Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flex vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40110
In multiple functions of MtpPacket.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
NA
CVE-2023-40112
In ippSetValueTag of ipp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of past print jobs or other print-related information, with no additional execution privileges needed. User interaction is not needed ...
NA
CVE-2023-40113
In multiple locations, there is a possible way for apps to access cross-user message data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
NA
CVE-2023-40114
In multiple functions of MtpFfsHandle.cpp , there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
NA
CVE-2023-40118
Stable Channel Update for ChromeOS/ChromeOS Flex
NA
CVE-2023-2457
Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS before 113.0.5672.114 allowed a remote malicious user to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High)
Google Chrome
NA
CVE-2023-4369
Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS before 116.0.5845.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2023-4211
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
Arm 5th Gen Gpu Architecture Kernel Driver
Arm Midgard
Arm Bifrost
Arm Valhall
641
VMScore
CVE-2021-4212
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Lenovo C340-14iml Firmware -
Lenovo C340-15iml Firmware -
Lenovo D330-10igm Firmware -
Lenovo Duet 3-10igl5 Firmware -
Lenovo E41-50 Firmware -
Lenovo Flex-14iml Firmware -
Lenovo Flex-15iml Firmware -
Lenovo Ideapad 3-14are05 Firmware -
Lenovo Ideapad 3-15are05 Firmware -
Lenovo Ideapad 3-17are05 Firmware -
Lenovo Ideapad 5-14alc05 Firmware -
Lenovo Ideapad 5-14are05 Firmware -
Lenovo Ideapad 5-15itl05 Firmware -
Lenovo Ideapad 5 Pro-14acn6 Firmware -
Lenovo Ideapad 5 Pro-14itl6 Firmware -
Lenovo Ideapad 5 Pro-16ihu6 Firmware -
Lenovo Ideapad Creator 5-15imh05 Firmware -
Lenovo Ideapad Gaming 3-15ach6 Firmware -
Lenovo Ideapad Gaming 3-15arh05 Firmware -
Lenovo Ideapad Gaming 3-15imh05 Firmware -
Lenovo L340-15irh Firmware -
Lenovo L340-15iwl Firmware -
295
VMScore
CVE-2020-29374
An issue exists in the Linux kernel prior to 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write acce...
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp 500f Firmware -
Netapp A250 Firmware -
Netapp H410c Firmware -
Netapp Solidfire \\& Hci Management Node -
Netapp Hci Compute Node Bios -
Netapp Solidfire \\& Hci Storage Node -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »