2025-06-14 Daily Vulns
NEW:
| CVE | vendor-product | description | metric | Referenceurl | title | GithubURL | |
|---|---|---|---|---|---|---|---|
| CVE-2023-43535 | Qualcomm, Inc. - Snapdragon | Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger. | CVSS3.1: 8.4 - HIGH | 0 | Exploitation: noneAutomatable: noTechnical Impact: partial | Improper Validation of Array Index in Display | github |
| CVE-2025-28382 | n/a - n/a | An issue in the openc3-api/tables endpoint of OpenC3 COSMOS 6.0.0 allows attackers to execute a directory traversal. | CNA n/a CVSS3.1: 7.5 - HIGH | 0 1 | Exploitation: pocAutomatable: yesTechnical Impact: partial | undefined | github |
| CVE-2022-4976 | ETJ - Archive::Unzip::Burst | Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities. The bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141. | CNA n/a CVSS3.1: 9.8 - CRITICAL | 0 | Exploitation: noneAutomatable: yesTechnical Impact: total | Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities | github |
| CVE-2023-20599 | AMD - AMD EPYC™ 7002 Series ProcessorsAMD - AMD EPYC™ 7003 Series ProcessorsAMD - AMD Ryzen™ Threadripper™ 3000 ProcessorsAMD - AMD Ryzen™ Threadripper™ PRO 3000 WX ProcessorsAMD - AMD Ryzen™ Threadripper™ PRO 5000 WX ProcessorsAMD - AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsAMD - AMD EPYC™ Embedded 7002 Series ProcessorsAMD - AMD EPYC™ Embedded 7003 Series Processors | Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86, resulting in potential loss of control of cryptographic key pointer/index, leading to loss of integrity or confidentiality. | CVSS3.1: 7.9 - HIGH | 0 | Exploitation: noneAutomatable: noTechnical Impact: total | undefined | github |
| CVE-2024-38823 | VMware - SALT | Salt’s request server is vulnerable to replay attacks when not using a TLS encrypted transport. | CVSS3.1: 2.7 - LOW | 0 1 | Exploitation: noneAutomatable: noTechnical Impact: partial | CVE-2024-38823 Salt Advisory | github |
| CVE-2025-29902 | Telex - Remote Dispatch Console ServerRTS - VLink Virtual Matrix Software | Remote code execution that allows unauthorized users to execute arbitrary code on the server machine. | CVSS3.1: 10 - CRITICAL | 0 | Exploitation: noneAutomatable: yesTechnical Impact: total | undefined | github |
This post is licensed under CC BY 4.0 by the author.