2024-05-16: [CVE-2024-4761] Google Chromium V8 Out-of-Bounds Memory Write Vulnerability
Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect…
2024-05-16: [CVE-2021-40655] D-Link DIR-605 Router Information Disclosure Vulnerability
D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obtain a username and password by forging a…
2024-05-16: [CVE-2014-100005] D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability
D-Link DIR-600 routers contain a cross-site request forgery (CSRF) vulnerability that allows an attacker to change router configurations by hijacking…
2024-05-14: [CVE-2024-30040] Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass. CISA Known Exploited Vulnerabilities Catalog…
2024-05-14: [CVE-2024-30051] Microsoft DWM Core Library Privilege Escalation Vulnerability
Microsoft DWM Core Library contains a privilege escalation vulnerability that allows an attacker to gain SYSTEM privileges. CISA Known Exploited…
2024-05-13: [CVE-2024-4671] Google Chromium in Visuals Use-After-Free Vulnerability
Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML…
2024-03-05: [CVE-2023-21237] Android Pixel Information Disclosure Vulnerability
Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, providing a means…
2024-03-05: [CVE-2021-36380] Sunhillo SureLine OS Command Injection Vulnerablity
Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service or utilize the device…
2024-03-06: [CVE-2024-23225] Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary…
2024-03-06: [CVE-2024-23296] Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel…
2024-03-25: [CVE-2021-44529] Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute…
2024-03-07: [CVE-2024-27198] JetBrains TeamCity Authentication Bypass Vulnerability
JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions. CISA Known Exploited Vulnerabilities Catalog…
2024-03-25: [CVE-2019-7256] Nice Linear eMerge E3-Series OS Command Injection Vulnerability
Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution. CISA…
2024-03-25: [CVE-2023-48788] Fortinet FortiClient EMS SQL Injection Vulnerability
Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically…
2024-03-26: [CVE-2023-24955] Microsoft SharePoint Server Code Injection Vulnerability
Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code…
2024-04-04: [CVE-2024-29748] Android Pixel Privilege Escalation Vulnerability
Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device…
2024-04-04: [CVE-2024-29745] Android Pixel Information Disclosure Vulnerability
Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices.…
2024-04-11: [CVE-2024-3273] D-Link Multiple NAS Devices Command Injection Vulnerability
D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contain a command injection vulnerability. When combined with CVE-2024-3272, this can lead to remote,…
2024-04-11: [CVE-2024-3272] D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability
D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading…
2024-04-12: [CVE-2024-3400] Palo Alto Networks PAN-OS Command Injection Vulnerability
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with…