Total
30629 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-1744 | 2 Accordors, Ariva Computer | 2 Accord Ors, Accord Ors | 2024-09-13 | 7.5 High |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data.This issue affects Accord ORS: before 7.3.2.1. | ||||
| CVE-2024-45442 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-13 | 5.1 Medium |
| Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2021-22529 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 6.3 Medium |
| A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1 | ||||
| CVE-2024-5760 | 3 Hp Inc, Microsoft, Samsung | 3 Samsung Universal Print Driver, Windows, Universal Print Driver | 2024-09-13 | 8.4 High |
| The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018. | ||||
| CVE-2024-8695 | 1 Docker | 2 Desktop, Docker Desktop | 2024-09-13 | 9.8 Critical |
| A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. | ||||
| CVE-2024-8696 | 1 Docker | 2 Desktop, Docker Desktop | 2024-09-13 | 9.8 Critical |
| A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2. | ||||
| CVE-2024-41856 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-09-13 | 7.8 High |
| Illustrator versions 28.5, 27.9.4, 28.6, 27.9.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-43259 | 2 Jem-products, Jem Plugins | 2 Order Export For Woocommerce, Order Expert For Woocommerce | 2024-09-12 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order Export for WooCommerce.This issue affects Order Export for WooCommerce: from n/a through 3.23. | ||||
| CVE-2024-43258 | 1 Storelocatorplus | 1 Store Locator Plus | 2024-09-12 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Store Locator Plus.This issue affects Store Locator Plus: from n/a through 2311.17.01. | ||||
| CVE-2024-43257 | 1 Nouthemes | 1 Leopard | 2024-09-12 | 6.5 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Nouthemes Leopard - WordPress offload media.This issue affects Leopard - WordPress offload media: from n/a through 2.0.36. | ||||
| CVE-2024-36446 | 1 Mitel | 1 Mivoice Mx-one | 2024-09-12 | 8.8 High |
| The provisioning manager component of Mitel MiVoice MX-ONE through 7.6 SP1 could allow an authenticated attacker to conduct an authentication bypass attack due to improper access control. A successful exploit could allow an attacker to bypass the authorization schema. | ||||
| CVE-2024-8399 | 1 Mozilla | 1 Firefox Focus | 2024-09-12 | 4.7 Medium |
| Websites could utilize Javascript links to spoof URL addresses in the Focus navigation bar This vulnerability affects Focus for iOS < 130. | ||||
| CVE-2024-42039 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-12 | 4.3 Medium |
| Access control vulnerability in the SystemUI module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-45441 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-12 | 6.2 Medium |
| Input verification vulnerability in the system service module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-45450 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-12 | 4 Medium |
| Permission control vulnerability in the software update module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-34163 | 1 Intel | 27 Lapac71g Firmware, Lapac71h Firmware, Lapbc510 Firmware and 24 more | 2024-09-12 | 7.5 High |
| Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access. | ||||
| CVE-2024-28947 | 1 Intel | 1 Server Board S2600st Firmware | 2024-09-12 | 8.2 High |
| Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-45054 | 1 Hwameistor | 1 Hwameistor | 2024-09-12 | 2.8 Low |
| Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has * verbs of * resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. This issue has been patched in version 0.14.6. All users are advised to upgrade. Users unable to upgrade should update and limit the ClusterRole using security-role. | ||||
| CVE-2023-26324 | 2 Mi, Xiaomi | 2 Getapps, Getapps Application | 2024-09-12 | 8.8 High |
| A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code. | ||||
| CVE-2023-26322 | 2 Mi, Xiaomi | 2 Getapps, Getapps Application | 2024-09-12 | 8.8 High |
| A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code. | ||||