| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for unauthenticated attackers to bypass the geolocation blocking mechanism by appending the key to any URL on sites where the administrator has not changed the default value. |
| HCL AION is affected by a Cookie with Insecure, Improper, or Missing SameSite vulnerability. This can allow cookies to be sent in cross-site requests, potentially increasing exposure to cross-site request forgery and related security risks. This issue affects AION: 2.0. |
| Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network. |
| A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration. |
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| Windows Workstation Service Elevation of Privilege Vulnerability |
| Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability |
| DHCP Server Service Remote Code Execution Vulnerability |
| Microsoft Xbox Remote Code Execution Vulnerability |
| Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability |
| Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
