21
|
7.5 |
HIGH
Network
realtek
|
rtl8812au_firmware
|
An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service.
Update
|
NVD-CWE-noinfo
|
CVE-2020-26652
|
2024-10-4 05:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
22
|
5.5 |
MEDIUM
Local
|
ogg_video_tools_project
|
ogg_video_tools
|
A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening…
Update
|
NVD-CWE-noinfo
|
CVE-2020-21723
|
2024-10-4 05:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
23
|
4.3 |
MEDIUM
Network
|
multiparcels
|
multiparcels_shipping_for_woocommerce
|
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.2 does not have CRSF check when deleting a shipment, allowing attackers to make any logged in user, delete arbitrary shipment vi…
Update
|
-
|
CVE-2023-3366
|
2024-10-4 05:35 |
2023-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
24
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap …
Update
|
CWE-416
Use After Free
|
CVE-2023-2458
|
2024-10-4 05:35 |
2023-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
25
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium se…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-2457
|
2024-10-4 05:35 |
2023-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
26
|
8.6 |
HIGH
Network
cisco
|
ios_xe
|
A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition o…
Update
|
NVD-CWE-noinfo
|
CVE-2024-20467
|
2024-10-4 05:09 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
27
|
8.6 |
HIGH
Network
cisco
|
ios_xe
|
A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utiliz…
Update
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2024-20480
|
2024-10-4 05:07 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
28
|
4.3 |
MEDIUM
Network
|
gestsup
|
gestsup
|
A Cross-Site Request Forgery (CSRF) in Gestsup v3.2.46 allows attackers to arbitrarily edit user profile information via a crafted request.
Update
|
CWE-352
Origin Validation Error
|
CVE-2023-52060
|
2024-10-4 04:58 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
29
|
5.4 |
MEDIUM
Network
|
trendmicro
|
interscan_web_security_virtual_appliance
|
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations.
Please note…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-36359
|
2024-10-4 04:49 |
2024-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
30
|
7.8 |
HIGH
Local
|
aveva
|
pi_asset_framework_client
|
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socia…
Update
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-3467
|
2024-10-4 04:47 |
2024-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|