Total
29162 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-8631 | 1 Microsoft | 6 Excel, Excel Viewer, Excel Web App and 3 more | 2024-09-16 | 7.8 High |
A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8632, and CVE-2017-8744. | ||||
CVE-2021-23127 | 1 Joomla | 1 Joomla\! | 2024-09-16 | 9.1 Critical |
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes. | ||||
CVE-2021-20341 | 1 Ibm | 1 Cloud Pak For Multicloud Management Monitoring | 2024-09-16 | 5.3 Medium |
IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns potentially sensitive information in headers which could lead to further attacks against the system. IBM X-Force ID: 194513. | ||||
CVE-2017-1000168 | 1 Sodiumoxide Project | 1 Sodiumoxide | 2024-09-16 | N/A |
sodiumoxide 0.0.13 and older scalarmult() vulnerable to degenerate public keys | ||||
CVE-2017-7647 | 1 Solarwinds | 1 Log \& Event Manager | 2024-09-16 | N/A |
SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands. | ||||
CVE-2021-1590 | 1 Cisco | 103 Nexus 3000, Nexus 3048, Nexus 31108pc-v and 100 more | 2024-09-16 | 5.3 Medium |
A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulnerability is due to a logic error in the implementation of the system login block-for command when an attack is detected and acted upon. An attacker could exploit this vulnerability by performing a brute-force login attack on an affected device. A successful exploit could allow the attacker to cause a login process to reload, which could result in a delay during authentication to the affected device. | ||||
CVE-2018-3663 | 1 Intel | 1 Saffron Memorybase | 2024-09-16 | N/A |
Escalation of privilege in Intel Saffron MemoryBase before 11.4 allows an authenticated user access to privileged information. | ||||
CVE-2013-0967 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-16 | N/A |
CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which allows remote attackers to bypass a Java plug-in disabled setting, and trigger the launch of Java Web Start applications, via a crafted web site. | ||||
CVE-2013-2938 | 1 Citrix | 1 Cloudportal Services Manager | 2024-09-16 | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | ||||
CVE-2021-27780 | 1 Hcltech | 2 Bigfix Mobile, Modern Client Management | 2024-09-16 | 5.3 Medium |
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment. | ||||
CVE-2019-15065 | 1 Hinet | 2 Gpon, Gpon Firmware | 2024-09-16 | 9.3 Critical |
A service which is hosted on port 6998 in HiNet GPON firmware < I040GWR190731 allows an attacker to execute a specific command to read arbitrary files. CVSS 3.0 Base score 9.3. CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L). | ||||
CVE-2022-22351 | 1 Ibm | 2 Aix, Vios | 2024-09-16 | 8.6 High |
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged trusted host user to exploit a vulnerability in the nimsh daemon to cause a denial of service in the nimsh daemon on another trusted host. IBM X-Force ID: 220396 | ||||
CVE-2008-7198 | 1 Alecwh | 1 Phpns | 2024-09-16 | N/A |
Multiple unspecified vulnerabilities in phpns before 2.1.1beta1 have unknown impact and attack vectors. | ||||
CVE-2017-5823 | 1 Hp | 1 Intelligent Management Center | 2024-09-16 | N/A |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found. | ||||
CVE-2013-3792 | 1 Oracle | 1 Vm Virtualbox | 2024-09-16 | N/A |
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.18, 4.0.20, 4.1.28, and 4.2.18 allows local users to affect availability via unknown vectors related to Core. | ||||
CVE-2017-11877 | 1 Microsoft | 3 Excel, Excel Viewer, Office Compatibility Pack | 2024-09-16 | 5.5 Medium |
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for Mac allow a security feature bypass by not enforcing macro settings on an Excel document, aka "Microsoft Excel Security Feature Bypass Vulnerability". | ||||
CVE-2019-20898 | 1 Atlassian | 2 Jira, Jira Software Data Center | 2024-09-16 | 7.5 High |
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitive information without being authenticated in the Global permissions screen. The affected versions are before version 8.8.0. | ||||
CVE-2021-22527 | 1 Microfocus | 1 Access Manager | 2024-09-16 | 6 Medium |
Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | ||||
CVE-2019-0044 | 1 Juniper | 4 Junos, Srx5400, Srx5600 and 1 more | 2024-09-16 | 7.5 High |
Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of Service (DoS). Affected releases are Juniper Networks SRX5000 Series: 12.1X46 versions prior to 12.1X46-D82; 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160. | ||||
CVE-2017-13172 | 1 Google | 1 Android | 2024-09-16 | N/A |
An elevation of privilege vulnerability in the MediaTek bluetooth driver. Product: Android. Versions: Android kernel. Android ID A-36493287. References: M-ALPS03495791. |