VIR Vulnerability Intelligence Relay

Search

Found 30 results in 75ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-34926 medium 6.7 8.2 KEV trendmicro 13d ago Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to depl…
CVE-2026-45498 medium 4.0 5.5 KEV windows windows microsoft 15d ago Microsoft Defender contains an unspecified vulnerability that allows for denial of service.
CVE-2026-32202 medium 4.3 6.8 KEVEXPFIX windows windows 2mo ago Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-32201 medium 6.5 8.0 KEV microsoft 2mo ago Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.
CVE-2021-30952 medium 7.0 KEVFIX sles rockydebian debian 3mo ago Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the processing of maliciously crafted web content that may lead to arbitrary code executio…
CVE-2024-53150 medium 7.0 KEVFIX rhel rocky sles 1y ago Linux Kernel contains an out-of-bounds read vulnerability in the USB-audio driver that allows a local, privileged attacker to obtain potentially sensitive information.
CVE-2025-24813 medium 8.0 KEVEXPFIX rhel rocky sles 1y ago Apache Tomcat contains a path equivalence vulnerability that allows a remote attacker to execute code, disclose information, or inject malicious content via a partial PUT request.
CVE-2024-50302 medium 5.5 7.0 KEVFIX rhel rocky sles 1y ago The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory via a specially crafted HID report.
CVE-2023-20867 low 4.0 KEVFIX rhel rocky sles 3y ago VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the…
CVE-2022-2586 medium 7.0 KEVFIX rhelalmalinux almalinux rocky 4y ago Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges.
CVE-2022-32893 medium 7.0 KEVFIX arch arch rhel sles 4y ago Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.
CVE-2019-8720 medium 7.0 KEVFIX sles rockydebian debian 4y ago WebKitGTK contains a memory corruption vulnerability which can allow an attacker to perform remote code execution.
CVE-2021-1789 medium 7.0 KEVFIX arch arch sles rocky 4y ago A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.
CVE-2019-8506 low 5.0 KEVEXPFIX rockydebian debian rhel 4y ago A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.
CVE-2022-22620 medium 7.0 KEVFIX arch arch sles rocky 4y ago Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers t…
CVE-2021-22204 medium 8.0 KEVEXPFIX arch archdebian debian 5y ago Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
CVE-2021-30858 medium 7.0 KEVFIX arch arch sles rocky 5y ago Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers t…
CVE-2021-30762 medium 7.0 KEVFIX arch arch rockydebian debian 5y ago Apple iOS WebKit contains a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, in…
CVE-2021-30761 medium 7.0 KEVFIX arch arch rockydebian debian 5y ago Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit,…
CVE-2021-30666 medium 7.0 KEVFIX arch arch rockydebian debian 5y ago Apple iOS WebKit contains a buffer-overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, i…
CVE-2021-30665 medium 7.0 KEVFIX arch arch rockydebian debian 5y ago Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could imp…
CVE-2021-30663 medium 7.0 KEVFIX arch arch rockydebian debian 5y ago Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impa…
CVE-2021-30661 medium 7.0 KEVFIX arch arch rockydebian debian 5y ago Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerabil…
CVE-2021-1871 medium 7.0 KEVFIX arch arch sles rocky 5y ago Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including b…
CVE-2021-1870 medium 7.0 KEVFIX arch arch sles rocky 5y ago Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including b…
CVE-2020-1472 medium 8.0 KEVEXPFIX arch arch sles rocky 5y ago Microsoft's Netlogon Remote Protocol (MS-NRPC) contains a privilege escalation vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller. An at…
CVE-2020-36193 medium 7.0 KEVFIX arch arch sles rocky 5y ago PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-sour…
CVE-2020-28949 medium 8.0 KEVEXPFIX rockydebian debian rhel 6y ago PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and di…
CVE-2020-1938 medium 8.0 KEVEXPFIX sles rockydebian debian 6y ago Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploit…
CVE-2020-11023 medium 8.0 KEVEXPFIX rhel rocky sles 6y ago JQuery contains a persistent cross-site scripting (XSS) vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in …