Skip to main content
CVE-2024-21823 HIGH This Week

Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable. Rated high severity (CVSS 7.5). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-3286 HIGH This Week

A buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Lenovo
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-31142 HIGH PATCH This Week

Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Buffer Overflow Xen Fedora
NVD
CVSS 3.1
7.5
EPSS
17.4%
CVE-2024-35299 HIGH This Week

In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Youtrack
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-4844 HIGH This Week

Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-4222 HIGH This Week

The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to,. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Tutor Lms
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2024-21862 HIGH PATCH This Week

Uncontrolled search path in some Intel(R) Quartus(R) Prime Standard Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Intel Quartus Prime
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-21837 HIGH PATCH This Week

Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Intel Quartus Prime
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-21814 HIGH This Week

Uncontrolled search path for some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Chipset Device Software
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-21809 HIGH PATCH This Week

Improper conditions check for some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Intel Quartus Prime
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-21777 HIGH PATCH This Week

Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro Edition Design software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Intel Quartus Prime
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-22095 HIGH This Week

Improper input validation in PlatformVariableInitDxe driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local. Rated high severity (CVSS 7.2). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2024-3640 HIGH This Week

An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

RCE Rockwell
NVD
CVSS 4.0
7.0
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy