Security Vulnerabilities - CVEs Published In January 2024
An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-01-09
Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-01-09
An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-01-09
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to sensitive cookie without secure attribute. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-250117 was assigned to this vulnerability.
CVSS Score
3.7
EPSS Score
0.0
Published
2024-01-09
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-250118 is the identifier assigned to this vulnerability.
CVSS Score
3.1
EPSS Score
0.001
Published
2024-01-09
AMI’s SPx contains
a vulnerability in the BMC where an Attacker may cause an
untrusted pointer to dereference via a local network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-01-09
AMI’s SPx contains
a vulnerability in the BMC where an Attacker may cause a
stack-based buffer overflow via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
CVSS Score
9.6
EPSS Score
0.0
Published
2024-01-09
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
CVSS Score
8.3
EPSS Score
0.0
Published
2024-01-09
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
CVSS Score
8.3
EPSS Score
0.0
Published
2024-01-09
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a stack memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
CVSS Score
8.3
EPSS Score
0.0
Published
2024-01-09