Total
28566 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1666 | 1 Cyclomedia | 1 Cycloscopelite | 2024-09-17 | N/A |
| Multiple unspecified vulnerabilities in CycloMedia CycloScopeLite 2.50.3.0 allow remote attackers to execute arbitrary code via the ReturnConnection method in (1) CM_ADOConnection.dll, (2) CM_AddressInfoDBC.dll, and (3) CM_RecordingLocationDBC.dll, related to improper dereferencing. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2017-0673 | 1 Google | 1 Android | 2024-09-17 | N/A |
| A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33974623. | ||||
| CVE-2006-0218 | 1 Mybb | 1 Mybb | 2024-09-17 | N/A |
| Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0.2 have unspecified impact and attack vectors, related to (1) admin/moderate.php, (2) admin/themes.php, (3) inc/functions.php, (4) inc/functions_upload.php, (5) printthread.php, and (6) usercp.php, and probably related to SQL injection. NOTE: it is likely that this issue subsumes CVE-2005-4602 and CVE-2005-4603. However, since the vendor advisory is vague and additional files are mentioned, is is likely that this contains at least one distinct vulnerability from CVE-2005-4602 and CVE-2005-4603. | ||||
| CVE-2017-0803 | 1 Google | 1 Android | 2024-09-17 | N/A |
| A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-36136137. References: M-ALPS03361477. | ||||
| CVE-2022-25891 | 1 Containrrr | 1 Shoutrrr | 2024-09-17 | 7.5 High |
| The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages. | ||||
| CVE-2009-5015 | 1 Turbogears | 1 Turbogears2 | 2024-09-17 | N/A |
| The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors. | ||||
| CVE-2019-6178 | 1 Lenovo | 12 Home Media Network Hard Drive, Home Media Network Hard Drive Firmware, Ix12-300r and 9 more | 2024-09-17 | 5.3 Medium |
| An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This does not allow read, write, delete, or any other access to the underlying file systems and their contents. | ||||
| CVE-2022-22782 | 1 Zoom | 4 Meetings, Rooms For Conference Rooms, Vdi Windows Meeting Clients and 1 more | 2024-09-17 | 7.9 High |
| The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation. A malicious actor could utilize this to potentially delete system level files or folders, causing integrity or availability issues on the user’s host machine. | ||||
| CVE-2017-5824 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-09-17 | N/A |
| An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found. | ||||
| CVE-2011-0840 | 1 Oracle | 4 Peoplesoft And Jdedwards Product Suite, Peoplesoft Enterprise, Peoplesoft Enterprise Peopletools and 1 more | 2024-09-17 | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise PeopleTools 8.49 GA through 8.49.30 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing. | ||||
| CVE-2012-0836 | 1 Joomla | 1 Joomla\! | 2024-09-17 | N/A |
| Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors. | ||||
| CVE-2011-4144 | 2 Centos, Emc | 2 Centos, Documentum Content Server | 2024-09-17 | N/A |
| Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveraging system administrator privileges. | ||||
| CVE-2011-2219 | 1 Novell | 1 Groupwise | 2024-09-17 | N/A |
| Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2218. | ||||
| CVE-2009-3352 | 1 Drupal | 1 Drupal | 2024-09-17 | N/A |
| Multiple unspecified vulnerabilities in the quota_by_role (Quota by role) module for Drupal have unknown impact and attack vectors. | ||||
| CVE-2023-4822 | 2 Grafana, Redhat | 2 Grafana, Ceph Storage | 2024-09-17 | 6.7 Medium |
| Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations. It also allows an Organization Admin to assign or revoke any permissions that they have to any user globally. This means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user. The vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of. | ||||
| CVE-2023-46055 | 1 Thingnario | 1 Photon | 2024-09-17 | 8.8 High |
| An issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function to the "thingnario Logger Maintenance Webpage" endpoint. | ||||
| CVE-2023-44809 | 1 Dlink | 2 Dir-820l, Dir-820l Firmware | 2024-09-17 | 9.8 Critical |
| D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. | ||||
| CVE-2023-21931 | 1 Oracle | 1 Weblogic Server | 2024-09-17 | 7.5 High |
| Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | ||||
| CVE-2023-21923 | 1 Oracle | 1 Health Sciences Inform | 2024-09-17 | 8.3 High |
| Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Health Sciences InForm. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Health Sciences InForm accessible data as well as unauthorized access to critical data or complete access to all Oracle Health Sciences InForm accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Health Sciences InForm. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L). | ||||
| CVE-2023-21922 | 1 Oracle | 1 Health Sciences Inform | 2024-09-17 | 6.8 Medium |
| Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Health Sciences InForm. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Health Sciences InForm accessible data as well as unauthorized access to critical data or complete access to all Oracle Health Sciences InForm accessible data. CVSS 3.1 Base Score 6.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N). | ||||