8.8

CVSS3.1

CVE-2025-1240 - WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open…

πŸ“… Published: Feb. 11, 2025, 9:53 p.m. πŸ”„ Last Modified: Aug. 18, 2025, 6:14 p.m.

0

CVSS3.1

CVE-2024-32037 - GeoNetwork vulnerable to search end-point information disclosure in response headers

GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because it allows software u…

πŸ“… Published: Feb. 11, 2025, 9:50 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

3

CVSS3.1

CVE-2023-31331 -

Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability.

πŸ“… Published: Feb. 11, 2025, 9:44 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2022-3180 - WPGateway <= 3.5 - Unauthenticated Privilege Escalation

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts.

πŸ“… Published: Feb. 11, 2025, 9:38 p.m. πŸ”„ Last Modified: June 5, 2025, 2:24 p.m.

5.3

CVSS3.1

CVE-2023-20582 -

Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry (PTE) faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest memory integrity.

πŸ“… Published: Feb. 11, 2025, 9:35 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

2.5

CVSS3.1

CVE-2023-20581 -

Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity.

πŸ“… Published: Feb. 11, 2025, 9:26 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.7

CVSS3.1

CVE-2023-20515 -

Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability.

πŸ“… Published: Feb. 11, 2025, 9:16 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

2.3

CVSS3.1

CVE-2023-20507 -

An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity.

πŸ“… Published: Feb. 11, 2025, 9:02 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.2

CVSS3.1

CVE-2024-21924 -

SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution.

πŸ“… Published: Feb. 11, 2025, 8:18 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.3

CVSS3.1

CVE-2023-31361 -

A DLL hijacking vulnerability in AMD Integrated Management Technology (AIM-T) Manageability Service could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.

πŸ“… Published: Feb. 11, 2025, 8:07 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 344690
Page 6328 of 34,469
Β« previous page Β» next page
Filters