Security Vulnerabilities - CVEs Published In May 2024
Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.
CVSS Score
4.8
EPSS Score
0.004
Published
2024-05-14
QuickJS commit 3b45d15 was discovered to contain an Assertion Failure via JS_FreeRuntime(JSRuntime *) at quickjs.c.
CVSS Score
4.0
EPSS Score
0.0
Published
2024-05-14
NULL pointer access vulnerability in the clock module
Impact: Successful exploitation of this vulnerability will affect availability.
CVSS Score
5.9
EPSS Score
0.0
Published
2024-05-14
Cracking vulnerability in the OS security module
Impact: Successful exploitation of this vulnerability will affect availability.
CVSS Score
6.8
EPSS Score
0.0
Published
2024-05-14
Privilege escalation vulnerability in the account module
Impact: Successful exploitation of this vulnerability will affect availability.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-05-14
Race condition vulnerability in the binder driver module
Impact: Successful exploitation of this vulnerability will affect availability.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-05-14
Out-of-bounds access vulnerability in the memory module
Impact: Successful exploitation of this vulnerability will affect availability.
CVSS Score
5.6
EPSS Score
0.0
Published
2024-05-14
Denial of service (DoS) vulnerability in the AMS module
Impact: Successful exploitation of this vulnerability will affect availability.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-05-14
Permission verification vulnerability in the wpa_supplicant module
Impact: Successful exploitation of this vulnerability will affect availability.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-05-14
Insufficient verification vulnerability in the baseband module
Impact: Successful exploitation of this vulnerability will affect availability.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-05-14