Total
31665 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28991 | 1 Solarwinds | 1 Access Rights Manager | 2024-09-17 | 9 Critical |
| SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution. | ||||
| CVE-2010-0200 | 2024-09-16 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1241. Reason: This candidate is a duplicate of CVE-2010-1241. Notes: All CVE users should reference CVE-2010-1241 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2007-6440 | 2024-09-16 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6112. Reason: This candidate is a duplicate of CVE-2007-6112. Notes: All CVE users should reference CVE-2007-6112 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2024-40766 | 1 Sonicwall | 52 Nsa 2650, Nsa 2700, Nsa 3600 and 49 more | 2024-09-16 | 9.3 Critical |
| An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions. | ||||
| CVE-2024-33003 | 1 Sap | 1 Commerce Cloud | 2024-09-16 | 7.4 High |
| Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a High impact on confidentiality and integrity of the application. | ||||
| CVE-2007-6445 | 2024-09-16 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6117. Reason: This candidate is a duplicate of CVE-2007-6117. Notes: All CVE users should reference CVE-2007-6117 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2024-39574 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2024-09-16 | 6.7 Medium |
| Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. | ||||
| CVE-2024-39580 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2024-09-16 | 6.7 Medium |
| Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2024-42037 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-13 | 9.3 Critical |
| Vulnerability of uncaught exceptions in the Graphics module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-42036 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-13 | 2.5 Low |
| Access permission verification vulnerability in the Notepad module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-1744 | 2 Accordors, Ariva Computer | 2 Accord Ors, Accord Ors | 2024-09-13 | 7.5 High |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data.This issue affects Accord ORS: before 7.3.2.1. | ||||
| CVE-2024-45442 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-13 | 5.1 Medium |
| Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2021-22529 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 6.3 Medium |
| A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1 | ||||
| CVE-2024-5760 | 3 Hp Inc, Microsoft, Samsung | 3 Samsung Universal Print Driver, Windows, Universal Print Driver | 2024-09-13 | 8.4 High |
| The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018. | ||||
| CVE-2024-8695 | 1 Docker | 2 Desktop, Docker Desktop | 2024-09-13 | 9.8 Critical |
| A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. | ||||
| CVE-2024-8696 | 1 Docker | 2 Desktop, Docker Desktop | 2024-09-13 | 9.8 Critical |
| A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2. | ||||
| CVE-2024-41856 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-09-13 | 7.8 High |
| Illustrator versions 28.5, 27.9.4, 28.6, 27.9.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-43259 | 2 Jem-products, Jem Plugins | 2 Order Export For Woocommerce, Order Expert For Woocommerce | 2024-09-12 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order Export for WooCommerce.This issue affects Order Export for WooCommerce: from n/a through 3.23. | ||||
| CVE-2024-43258 | 1 Storelocatorplus | 1 Store Locator Plus | 2024-09-12 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Store Locator Plus.This issue affects Store Locator Plus: from n/a through 2311.17.01. | ||||
| CVE-2024-43257 | 1 Nouthemes | 1 Leopard | 2024-09-12 | 6.5 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Nouthemes Leopard - WordPress offload media.This issue affects Leopard - WordPress offload media: from n/a through 2.0.36. | ||||