Total
11839 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10944 | 1 Rockwellautomation | 1 Factorytalk Updater | 2024-11-13 | 8.4 High |
| A Remote Code Execution vulnerability exists in the affected product. The vulnerability requires a high level of permissions and exists due to improper input validation resulting in the possibility of a malicious Updated Agent being deployed. | ||||
| CVE-2024-21976 | 1 Amd | 1 Ryzen | 2024-11-13 | 8.8 High |
| Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. | ||||
| CVE-2024-8936 | 2024-11-13 | 6.5 Medium | ||
| CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper with memory. | ||||
| CVE-2024-6868 | 1 Mudler | 1 Localai | 2024-11-13 | 9.8 Critical |
| mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. When model configurations specify additional files as archives (e.g., .tar), these archives are automatically extracted after downloading. This behavior can be exploited to perform a 'tarslip' attack, allowing files to be written to arbitrary locations on the server, bypassing checks that normally restrict files to the models directory. This vulnerability can lead to remote code execution (RCE) by overwriting backend assets used by the server. | ||||
| CVE-2024-37365 | 1 Rockwellautomation | 1 Factorytalk View Machine Edition | 2024-11-12 | 7.3 High |
| A remote code execution vulnerability exists in the affected product. The vulnerability allows users to save projects within the public directory allowing anyone with local access to modify and/or delete files. Additionally, a malicious user could potentially leverage this vulnerability to escalate their privileges by changing the macro to execute arbitrary code. | ||||
| CVE-2024-23983 | 1 Pingidentity | 1 Pingaccess | 2024-11-12 | N/A |
| Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules. | ||||
| CVE-2024-43611 | 1 Microsoft | 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more | 2024-11-12 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-43593 | 1 Microsoft | 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more | 2024-11-12 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-43592 | 1 Microsoft | 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more | 2024-11-12 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-43561 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2024-11-12 | 6.5 Medium |
| Windows Mobile Broadband Driver Denial of Service Vulnerability | ||||
| CVE-2024-43558 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2024-11-12 | 6.5 Medium |
| Windows Mobile Broadband Driver Denial of Service Vulnerability | ||||
| CVE-2024-43557 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2024-11-12 | 6.5 Medium |
| Windows Mobile Broadband Driver Denial of Service Vulnerability | ||||
| CVE-2024-43523 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2024-11-12 | 6.8 Medium |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | ||||
| CVE-2024-30092 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-12 | 8 High |
| Windows Hyper-V Remote Code Execution Vulnerability | ||||
| CVE-2024-38265 | 1 Microsoft | 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more | 2024-11-12 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-20659 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2024-11-12 | 7.1 High |
| Windows Hyper-V Security Feature Bypass Vulnerability | ||||
| CVE-2024-43542 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2024-11-12 | 6.5 Medium |
| Windows Mobile Broadband Driver Denial of Service Vulnerability | ||||
| CVE-2024-43540 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2024-11-12 | 6.5 Medium |
| Windows Mobile Broadband Driver Denial of Service Vulnerability | ||||
| CVE-2024-43538 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2024-11-12 | 6.5 Medium |
| Windows Mobile Broadband Driver Denial of Service Vulnerability | ||||
| CVE-2024-43526 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2024-11-12 | 6.8 Medium |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | ||||