Total
277619 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-33016 | 1 Qualcomm | 297 315 5g Iot Modem Firmware, 9205 Lte Modem Firmware, Aqt1000 Firmware and 294 more | 2024-09-03 | 6.8 Medium |
| memory corruption when an invalid firehose patch command is invoked. | ||||
| CVE-2024-23364 | 1 Qualcomm | 166 Ar8035 Firmware, Fastconnect 6200 Firmware, Fastconnect 6700 Firmware and 163 more | 2024-09-03 | 7.5 High |
| Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). | ||||
| CVE-2024-8371 | 2024-09-03 | N/A | ||
| Duplicate of CVE-2024-45305. | ||||
| CVE-2024-44916 | 1 Seacms | 1 Seacms | 2024-09-03 | 7.2 High |
| Vulnerability in admin_ip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution. | ||||
| CVE-2024-44918 | 1 Seacms | 1 Seacms | 2024-09-03 | 3.5 Low |
| A cross-site scripting (XSS) vulnerability in the component admin_datarelate.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2024-41718 | 2024-09-03 | N/A | ||
| ** REJECT ** DO NOT USE THIS CVE ID. ConsultIDs: CVE-2024-39771. Reason: This CVE ID is a reservation duplicate of CVE-2024-39771. Notes: All CVE users should reference CVE-2024-39771 instead of this CVE ID. All references and descriptions in this CVE ID have been removed to prevent accidental usage. | ||||
| CVE-2022-48936 | 1 Redhat | 1 Enterprise Linux | 2024-08-31 | 0.0 Low |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-41864 | 1 Adobe | 1 Substance 3d Designer | 2024-08-31 | 7.8 High |
| Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-25562 | 1 Intel | 2 Distribution For Gdb, Oneapi Base Toolkit | 2024-08-31 | 5.8 Medium |
| Improper buffer restrictions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2024-24973 | 1 Intel | 2 Distribution For Gdb, Oneapi Base Toolkit | 2024-08-31 | 2.2 Low |
| Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2024-23495 | 1 Intel | 3 Distribution For Gdb, Distribution For Gdb Software, Oneapi Base Toolkit | 2024-08-31 | 6.7 Medium |
| Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-23491 | 1 Intel | 3 Distribution For Gdb, Distribution For Gdb Software, Oneapi Base Toolkit | 2024-08-31 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-7651 | 1 Appcheap | 1 App Builder | 2024-08-31 | 5.6 Medium |
| The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to limited SQL Injection via the ‘app-builder-search’ parameter in all versions up to, and including, 4.2.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | ||||
| CVE-2024-7032 | 1 Zaytech | 1 Smart Online Order For Clover | 2024-08-31 | 6.5 Medium |
| The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'moo_deactivateAndClean' function in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to deactivate the plugin and drop all plugin tables from the database. | ||||
| CVE-2024-7030 | 1 Zaytech | 1 Smart Online Order For Clover | 2024-08-31 | 4.3 Medium |
| The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update product and category descriptions, category titles and images, and sort order. | ||||
| CVE-2024-42939 | 1 Yzncms | 1 Yzncms | 2024-08-31 | 4.6 Medium |
| A cross-site scripting (XSS) vulnerability in the component /index/index.html of YZNCMS v1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the configured remarks text field. | ||||
| CVE-2022-4538 | 2024-08-30 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error and is not a valid vulnerability. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2022-4528 | 2024-08-30 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error and is not a valid vulnerability. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2022-4412 | 2024-08-30 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error and is not a valid vulnerability. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2024-42379 | 2024-08-30 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||