Total
4348 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-40207 | 1 Intel | 1 System Usage Report | 2025-01-27 | 8.2 High |
| Improper access control in the Intel(R) SUR software before version 2.4.8989 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-41784 | 1 Intel | 1 One Boot Flash Update | 2025-01-27 | 8.8 High |
| Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow an authenticated user to potentially enable escalation of privilege via local access | ||||
| CVE-2022-42465 | 1 Intel | 1 One Boot Flash Update | 2025-01-27 | 7.2 High |
| Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-1834 | 1 Rockwellautomation | 2 Kinetix 5500, Kinetix 5500 Firmware | 2025-01-24 | 9.4 Critical |
| Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default. This could potentially allow attackers unauthorized access to the device through the open ports. | ||||
| CVE-2023-0858 | 1 Canon | 90 I-sensys Lbp621cw, I-sensys Lbp621cw Firmware, I-sensys Lbp623cdw and 87 more | 2025-01-24 | 3.1 Low |
| Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | ||||
| CVE-2023-23573 | 1 Intel | 1 Unite | 2025-01-24 | 4.4 Medium |
| Improper access control in the Intel(R) Unite(R) android application before Release 17 may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2022-41769 | 1 Intel | 1 Connect M | 2025-01-24 | 4.8 Medium |
| Improper access control in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-41621 | 1 Intel | 1 Quickassist Technology | 2025-01-24 | 3.3 Low |
| Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-40972 | 1 Intel | 1 Quickassist Technology | 2025-01-24 | 6.7 Medium |
| Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-29242 | 1 Intel | 6 Oneapi Ai Analytics Toolkit, Oneapi Base Toolkit, Oneapi Dl Framework Developer Toolkit and 3 more | 2025-01-24 | 6.7 Medium |
| Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-31199 | 1 Intel | 1 Solid State Drive Toolbox | 2025-01-24 | 7.1 High |
| Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-30768 | 1 Intel | 128 Server Board S1200btl, Server Board S1200btl Firmware, Server Board S1200btlr and 125 more | 2025-01-24 | 7.1 High |
| Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-2674 | 1 Open-emr | 1 Openemr | 2025-01-24 | 4.3 Medium |
| Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. | ||||
| CVE-2024-47760 | 1 Glpi-project | 1 Glpi | 2025-01-23 | 8.8 High |
| GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.17, a technician with an access to the API can take control of an account with higher privileges. Version 10.0.17 contains a patch for this issue. | ||||
| CVE-2024-2481 | 1 Surya2developer | 1 Hostel Management System | 2025-01-23 | 6.5 Medium |
| A vulnerability, which was classified as critical, was found in Surya2Developer Hostel Management System 1.0. Affected is an unknown function of the file /admin/manage-students.php. The manipulation of the argument del leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-256890 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-23445 | 1 Sick | 14 Ftmg-esd15axx, Ftmg-esd15axx Firmware, Ftmg-esd20axx and 11 more | 2025-01-23 | 7.5 High |
| Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface. | ||||
| CVE-2023-23446 | 1 Sick | 14 Ftmg-esd15axx, Ftmg-esd15axx Firmware, Ftmg-esd20axx and 11 more | 2025-01-23 | 7.5 High |
| Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface. | ||||
| CVE-2023-43748 | 1 Intel | 2 Graphics Performance Analyzer, Graphics Performance Analyzers Framework | 2025-01-23 | 7.8 High |
| Improper access control in some Intel(R) GPA Framework software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-40071 | 1 Intel | 1 Graphics Performance Analyzers | 2025-01-23 | 7.3 High |
| Improper access control in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-10393 | 1 Themeum | 1 Tutor Lms | 2025-01-23 | 5.3 Medium |
| The Tutor LMS plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 2.7.6. This is due to a missing check for the 'users_can_register' option in the 'register_instructor' function. This makes it possible for unauthenticated attackers to register as the default role on the site, even if registration is disabled. | ||||