CWE-345 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-28865	1 Dieboldnixdorf	1 Vynamic Security Suite	2024-08-19	6.6 Medium
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR15, 4.0.0 SR05, 4.1.0 SR03, and 4.2.0 SR02 fails to validate the directory contents of certain directories (e.g., ensuring the expected hash sum) during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.
CVE-2023-20576			2024-02-13	7.7 High
A vulnerability was found in AMD hardware due to insufficient verification of data authenticity in AGESA. This issue may allow a local unauthenticated attacker to update SPI ROM data, potentially resulting in denial of service or privilege escalation.

« first previous Page 28 of 28.