Security Vulnerabilities - CVEs Published In August 2024
A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-08-05
dzzoffice 2.02.1 is vulnerable to Directory Traversal via user/space/about.php.
CVSS Score
8.8
EPSS Score
0.021
Published
2024-08-05
microweber 2.0.16 was discovered to contain a Cross Site Scripting (XSS) vulnerability via userfiles\modules\tags\add_tagging_tagged.php.
CVSS Score
6.1
EPSS Score
0.01
Published
2024-08-05
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.
CVSS Score
6.0
EPSS Score
0.014
Published
2024-08-05
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.
CVSS Score
7.9
EPSS Score
0.017
Published
2024-08-05
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.
CVSS Score
6.0
EPSS Score
0.009
Published
2024-08-05
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.
CVSS Score
8.4
EPSS Score
0.002
Published
2024-08-05
Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
CVSS Score
8.4
EPSS Score
0.002
Published
2024-08-05
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.
CVSS Score
8.4
EPSS Score
0.001
Published
2024-08-05
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.
CVSS Score
7.5
EPSS Score
0.005
Published
2024-08-05