Total
28677 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-5288 | 2 Sick, Sick Ag | 3 Sim1012-0p0g200, Sim1012-0p0g200 Firmware, Sim1012 | 2024-09-23 | 9.8 Critical |
A remote unauthorized attacker may connect to the SIM1012, interact with the device and change configuration settings. The adversary may also reset the SIM and in the worst case upload a new firmware version to the device. | ||||
CVE-2024-37340 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-09-23 | 8.8 High |
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | ||||
CVE-2024-37338 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-09-23 | 8.8 High |
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | ||||
CVE-2024-37337 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-09-23 | 7.1 High |
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | ||||
CVE-2024-37335 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-09-23 | 8.8 High |
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | ||||
CVE-2024-26191 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-09-23 | 8.8 High |
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | ||||
CVE-2024-26186 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-09-23 | 8.8 High |
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | ||||
CVE-2024-37341 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-09-23 | 8.8 High |
Microsoft SQL Server Elevation of Privilege Vulnerability | ||||
CVE-2023-44464 | 1 Rami | 1 Pretix | 2024-09-23 | 7.8 High |
pretix before 2023.7.2 allows Pillow to parse EPS files. | ||||
CVE-2022-39422 | 1 Oracle | 1 Vm Virtualbox | 2024-09-23 | 7.5 High |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.38. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H). | ||||
CVE-2024-37342 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-09-23 | 7.1 High |
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | ||||
CVE-2024-32498 | 2 Openstack, Redhat | 4 Cinder, Glance, Nova and 1 more | 2024-09-23 | 6.5 Medium |
An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Cinder and Nova deployments are affected; only Glance deployments with image conversion enabled are affected. | ||||
CVE-2023-32819 | 2 Google, Mediatek | 15 Android, Mt6765, Mt6768 and 12 more | 2024-09-23 | 4.4 Medium |
In display, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS08014138. | ||||
CVE-2022-39410 | 3 Netapp, Oracle, Redhat | 5 Oncommand Insight, Oncommand Workflow Automation, Mysql and 2 more | 2024-09-23 | 6.5 Medium |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | ||||
CVE-2022-39411 | 1 Oracle | 1 Transportation Management | 2024-09-23 | 4.9 Medium |
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Supported versions that are affected are 6.4.3 and 6.5.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Transportation Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Transportation Management accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). | ||||
CVE-2022-39417 | 1 Oracle | 1 Solaris | 2024-09-23 | 5.5 Medium |
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | ||||
CVE-2022-39419 | 1 Oracle | 1 Java Virtual Machine | 2024-09-23 | 4.3 Medium |
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java VM accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). | ||||
CVE-2022-39420 | 1 Oracle | 1 Transportation Management | 2024-09-23 | 5.4 Medium |
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Functional Security). Supported versions that are affected are 6.4.3 and 6.5.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportation Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Transportation Management accessible data as well as unauthorized read access to a subset of Oracle Transportation Management accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). | ||||
CVE-2022-39423 | 1 Oracle | 1 Vm Virtualbox | 2024-09-23 | 6 Medium |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.38. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). | ||||
CVE-2024-30073 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2024-09-23 | 7.8 High |
Windows Security Zone Mapping Security Feature Bypass Vulnerability |