| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Information disclosure may occur due to improper permission and access controls to Video Analytics engine. |
| Memory corruption may occur due to improper input validation in clock device. |
| Memory corruption may occur during communication between primary and guest VM. |
| Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine. |
| Memory corruption while processing input message passed from FE driver. |
| Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine. |
| An exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.4 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 and 6.3.0 through 6.3.3 and 6.2.0 through 6.2.1 and 6.1.0 through 6.1.2 and 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 allows attacker to execute unauthorized code or commands via api request. |
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
| Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network. |
| In multiple locations, there is a possible way to obtain any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. |
| Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network. |
| A vulnerability identified in the HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. Utilization of a Bring Your Own Vulnerable Driver (BYOVD) was leveraged to gain access to the critical Windows process memory lsass.exe (Local Security Authority Subsystem Service). The fekern.sys is a driver file associated with the HX Agent (used in all existing HX Agent versions). The vulnerable driver installed in a product or a system running a fully functional HX Agent is, itself, not exploitable as the product’s tamper protection restricts the ability to communicate with the driver to only the Agent’s processes. |
| Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) |
| Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information. |
| Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check. |
| Memory corruption while triggering commands in the PlayReady Trusted application. |
| Memory corruption during the FRS UDS generation process. |
| Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously. |