Total
28653 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38230 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 2 more | 2024-09-19 | 6.5 Medium |
| Windows Standards-Based Storage Management Service Denial of Service Vulnerability | ||||
| CVE-2024-38188 | 1 Microsoft | 2 Azure Network Watcher Agent, Azure Network Watcher Agent For Windows | 2024-09-19 | 7.1 High |
| Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | ||||
| CVE-2024-38220 | 1 Microsoft | 1 Azure Stack Hub | 2024-09-19 | 9 Critical |
| Azure Stack Hub Elevation of Privilege Vulnerability | ||||
| CVE-2024-38216 | 1 Microsoft | 1 Azure Stack Hub | 2024-09-19 | 8.2 High |
| Azure Stack Hub Elevation of Privilege Vulnerability | ||||
| CVE-2024-38018 | 1 Microsoft | 1 Sharepoint Server | 2024-09-19 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2023-4583 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2024-09-19 | 7.5 High |
| When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. | ||||
| CVE-2023-43284 | 1 Dlink | 2 Dir-846, Dir-846 Firmware | 2024-09-19 | 8.8 High |
| D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter. | ||||
| CVE-2023-0506 | 1 Bydemes | 1 Airspace Cctv Web Service | 2024-09-19 | 8.8 High |
| The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access. | ||||
| CVE-2023-36537 | 1 Zoom | 1 Rooms | 2024-09-19 | 7.3 High |
| Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. | ||||
| CVE-2023-36533 | 1 Zoom | 2 Meeting Software Development Kit, Video Software Development Kit | 2024-09-19 | 7.1 High |
| Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network access. | ||||
| CVE-2023-34121 | 2 Microsoft, Zoom | 4 Windows, Rooms, Virtual Desktop Infrastructure and 1 more | 2024-09-19 | 4.1 Medium |
| Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access. | ||||
| CVE-2023-34120 | 2 Microsoft, Zoom | 2 Windows, Virtual Desktop Infrastructure | 2024-09-19 | 8.7 High |
| Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Users may potentially utilize higher level system privileges maintained by the Zoom client to spawn processes with escalated privileges. | ||||
| CVE-2023-34118 | 1 Zoom | 1 Rooms | 2024-09-19 | 7.3 High |
| Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. | ||||
| CVE-2023-34116 | 1 Zoom | 1 Zoom | 2024-09-19 | 8.2 High |
| Improper input validation in the Zoom Desktop Client for Windows before version 5.15.0 may allow an unauthorized user to enable an escalation of privilege via network access. | ||||
| CVE-2023-4577 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2024-09-19 | 6.5 Medium |
| When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. | ||||
| CVE-2023-4885 | 1 Open5gs | 1 Open5gs | 2024-09-19 | 6.5 Medium |
| Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information. | ||||
| CVE-2023-42508 | 1 Jfrog | 1 Artifactory | 2024-09-19 | 6.5 Medium |
| JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body. | ||||
| CVE-2023-30692 | 1 Samsung | 1 Android | 2024-09-19 | 8.5 High |
| Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities. | ||||
| CVE-2023-30727 | 1 Samsung | 1 Android | 2024-09-19 | 6.7 Medium |
| Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction. | ||||
| CVE-2023-30731 | 1 Samsung | 1 Android | 2024-09-19 | 5.7 Medium |
| Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type. | ||||