Total
11827 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0157 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2024-10-17 | 8.4 High |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle window messaging, which allows local users to gain privileges via a crafted application that calls the PostMessage function, aka "PostMessage Function Vulnerability." | ||||
| CVE-2011-0657 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2024-10-17 | 9.8 Critical |
| DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via (1) a crafted LLMNR broadcast query or (2) a crafted application, aka "DNS Query Vulnerability." | ||||
| CVE-2023-49610 | 1 Machinesense | 2 Feverwarn, Feverwarn Firmware | 2024-10-17 | 8.1 High |
| MachineSense FeverWarn Raspberry Pi-based devices lack input sanitization, which could allow an attacker on an adjacent network to send a message running commands or could overflow the stack. | ||||
| CVE-2022-36392 | 2 Intel, Intel And Intel Standard Manageability In Intel Csme | 135 B150, B250, B360 and 132 more | 2024-10-17 | 8.6 High |
| Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2024-21315 | 1 Microsoft | 14 Defender For Endpoint, Windows 10 1507, Windows 10 1607 and 11 more | 2024-10-17 | 7.8 High |
| Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability | ||||
| CVE-2024-9348 | 1 Docker | 1 Desktop | 2024-10-17 | N/A |
| Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view. | ||||
| CVE-2023-38060 | 1 Otrs | 1 Otrs | 2024-10-17 | 6.3 Medium |
| Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment. This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. | ||||
| CVE-2023-38057 | 1 Otrs | 1 Survey | 2024-10-17 | 4.1 Medium |
| An improper input validation vulnerability in OTRS Survey modules allows any attacker with a link to a valid and unanswered survey request to inject javascript code in free text answers. This allows a cross site scripting attack while reading the replies as authenticated agent. This issue affects OTRS Survey module from 7.0.X before 7.0.32, from 8.0.X before 8.0.13 and ((OTRS)) Community Edition Survey module from 6.0.X through 6.0.22. | ||||
| CVE-2024-33065 | 1 Qualcomm | 80 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 77 more | 2024-10-16 | 8.4 High |
| Memory corruption while taking snapshot when an offset variable is set by camera driver. | ||||
| CVE-2024-33066 | 1 Qualcomm | 142 Csr8811, Csr8811 Firmware, Immersive Home 214 Platform and 139 more | 2024-10-16 | 9.8 Critical |
| Memory corruption while redirecting log file to any file location with any file name. | ||||
| CVE-2024-43697 | 1 Openatom | 1 Openharmony | 2024-10-16 | 3.3 Low |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. | ||||
| CVE-2024-29155 | 2024-10-16 | 4.3 Medium | ||
| On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is received, the device becomes incapable of completing the pairing process. A third party can inject a second PairReqNoInputNoOutput request just after a real one, causing the pair request to be blocked. | ||||
| CVE-2024-48914 | 1 Vendure | 1 Vendure | 2024-10-16 | 9.1 Critical |
| Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data such as configuration files, environment variables, and other critical data stored on the server. In the same code path is an additional vector for crashing the server via a malformed URI. Patches are available in versions 3.0.5 and 2.3.3. Some workarounds are also available. One may use object storage rather than the local file system, e.g. MinIO or S3, or define middleware which detects and blocks requests with urls containing `/../`. | ||||
| CVE-2024-45219 | 1 Apache Software Foundation | 1 Apache Cloudstack | 2024-10-16 | 8.5 High |
| Account users in Apache CloudStack by default are allowed to upload and register templates for deploying instances and volumes for attaching them as data disks to their existing instances. Due to missing validation checks for KVM-compatible templates or volumes in CloudStack 4.0.0 through 4.18.2.3 and 4.19.0.0 through 4.19.1.1, an attacker that can upload or register templates and volumes, can use them to deploy malicious instances or attach uploaded volumes to their existing instances on KVM-based environments and exploit this to gain access to the host filesystems that could result in the compromise of resource integrity and confidentiality, data loss, denial of service, and availability of KVM-based infrastructure managed by CloudStack. Users are recommended to upgrade to Apache CloudStack 4.18.2.4 or 4.19.1.2, or later, which addresses this issue. Additionally, all user-uploaded or registered KVM-compatible templates and volumes can be scanned and checked that they are flat files that should not be using any additional or unnecessary features. For example, operators can run this on their secondary storage(s) and inspect output. An empty output for the disk being validated means it has no references to the host filesystems; on the other hand, if the output for the disk being validated is not empty, it might indicate a compromised disk. for file in $(find /path/to/storage/ -type f -regex [a-f0-9\-]*.*); do echo "Retrieving file [$file] info. If the output is not empty, that might indicate a compromised disk; check it carefully."; qemu-img info -U $file | grep file: ; printf "\n\n"; done The command can also be run for the file-based primary storages; however, bear in mind that (i) volumes created from templates will have references for the templates at first and (ii) volumes can be consolidated while migrating, losing their references to the templates. Therefore, the command execution for the primary storages can show both false positives and false negatives. For checking the whole template/volume features of each disk, operators can run the following command: for file in $(find /path/to/storage/ -type f -regex [a-f0-9\-]*.*); do echo "Retrieving file [$file] info."; qemu-img info -U $file; printf "\n\n"; done | ||||
| CVE-2023-25915 | 1 Danfoss | 2 Ak-sm 800a, Ak-sm 800a Firmware | 2024-10-16 | 9.9 Critical |
| Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system. | ||||
| CVE-2024-38189 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2024-10-16 | 8.8 High |
| Microsoft Project Remote Code Execution Vulnerability | ||||
| CVE-2024-38201 | 1 Microsoft | 1 Azure Stack Hub | 2024-10-16 | 7 High |
| Azure Stack Hub Elevation of Privilege Vulnerability | ||||
| CVE-2024-38196 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2024-10-16 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-31039 | 1 Apache | 1 Brpc | 2024-10-15 | 9.8 Critical |
| Security vulnerability in Apache bRPC <1.5.0 on all platforms allows attackers to execute arbitrary code via ServerOptions::pid_file. An attacker that can influence the ServerOptions pid_file parameter with which the bRPC server is started can execute arbitrary code with the permissions of the bRPC process. Solution: 1. upgrade to bRPC >= 1.5.0, download link: https://dist.apache.org/repos/dist/release/brpc/1.5.0/ https://dist.apache.org/repos/dist/release/brpc/1.5.0/ 2. If you are using an old version of bRPC and hard to upgrade, you can apply this patch: https://github.com/apache/brpc/pull/2218 https://github.com/apache/brpc/pull/2218 | ||||
| CVE-2023-30577 | 1 Zmanda | 1 Amanda | 2024-10-15 | 7.8 High |
| AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. | ||||