Show filters
392 Total Results
Displaying 1-10 of 392
Sort by:
Attacker Value
Unknown
CVE-2025-27306
Disclosure Date: February 24, 2025 (last updated February 25, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pathomation Pathomation allows Stored XSS. This issue affects Pathomation: from n/a through 2.5.1.
0
Attacker Value
Unknown
CVE-2025-26756
Disclosure Date: February 22, 2025 (last updated February 23, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in grimdonkey Magic the Gathering Card Tooltips allows Stored XSS. This issue affects Magic the Gathering Card Tooltips: from n/a through 3.5.0.
0
Attacker Value
Unknown
CVE-2025-1302
Disclosure Date: February 15, 2025 (last updated February 27, 2025)
Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode.
**Note:**
This is caused by an incomplete fix for [CVE-2024-21534](https://security.snyk.io/vuln/SNYK-JS-JSONPATHPLUS-7945884).
0
Attacker Value
Unknown
CVE-2024-21971
Disclosure Date: February 12, 2025 (last updated February 27, 2025)
Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leading to denial of service.
0
Attacker Value
Unknown
CVE-2023-31345
Disclosure Date: February 12, 2025 (last updated February 27, 2025)
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
0
Attacker Value
Unknown
CVE-2023-20508
Disclosure Date: February 12, 2025 (last updated February 27, 2025)
Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability.
0
Attacker Value
Unknown
CVE-2023-31343
Disclosure Date: February 11, 2025 (last updated February 27, 2025)
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
0
Attacker Value
Unknown
CVE-2023-31342
Disclosure Date: February 11, 2025 (last updated February 27, 2025)
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
0
Attacker Value
Unknown
CVE-2023-20515
Disclosure Date: February 11, 2025 (last updated February 27, 2025)
Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability.
0
Attacker Value
Unknown
CVE-2024-21925
Disclosure Date: February 11, 2025 (last updated February 27, 2025)
Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.
0
