Total 262913 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-38242 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2024-09-14 7.8 High
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38241 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2024-09-14 7.8 High
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38240 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-09-14 8.1 High
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-38236 1 Microsoft 8 Windows Server 2008 R2, Windows Server 2008 Sp2, Windows Server 2012 and 5 more 2024-09-14 7.5 High
DHCP Server Service Denial of Service Vulnerability
CVE-2024-38230 1 Microsoft 4 Windows Server 2012 R2, Windows Server 2016, Windows Server 2019 and 1 more 2024-09-14 6.5 Medium
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2024-38188 1 Microsoft 1 Azure Network Watcher Agent For Windows 2024-09-14 7.1 High
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2024-38220 1 Microsoft 1 Azure Stack Hub 2024-09-14 9 Critical
Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38216 1 Microsoft 1 Azure Stack Hub 2024-09-14 8.2 High
Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38018 1 Microsoft 1 Sharepoint Server 2024-09-14 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-26191 1 Microsoft 1 Sql Server 2024-09-14 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-26186 1 Microsoft 1 Sql Server 2024-09-14 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37342 1 Microsoft 1 Sql Server 2024-09-14 7.1 High
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37337 1 Microsoft 1 Sql Server 2024-09-14 7.1 High
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37339 1 Microsoft 1 Sql Server 2024-09-14 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37340 1 Microsoft 1 Sql Server 2024-09-14 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37335 1 Microsoft 1 Sql Server 2024-09-14 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37966 1 Microsoft 1 Sql Server 2024-09-14 7.1 High
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37338 1 Microsoft 1 Sql Server 2024-09-14 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-1394 1 Redhat 23 Ansible Automation Platform, Ansible Automation Platform Developer, Ansible Automation Platform Inside and 20 more 2024-09-14 7.5 High
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.
CVE-2023-4959 1 Redhat 1 Quay 2024-09-14 6.5 Medium
A flaw was found in Quay. Cross-site request forgery (CSRF) attacks force a user to perform unwanted actions in an application. During the pentest, it was detected that the config-editor page is vulnerable to CSRF. The config-editor page is used to configure the Quay instance. By coercing the victim’s browser into sending an attacker-controlled request from another domain, it is possible to reconfigure the Quay instance (including adding users with admin privileges).