Security Vulnerabilities - CVEs Published In January 2024
A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges.
CVSS Score
10.0
EPSS Score
0.009
Published
2024-01-26
A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
CVSS Score
9.6
EPSS Score
0.1
Published
2024-01-26
A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
CVSS Score
9.6
EPSS Score
0.1
Published
2024-01-26
A command injection vulnerability exists in the ‘SaveSysLogParams’
parameter of the Motorola MR2600. A remote attacker can exploit this
vulnerability to achieve command execution. Authentication is required,
however can be bypassed.
CVSS Score
9.0
EPSS Score
0.012
Published
2024-01-26
A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution.
CVSS Score
9.6
EPSS Score
0.024
Published
2024-01-26
An arbitrary code execution vulnerability exists in Arris SURFboard SGB6950AC2 devices. An unauthenticated attacker can exploit this vulnerability to achieve code execution as root.
CVSS Score
9.6
EPSS Score
0.003
Published
2024-01-26
A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote, unauthenticated attacker can exploit this vulnerability to achieve information disclosure or remote code execution.
CVSS Score
9.8
EPSS Score
0.009
Published
2024-01-26
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, authenticated attacker can exploit this vulnerability to escalate privileges to SYSTEM.
CVSS Score
8.8
EPSS Score
0.0
Published
2024-01-26
A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution.
CVSS Score
10.0
EPSS Score
0.009
Published
2024-01-26
A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.
CVSS Score
10.0
EPSS Score
0.077
Published
2024-01-26