8.5
CVE-2024-37355 -
Improper access control in some Intel(R) Graphics software may allow an authenticated user to potentially enable escalation of privilege via local access.
5.1
CVE-2024-31153 -
Improper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable denial of service via local access.
4.3
CVE-2023-32277 -
Untrusted Pointer Dereference in I/O subsystem for some Intel(R) QAT software before version 2.0.5 may allow authenticated user to potentially enable information disclosure via local operating system access.
5.4
CVE-2024-29223 -
Uncontrolled search path for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
7.3
CVE-2024-31858 -
Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
5.3
CVE-2025-0113 - Cortex XDR Broker VM: Unauthorized Access to Broker VM Docker Containers
A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to the β¦
7.5
CVE-2025-0110 - PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the β__openconfβ¦
5.3
CVE-2025-1227 - ywoa AddressDao.xml selectList sql injection
A vulnerability was found in ywoa up to 2024.07.03. It has been rated as critical. This issue affects the function selectList of the file com/cloudweb/oa/mapper/xml/AddressDao.xml. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the pβ¦
5.9
CVE-2025-0111 - PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the βnobodyβ user. You can greatly reduce the risk of this issue by rβ¦
2.1
CVE-2025-0109 - PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface
An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the βnobodyβ user; this includes limited logs and configuration files but does β¦