Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 175990 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2022-34376 Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM. -- Feb 12, 2023 n/a
CVE-2022-34377 Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. -- Feb 12, 2023 n/a
CVE-2023-39250 Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks. -- Aug 16, 2023 n/a
CVE-2022-34387 Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system. -- Feb 12, 2023 n/a
CVE-2022-41644 Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their own privileges. -- Nov 2, 2022 n/a
CVE-2022-2757 Due to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS are vulnerable to an attacker viewing and modifying the application settings without authenticating by accessing a specific uniform resource locator (URL) on the webserver. -- Dec 16, 2022 n/a
CVE-2023-42493 EisBaer Scada - CWE-256: Plaintext Storage of a Password -- Oct 25, 2023 n/a
CVE-2023-24576 EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the NetWorker Client execution service (nsrexecd) irrespective of any auth used. -- Feb 3, 2023 n/a
CVE-2024-1040 Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device. -- Feb 1, 2024 n/a
CVE-2023-3299 HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11. -- Jul 20, 2023 n/a
CVE-2022-40228 IBM DataPower Gateway 10.0.3.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.9, 2018.4.1.0 through 2018.4.1.22, and 10.5.0.0 through 10.5.0.2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235527. -- Nov 26, 2022 n/a
CVE-2020-5000 IBM Financial Transaction Manager 3.2.0 through 3.2.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192952. LOW Jun 15, 2021 n/a
CVE-2023-42019 IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. -- Dec 4, 2023 n/a
CVE-2023-40699 IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. -- Dec 4, 2023 n/a
CVE-2023-46174 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506. -- Dec 4, 2023 n/a
CVE-2023-42022 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938. -- Dec 4, 2023 n/a
CVE-2024-22319 IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145. -- Feb 6, 2024 n/a
CVE-2023-20597 Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. -- Sep 20, 2023 n/a
CVE-2022-39017 Improper input validation and output encoding in all comments fields, in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to introduce cross-site scripting attacks via specially crafted comments. -- Nov 1, 2022 n/a
CVE-2023-22450 In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an ASP script file to a webserver when logged in as manager user, which can lead to arbitrary code execution. -- Jun 6, 2023 n/a
CVE-2023-27856 In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation\'s ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ThinServer.exe is installed. -- Mar 24, 2023 n/a
CVE-2023-27603 In Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2. -- Apr 10, 2023 n/a
CVE-2023-27602 In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2.  For versions <=1.3.1, we suggest turning on the file path check switch in linkis.properties `wds.linkis.workspace.filesystem.owner.check=true` `wds.linkis.workspace.filesystem.path.check=true` -- Apr 10, 2023 n/a
CVE-2023-39936 In Ashlar-Vellum Graphite v13.0.48, the affected application lacks proper validation of user-supplied data when parsing VC6 files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. -- Oct 26, 2023 n/a
CVE-2023-46687 In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer. -- Feb 15, 2024 n/a
CVE-2023-43636 In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing the encrypted data located in the vault. As per the “measured boot” design, the PCR values calculated at different stages of the boot process will change if any of their respective parts are changed. This includes, among other things, the configuration of the bios, grub, the kernel cmdline, initrd, and more. However, this mechanism does not validate the entire rootfs, so an attacker can edit the filesystem and gain control over the system. As the default filesystem used by EVE OS is squashfs, this is somewhat harder than an ext4, which is easily changeable. This will not stop an attacker, as an attacker can repackage the squashfs with their changes in it and replace the partition altogether. This can also be done directly on the device, as the “003-storage-init” container contains the “mksquashfs” and “unsquashfs” binaries (with the corresponding libs). An attacker can gain full control over the device without changing the PCR values, thus not triggering the “measured boot” mechanism, and having full access to the vault. Note: This issue was partially fixed in these commits (after disclosure to Zededa), where the config partition measurement was added to PCR13: • aa3501d6c57206ced222c33aea15a9169d629141 • 5fef4d92e75838cc78010edaed5247dfbdae1889. This issue was made viable in version 9.0.0 when the calculation was moved to PCR14 but it was not included in the measured boot. -- Sep 20, 2023 n/a
CVE-2023-21263 In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. -- Dec 5, 2023 n/a
CVE-2023-40049 In WS_FTP Server version prior to 8.8.2, an unauthenticated user could enumerate files under the \'WebServiceHost\' directory listing. -- Sep 27, 2023 n/a
CVE-2023-40048 In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to a WS_FTP Server administrative function. -- Sep 27, 2023 n/a
CVE-2023-40047 In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\'s Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.  Once the cross-site scripting payload is successfully stored,  an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser. -- Sep 27, 2023 n/a
CVE-2023-40045 In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a reflected cross-site scripting (XSS) vulnerability exists in WS_FTP Server\'s Ad Hoc Transfer module.  An attacker could leverage this vulnerability to target WS_FTP Server users with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser. -- Sep 27, 2023 n/a
CVE-2023-40046 In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a SQL injection vulnerability exists in the WS_FTP Server manager interface. An attacker may be able to infer information about the structure and contents of the database and execute SQL statements that alter or delete database elements. -- Sep 27, 2023 n/a
CVE-2023-42657 In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered.  An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path.  Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system. -- Sep 29, 2023 n/a
CVE-2024-3707 Information exposure vulnerability in OpenGnsys affecting version 1.1.1d (Espeto). This vulnerability allows an attacker to enumerate all files in the web tree by accessing a php file. -- Apr 15, 2024 n/a
CVE-2023-20559 Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges. -- Apr 2, 2023 n/a
CVE-2023-20562 Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. -- Aug 8, 2023 n/a
CVE-2024-25578 MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior contain a lack of proper validation of user-supplied data, which could result in memory corruption within the application. -- Mar 1, 2024 n/a
CVE-2023-24506 Milesight NCR/camera version 71.8.0.6-r5 exposes credentials through an unspecified request. -- May 9, 2023 n/a
CVE-2023-46706 Multiple MachineSense devices have credentials unable to be changed by the user or administrator. -- Feb 1, 2024 n/a
CVE-2023-25523 NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. -- Jul 10, 2023 n/a
CVE-2023-25515 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure. -- Jun 23, 2023 n/a
CVE-2023-6588 Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline. -- Dec 7, 2023 n/a
CVE-2023-39431 Sante DICOM Viewer Pro lacks proper validation of user-supplied data when parsing DICOM files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. -- Oct 19, 2023 n/a
CVE-2024-23806 Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could include credential and device administrator keys. -- Feb 7, 2024 n/a
CVE-2023-39372 StarTrinity Softswitch version 2023-02-16 - Multiple CSRF (CWE-352) -- Sep 4, 2023 n/a
CVE-2023-39371 StarTrinity Softswitch version 2023-02-16 - Open Redirect (CWE-601) -- Sep 4, 2023 n/a
CVE-2023-39370 StarTrinity Softswitch version 2023-02-16 - Persistent XSS (CWE-79) -- Sep 4, 2023 n/a
CVE-2023-29158 SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity. -- Jun 20, 2023 n/a
CVE-2023-41966 The application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a HTTP POST to set a parameter. -- Oct 26, 2023 n/a
CVE-2023-31426 The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information. -- Aug 1, 2023 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online