We have the latest and free cve coupon codes, discounts and promotion codes to give you the best savings. To use a coupon, simply click the coupon code and enter the code when checking out at the store.
CVE-2023-28081 : A bytecode optimization bug in Hermes prior to commit could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this ...
CVE-2023-27851 NETGEAR Nighthawk Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device.
CVE-2023-26602 ASUS iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution. (CVSS:0.0) (Last Update:2…
CVE-2023-26602 : ASUS iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution....
CVE-2021-32853 Erxes, an experience operating system () with a set of plugins, is vulnerable to cross-site scripting in versions 0.22.3 and prior. This results in client-side code execution. The victim must fol...
CVE-2022-32470 : An issue was discovered in Insyde with #kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corrupt...
CVE-2022-32953 : An issue was discovered in Insyde with #kernel 5.0 through 5.5. DMA attacks on the SdHostDriver buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM...
CVE-2022-32474 : An issue was discovered in Insyde with #kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to...
CVE-2022-43779 A potential Time-of-Check to Time-of-Use () vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial...
CVE-2022-34885 An improper input sanitization vulnerability in the Motorola router could allow a local user with elevated permissions to execute arbitrary code.
CVE-2022-34885 : An improper input sanitization vulnerability in the Motorola router could allow a local user with elevated permissions to execute arbitrary code....
According to the source code, it seems that the i915 TLB flush has not been handled very well for a long time, crashes (very easy), memory leak: easy () with malicious code, privilege scalation (difficult). 1of2
CVE-2022-42276 : NVIDIA DGX contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of servic...
CVE-2022-43973 An arbitrary code execution vulnerability exisits in Linksys Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user i...
CVE-2022-43971 : An arbitrary code exection vulnerability exists in Linksys Wireless-AC Universal Media Connector with firmware <= 1.0.02 build3 . The do_setNTP function within the httpd binary uses unvalidated user input in the...
CVE-2022-43973 : An arbitrary code execution vulnerability exisits in Linksys Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the constructi...
CVE-2022-24118 : Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, before 2.0....
CVE-2021-26391 Insufficient verification of multiple header signatures while loading a Trusted Application () may allow an attacker with privileges to gain code execution in that or the OS/kernel.
CVE-2022-34916 Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote code execution () attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control...
CVE-2022-35407 An issue was discovered in Insyde with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can chan...
CVE-2022-35407 : An issue was discovered in Insyde with #kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certa...
CVE-2022-35897 : An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde with #kernel 5.0 through 5.5. If the attacker modifies specific UEFI variables, it can cause a stack overfl...
CVE-2020-21016 D-Link DIR-846 devices with firmware allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php. (CVSS:0.0) (Last Update:2022-10-31)
CVE-2020-21016 : D-Link DIR-846 devices with firmware allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php....
CVE-2022-29823 Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution () with privileges of application. (CVSS:0.0) (Last Update:2022-10-26)
CVE-2022-42719 : A use-after-free in the stack when parsing a multi-BSSID element in the #Linux #kernel 5.2 through 5.19.14 could be used by attackers able to inject WLAN frames to crash the kernel and potentially execute code....
CVE-2022-31029 : AdminLTE is a Pi-hole Dashboard for stats and configuration. In affected versions inserting code like `<script>alert "" </script>` in the field marked with "Domain to look for" and hitting <kbd>enter</kbd> or clickin...
CVE-2022-33743 network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references () retained for further processing to nevertheles…
CVE-2022-29522 Use after free vulnerability exists in the simulator module contained in the graphic editor '' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a spec…
CVE-2022-21504 : The code in U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another...