711
|
7.8 |
HIGH
Local
|
intel
|
one_boot_flash_update
|
Protection mechanism failure in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
Update
|
NVD-CWE-noinfo
|
CVE-2023-25945
|
2024-10-30 01:15 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
712
|
5.5 |
MEDIUM
Local
|
intel
|
driver_\&_support_assistant
|
Improper access control in some Intel(R) DSA software before version 23.4.33 may allow an authenticated user to potentially enable denial of service via local access.
Update
|
NVD-CWE-noinfo
|
CVE-2023-25073
|
2024-10-30 01:15 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
713
|
7.8 |
HIGH
Local
|
intel
|
binary_configuration_tool
|
Uncontrolled search path in some Intel(R) Binary Configuration Tool software before version 3.4.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2023-24591
|
2024-10-30 01:15 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
714
|
7.8 |
HIGH
Local
|
intel
|
computing_improvement_program
|
Uncontrolled search path in some Intel(R) CIP software before version 2.4.10577 may allow an authenticated user to potentially enable escalation of privilege via local access.
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2023-35769
|
2024-10-30 01:14 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
715
|
6.7 |
MEDIUM
Local
|
intel
|
driver_\&_support_assistant
|
Improper access control in some Intel(R) DSA software before version 23.4.33 may allow a privileged user to potentially enable escalation of privilege via local access.
Update
|
NVD-CWE-noinfo
|
CVE-2023-35062
|
2024-10-30 01:14 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
716
|
7.8 |
HIGH
Local
|
intel
|
battery_life_diagnostic_tool
|
Uncontrolled search path in some Intel(R) Battery Life Diagnostic Tool software before version 2.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2023-35060
|
2024-10-30 01:14 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
717
|
7.5 |
HIGH
Network
intel
|
performance_counter_monitor
|
Buffer underflow in some Intel(R) PCM software before version 202307 may allow an unauthenticated user to potentially enable denial of service via network access.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-34351
|
2024-10-30 01:14 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
718
|
9.8 |
CRITICAL
Network
acnoo
|
flutter_api
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a through 1.0.5.
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-50486
|
2024-10-30 01:07 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
719
|
4.8 |
MEDIUM
Network
|
aftabhusain
|
category_and_taxonomy_meta_fields
|
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image meta field value in the 'wpaft_add_meta_textinput' function in versions up to, an…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9590
|
2024-10-30 01:07 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
720
|
4.8 |
MEDIUM
Network
|
aftabhusain
|
category_and_taxonomy_meta_fields
|
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'new_meta_name' parameter in the 'wpaft_option_page' function in versions up to, and in…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9589
|
2024-10-30 01:07 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|