free vulnerability in GStreamer's MXF (Material Exchange Format) video file parser allows remote attackers to execute arbitrary code when processing specially crafted MXF files. The vulnerability affects all GStreamer installations and requires user interaction such as opening a malicious video file, with an EPSS score of 4.17% indicating moderate real-world exploitation likelihood. While not currently in CISA's KEV catalog, the vulnerability has a patch available and was discovered through responsible disclosure by the Zero Day Initiative.
Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Pterodactyl wings is the server control plane for Pterodactyl Panel. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity.
Insecure Permissions vulnerability in e-trust Horacius 1.0, 1.1, and 1.2 allows a local attacker to escalate privileges via the password reset function. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a SQL injection vulnerability via the tuser_Number parameter at search_user.aspx. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in MicroWorld Technologies Inc eScan Antivirus could allow privilege escalation for low-privileged users. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Unquoted path or search item vulnerability in SugarSync versions prior to 4.1.3 for Windows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone by sending. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in ShortPixel ShortPixel Critical CSS shortpixel-critical-css.0.2. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 (ships with BC Java 1.78, BC Java (LTS) 2.73.6) and before BC FIPS TLS Java 1.0.19. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mullvad VPN through 2024.1 on Android does not set a DNS server in the blocking state (after a hard failure to create a tunnel), and thus DNS traffic can leave the device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon allows Reflected XSS.2.0. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic allows Reflected XSS.3.2.0. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Realtyna Realtyna Organic IDX plugin allows Reflected XSS.14.4. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPify s.R.O. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.