Total
255441 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-30109 | 2024-06-28 | 3.7 Low | ||
HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the AEX web application. An attacker can use multiple transparent or opaque layers to trick a user into clicking on a button or link on another page than the one intended. | ||||
CVE-2024-23765 | 2024-06-28 | N/A | ||
An issue was discovered on HMS Anybus X-Gateway AB7832-F 3 devices. The gateway exposes an unidentified service on port 7412 on the network. All the network services of the gateway become unresponsive after sending 85 requests to this port. The content and length of the frame does not matter. The device needs to be restarted to resume operations. | ||||
CVE-2024-30110 | 2024-06-28 | 3.7 Low | ||
HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which can cause the system to behave in unexpected ways. | ||||
CVE-2024-30135 | 2024-06-28 | 3.3 Low | ||
HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken. | ||||
CVE-2024-29038 | 2024-06-28 | 4.3 Medium | ||
tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7. | ||||
CVE-2023-38188 | 1 Microsoft | 1 Azure Hdinsights | 2024-06-28 | 4.5 Medium |
Azure Apache Hadoop Spoofing Vulnerability | ||||
CVE-2024-6127 | 2024-06-28 | 9.8 Critical | ||
BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote code execution. A remote, unauthenticated attacker can exploit this vulnerability over HTTP by acting as a normal agent, completing all cryptographic handshakes, and then triggering an upload of payload data containing a malicious path. | ||||
CVE-2023-36881 | 1 Microsoft | 1 Azure Hdinsights | 2024-06-28 | 4.5 Medium |
Azure Apache Ambari Spoofing Vulnerability | ||||
CVE-2023-36873 | 1 Microsoft | 12 .net Framework, Windows 10 1607, Windows 10 1809 and 9 more | 2024-06-28 | 5.9 Medium |
.NET Framework Spoofing Vulnerability | ||||
CVE-2024-5730 | 2024-06-28 | N/A | ||
The Pagerank tools WordPress plugin through 1.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | ||||
CVE-2023-36772 | 1 Microsoft | 1 3d Builder | 2024-06-28 | 7.8 High |
3D Builder Remote Code Execution Vulnerability | ||||
CVE-2023-36771 | 1 Microsoft | 1 3d Builder | 2024-06-28 | 7.8 High |
3D Builder Remote Code Execution Vulnerability | ||||
CVE-2023-36558 | 1 Microsoft | 3 .net, Asp.net Core, Visual Studio 2022 | 2024-06-28 | 5.5 Medium |
ASP.NET Core - Security Feature Bypass Vulnerability | ||||
CVE-2024-21404 | 1 Microsoft | 2 Asp.net Core, Visual Studio 2022 | 2024-06-28 | 7.5 High |
.NET Denial of Service Vulnerability | ||||
CVE-2024-21348 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-06-28 | 7.5 High |
Internet Connection Sharing (ICS) Denial of Service Vulnerability | ||||
CVE-2024-30053 | 2024-06-28 | 6.5 Medium | ||
Azure Migrate Cross-Site Scripting Vulnerability | ||||
CVE-2024-28908 | 2024-06-28 | 8.8 High | ||
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
CVE-2024-28942 | 2024-06-28 | 8.8 High | ||
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
CVE-2024-20665 | 2024-06-28 | 6.1 Medium | ||
BitLocker Security Feature Bypass Vulnerability | ||||
CVE-2024-39351 | 2024-06-28 | 7.2 High | ||
A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the NTP configuration. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500. |