) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-24722 |
An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235. Published: February 19, 2024; 1:15:07 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-26328 |
An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled. Published: February 19, 2024; 12:15:26 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-26327 |
An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations. Published: February 19, 2024; 12:15:22 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-26318 |
Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character. Published: February 18, 2024; 11:15:07 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2020-36774 |
plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash). Published: February 18, 2024; 9:15:47 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2022-48624 |
close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. Published: February 18, 2024; 8:15:48 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-6249 |
Signed to unsigned conversion esp32_ipm_send Published: February 18, 2024; 3:15:07 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-5779 |
can: out of bounds in remove_rx_filter function Published: February 18, 2024; 3:15:06 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-6749 |
Unchecked length coming from user input in settings shell Published: February 18, 2024; 2:15:10 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-52381 |
Script injection vulnerability in the email module.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. Published: February 18, 2024; 2:15:09 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-52380 |
Vulnerability of improper access control in the email module.Successful exploitation of this vulnerability may affect service confidentiality. Published: February 18, 2024; 2:15:09 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-52379 |
Permission control vulnerability in the calendarProvider module.Successful exploitation of this vulnerability may affect service confidentiality. Published: February 18, 2024; 2:15:09 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-52378 |
Vulnerability of incorrect service logic in the WindowManagerServices module.Successful exploitation of this vulnerability may cause features to perform abnormally. Published: February 18, 2024; 2:15:08 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2022-48621 |
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality. Published: February 18, 2024; 2:15:07 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-52377 |
Vulnerability of input data not being verified in the cellular data module.Successful exploitation of this vulnerability may cause out-of-bounds access. Published: February 18, 2024; 1:15:08 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-52376 |
Information management vulnerability in the Gallery module.Successful exploitation of this vulnerability may affect service confidentiality. Published: February 18, 2024; 1:15:08 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-52375 |
Permission control vulnerability in the WindowManagerServices module.Successful exploitation of this vulnerability may affect availability. Published: February 18, 2024; 1:15:07 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-52374 |
Permission control vulnerability in the package management module.Successful exploitation of this vulnerability may affect service confidentiality. Published: February 17, 2024; 11:15:08 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-52373 |
Vulnerability of permission verification in the content sharing pop-up module.Successful exploitation of this vulnerability may cause unauthorized file sharing. Published: February 17, 2024; 11:15:08 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2023-52372 |
Vulnerability of input parameter verification in the motor module.Successful exploitation of this vulnerability may affect availability. Published: February 17, 2024; 11:15:07 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |