Search Results (365367 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-26191 1 Microsoft 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-26186 1 Microsoft 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37342 1 Microsoft 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more 2024-12-31 7.1 High
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37337 1 Microsoft 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more 2024-12-31 7.1 High
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37339 1 Microsoft 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37340 1 Microsoft 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37335 1 Microsoft 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37338 1 Microsoft 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2023-1329 1 Hp 1914 Laserjet Managed Mfp E62665 3gy14a, Laserjet Managed Mfp E62665 3gy14a Firmware, Laserjet Managed Mfp E62665 3gy15a and 1911 more 2024-12-31 9.8 Critical
A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products.
CVE-2024-52048 1 Trendmicro 2 Apexone Op, Apexone Saas 2024-12-31 7.8 High
A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52049. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2024-52049 1 Trendmicro 2 Apexone Op, Apexone Saas 2024-12-31 7.8 High
A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52048. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2024-52050 1 Trendmicro 2 Apexone Op, Apexone Saas 2024-12-31 7.8 High
A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2023-35146 1 Jenkins 1 Template Workflows 2024-12-31 5.4 Medium
Jenkins Template Workflows Plugin 41.v32d86a_313b_4a and earlier does not escape names of jobs used as buildings blocks for Template Workflow Job, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create jobs.
CVE-2023-35148 1 Jenkins 1 Digital.ai App Management Publisher 2024-12-31 6.5 Medium
A cross-site request forgery (CSRF) vulnerability in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins.
CVE-2023-35147 1 Jenkins 1 Aws Codecommit Trigger 2024-12-31 6.5 Medium
Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not restrict the AWS SQS queue name path parameter in an HTTP endpoint, allowing attackers with Item/Read permission to obtain the contents of arbitrary files on the Jenkins controller file system.
CVE-2024-2071 1 Remyandrade 1 Faq Management System 2024-12-31 3.5 Low
A vulnerability, which was classified as problematic, has been found in SourceCodester FAQ Management System 1.0. Affected by this issue is some unknown functionality of the component Update FAQ. The manipulation of the argument Frequently Asked Question leads to cross site scripting. The attack may be launched remotely. VDB-255386 is the identifier assigned to this vulnerability.
CVE-2024-55631 1 Trendmicro 2 Apexone Op, Apexone Saas 2024-12-31 7.8 High
An engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2024-55632 1 Trendmicro 2 Apexone Op, Apexone Saas 2024-12-31 7.8 High
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2024-55917 1 Trendmicro 2 Apexone Op, Apexone Saas 2024-12-31 7.8 High
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2021-39090 2 Ibm, Linux 2 Cloud Pak For Security, Linux Kernel 2024-12-31 5.9 Medium
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 216388.