Total 279297 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-4811 2025-01-16 2.2 Low
In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts.
CVE-2024-48463 1 Usebruno 1 Bruno 2025-01-16 6.5 Medium
Bruno before 1.29.1 uses Electron shell.openExternal without validation (of http or https) for opening windows within the Markdown docs viewer.
CVE-2023-7033 2025-01-16 5.3 Medium
Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-R series CPU module, MELSEC iQ-L series CPU module, MELSEC iQ-R Ethernet Interface Module, MELSEC iQ-R CC-Link IE TSN Master/Local Module, CC-Link IE TSN Remote I/O Module, CC-Link IE TSN Analog-Digital Converter Module, CC-Link IE TSN Digital-Analog Converter Module, CC-Link IE TSN - CC-Link IE Field Network Bridge Module, CC-Link IE TSN - AnyWireASLINK Bridge Module, CC-Link IE TSN FPGA Module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY, MELSEC iQ-R Motion Module, MELSEC iQ-L Motion Module, MELSEC iQ-F FX5 Motion Module, MELSEC iQ-F Series CPU module, MELSEC iQ-F Series Ethernet module, MELSEC iQ-F Series Ethernet/IP module, MELSEC iQ-F Series OPC UA Module, MELSEC iQ-F Series CC-Link IE TSN master/local module, GOT2000 Series CC-Link IE TSN Communication Unit, FR-A800-E series inverters, FR-F800-E series inverters, FR-E800-E series inverters, INVERTER CC-Link IE TSN Plug-in option, INVERTER CC-Link IE TSN Safety Plug-in option, INVERTER CC-Link IE TSN communication function built-in type, MR-J5 series AC Servos MELSERVO, MR-JET series AC Servos MELSERVO, MR-MD333G series AC Servos MELSERVO, MR-JE series AC Servos MELSERVO, MELSERVO-J4 AC Servos MELSERVO and Embedded Type Servo System Controller allow a remote attacker to cause a temporary Denial of Service condition for a certain period of time in Ethernet communication of the products by performing TCP SYN Flood attack.
CVE-2023-6943 1 Mitsubishielectric 10 Ezsocket, Fr Configurator2, Got1000 and 7 more 2025-01-16 9.8 Critical
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) versions 1.320J and prior, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E to 2.102G, MT Works2 versions 1.190Y and prior, MX Component versions 4.00A to 5.007H and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products.
CVE-2023-6942 1 Mitsubishielectric 10 Ezsocket, Fr Configurator2, Got1000 and 7 more 2025-01-16 7.5 High
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) versions 1.320J and prior, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E to 2.102G, MT Works2 versions 1.190Y and prior, MX Component versions 4.00A to 5.007H and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally.
CVE-2024-10401 2025-01-16 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2022-21384 2025-01-16 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2021-39275.
CVE-2021-35685 2025-01-16 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2022-21371
CVE-2021-35684 2025-01-16 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2022-21306.
CVE-2005-2773 1 Hp 1 Openview Network Node Manager 2025-01-15 9.8 Critical
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
CVE-2025-22976 2025-01-15 N/A
SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the "checkOrder.php" shopId module.
CVE-2024-41454 2025-01-15 N/A
An arbitrary file upload vulnerability in the UI login page logo upload function of Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary code via uploading a crafted PHP or HTML file.
CVE-2024-39967 2025-01-15 N/A
Insecure permissions in Aginode GigaSwitch v5 allows attackers to access sensitive information via using the SCP command.
CVE-2024-21308 1 Microsoft 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more 2025-01-15 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21317 1 Microsoft 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more 2025-01-15 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21331 1 Microsoft 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more 2025-01-15 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21332 1 Microsoft 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more 2025-01-15 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21333 1 Microsoft 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more 2025-01-15 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21335 1 Microsoft 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more 2025-01-15 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21373 1 Microsoft 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more 2025-01-15 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability