CVE ALERTS
Common Vulnerabilities and Exposures
CVE ALERTS
WHAT IS A VULNERABILITY?
An instance of one or more weaknesses in a Product that can be exploited, causing a negative impact to confidentiality, integrity, or availability; a set of conditions or behaviors that allows the violation of an explicit or implicit security policy.
CVE stands for Common Vulnerabilities and Exposures. CVE is a dictionary of unique identifiers for security vulnerabilities in software and hardware. Each CVE identifier is unique and is used to track and provide information about specific vulnerabilities. These identifiers help facilitate communication and information sharing between researchers, security companies, and end users, enabling better understanding and mitigation of security risks.
These alerts are provided by the CVE® Program.
- The CVE Identifiers (CVE IDs) assigned through the registry enable program stakeholders to rapidly discover and correlate vulnerability information used to protect systems against attacks
- CVE IDs are assigned by CVE Numbering Authorities (CNAs), which are operated on a voluntary basis by participating organizations
Severity | CVE | Description |
---|---|---|
10.0 CRITICAL | CVE-2024-51567 | CyberPanel Incorrect Default Permissions Vulnerability |
9.3 CRITICAL | CVE-2024-5910 | Palo Alto Expedition Missing Authentication Vulnerability |
7.2 HIGH | CVE-2024-8957 | PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability |
9.1 CRITICAL | CVE-2024-8956 | PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability |
5.8 MEDIUM | CVE-2024-20481 | Cisco ASA and FTD Denial-of-Service Vulnerability |
9.8 CRITICAL | CVE-2024-47575 | Fortinet FortiManager Missing Authentication Vulnerability |
7.2 HIGH | CVE-2024-38094 | Microsoft SharePoint Deserialization Vulnerability |
9.8 CRITICAL | CVE-2024-9537 | ScienceLogic SL1 Unspecified Vulnerability |
9.8 CRITICAL | CVE-2024-40711 | Veeam Backup and Replication Deserialization Vulnerability |
7.0 HIGH | CVE-2024-30088 | Microsoft Windows Kernel TOCTOU Race Condition Vulnerability |
-.- WAITING | CVE-2024-9680 | Mozilla Firefox Use-After-Free Vulnerability |
9.1 CRITICAL | CVE-2024-28987 | SolarWinds Web Help Desk Hardcoded Credential Vulnerability |
9.8 CRITICAL | CVE-2024-23113 | Fortinet Multiple Products Format String Vulnerability |
6.5 MEDIUM | CVE-2024-9379 | Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability |
7.2 HIGH | CVE-2024-9380 | Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability |
7.8 HIGH | CVE-2024-43047 | Qualcomm Multiple Chipsets Use-After-Free Vulnerability |
7.8 HIGH | CVE-2024-43572 | Microsoft Windows Management Console Remote Code Execution Vulnerability |
6.5 MEDIUM | CVE-2024-43573 | Microsoft Windows MSHTML Platform Spoofing Vulnerability |
10.0 CRITICAL | CVE-2024-45519 | Synacor Zimbra Collaboration Command Execution Vulnerability |
9.6 CRITICA | CVE-2024-29824 | Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability |
-.- WAITING | CVE-2023-25280 | D-Link DIR-820 Router OS Command Injection Vulnerability |
-.- WAITING | CVE-2020-15415 | DrayTek Multiple Vigor Routers OS Command Injection Vulnerability |
5.8 MEDIUM | CVE-2021-4043 | Motion Spell GPAC Null Pointer Dereference Vulnerability |
-.- WAITING | CVE-2019-0344 | SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability |
9.8 CRITICAL | CVE-2024-7593 | Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability |
9.4 CRITICAL | CVE-2024-8963 | Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability |
9.8 CRITICAL | CVE-2024-27348 | Apache HugeGraph-Server Improper Access Control Vulnerability |
8.8 HIGH | CVE-2020-0618 | Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability |
7.8 HIGH | CVE-2019-1069 | Microsoft Windows Task Scheduler Privilege Escalation Vulnerability |
9.8 CRITICAL | CVE-2022-21445 | Oracle JDeveloper Remote Code Execution Vulnerability |
9.8 CRITICAL | CVE-2020-14644 | Oracle WebLogic Server Remote Code Execution Vulnerability |
10.0 CRITICAL | CVE-2014-0497 | Adobe Flash Player Integer Underflow Vulnerability |
9.3 CRITICAL | CVE-2013-0643 | Adobe Flash Player Incorrect Default Permissions Vulnerability |
9.3 CRITICAL | CVE-2013-0648 | Adobe Flash Player Code Execution Vulnerability |
10.0 CRITICAL | CVE-2014-0502 | Adobe Flash Player Double Free Vulnerability |
8.8 HIGH | CVE-2024-43461 | Microsoft Windows MSHTML Platform Spoofing Vulnerability |
9.8 CRITICAL | CVE-2024-6670 | Progress WhatsUp Gold SQL Injection Vulnerability |
7.2 HIGH | CVE-2024-8190 | Ivanti Cloud Services Appliance OS Command Injection Vulnerability |
7.3 HIGH | CVE-2024-38226 | Microsoft Publisher Security Feature Bypass Vulnerability |
9.8 CRITICAL | CVE-2024-43491 | Microsoft Windows Update Remote Code Execution Vulnerability |
7.8 HIGH | WAITING | CVE-2024-38014 Microsoft Windows Installer Privilege Escalation Vulnerability |
5.4 MEDIUM | CVE-2024-38217 | Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability |
-.- WAITING | CVE-2016-3714 | ImageMagick Improper Input Validation Vulnerability |
7.8 HIGH | CVE-2017-1000253 | Linux Kernel PIE Stack Buffer Corruption Vulnerability |
9.8 CRITICAL | CVE-2024-40766 | SonicWall SonicOS Improper Access Control Vulnerability |
-.- WAITING | CVE-2021-20123 | Draytek VigorConnect Path Traversal Vulnerability |
-.- WAITING | CVE-2021-20124 | Draytek VigorConnect Path Traversal Vulnerability |
9.2 CRITICAL | CVE-2024-7262 | Kingsoft WPS Office Path Traversal Vulnerability |
8.8 HIGH | CVE-2024-7965 | Google Chromium V8 Inappropriate Implementation Vulnerability |
8.8 HIGH | CVE-2024-7971 | Google Chromium V8 Type Confusion Vulnerability |
7.8 HIGH | CVE-2024-4610 | ARM Mali GPU Kernel Driver Use-After-Free Vulnerability |
9.8 CRITICAL | CVE-2024-4577 | PHP-CGI OS Command Injection Vulnerability |
-.- WAITING | CVE-2024-24919 | Check Point Quantum Security Gateways Information Disclosure Vulnerability |
7.8 HIGH | CVE-2024-1086 | Linux Kernel Use-After-Free Vulnerability |
8.7 HIGH | CVE-2024-4978 | Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability |
9.8 CRITICAL | CVE-2024-38856 | Apache OFBiz Incorrect Authorization Vulnerability |
-.- WAITING | CVE-2021-33044 | Dahua IP Camera Authentication Bypass Vulnerability |
-.- WAITING | CVE-2021-33045 | Dahua IP Camera Authentication Bypass Vulnerability |
8.4 HIGH | CVE-2022-0185 | Linux Kernel Heap-Based Buffer Overflow |
-.- WAITING | CVE-2021-31196 | Microsoft Exchange Server Information Disclosure Vulnerability |
-.- WAITING | CVE-2024-23897 | Jenkins Command Line Interface (CLI) Path Traversal Vulnerability |
-.- WAITING | CVE-2024-28986 | SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability |
-.- WAITING | CVE-2024-38189 | Microsoft Project Remote Code Execution Vulnerability |
-.- WAITING | CVE-2024-38178 | Microsoft Windows Scripting Engine Memory Corruption Vulnerability |
-.- WAITING | CVE-2024-38213 | Microsoft Windows SmartScreen Security Feature Bypass Vulnerability |
-.- WAITING | CVE-2024-38193 | Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability |
-.- WAITING | CVE-2024-38106 | Microsoft Windows Kernel Privilege Escalation Vulnerability |
-.- WAITING | CVE-2024-38107 | Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability |
-.- WAITING | CVE-2024-36971 | Android Kernel Remote Code Execution Vulnerability |
-.- WAITING | CVE-2024-32113 | Apache OFBiz Path Traversal Vulnerability |
-.- WAITING | CVE-2018-0824 | Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability |
-.- WAITING | CVE-2024-37085 | VMware ESXi Authentication Bypass Vulnerability |
9.3 CRITICAL | CVE-2024-4879 | ServiceNow Improper Input Validation Vulnerability |
9.2 CRITICAL | CVE-2024-5217 | ServiceNow Incomplete List of Disallowed Inputs Vulnerability |
-.- WAITING | CVE-2023-45249 | Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability |
-.- WAITING | CVE-2012-4792 | Microsoft Internet Explorer Use-After-Free Vulnerability |
5.3 MEDIUM | CVE-2024-39891 | Twilio Authy Information Disclosure Vulnerability |
-.- WAITING | CVE-2024-34102 | Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability |
-.- WAITING | CVE-2024-28995 | SolarWinds Serv-U Path Traversal Vulnerability |
-.- WAITING | CVE-2022-22948 | VMware vCenter Server Incorrect Default File Permissions Vulnerability |
-.- WAITING | CVE-2024-36401 | OSGeo GeoServer GeoTools Eval Injection Vulnerability |
-.- WAITING | CVE-2024-23692 | Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability |
-.- WAITING | CVE-2024-38080 | Microsoft Windows Hyper-V Privilege Escalation Vulnerability |
-.- WAITING | CVE-2024-38112 | Microsoft Windows MSHTML Platform Spoofing Vulnerability |
-.- WAITING | CVE-2024-20399 | Cisco NX-OS Command Injection Vulnerability |
-.- WAITING | CVE-2022-24816 | GeoSolutionsGroup JAI-EXT Code Injection Vulnerability |
7.8 HIGH | CVE-2022-2586 | Linux Kernel Use-After-Free Vulnerability |
-.- WAITING | CVE-2020-13965 | Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability |
-.- WAITING | CVE-2024-32896 | Android Pixel Privilege Escalation Vulnerability |
-.- WAITING | CVE-2024-26169 | Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability |
9.8 CRITICAL | CVE-2024-4358 | Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability |
-.- WAITING | CVE-2017-3506 | Oracle WebLogic Server OS Command Injection Vulnerability |
-.- WAITING | CVE-2014-100005 | D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability |
-.- WAITING | CVE-2021-40655 | D-Link DIR-605 Router Information Disclosure Vulnerability |
8.8 HIGH | CVE-2024-4761 | Google Chromium V8 Out-of-Bounds Memory Write Vulnerability |
8.8 HIGH | CVE-2024-4947 | Google Chromium V8 Type Confusion Vulnerability |
-.- WAITING | CVE-2023-43208 | NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability |
-.- WAITING | CVE-2014-100005 | D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability |
-.- WAITING | CVE-2021-40655 | D-Link DIR-605 Router Information Disclosure Vulnerability |
-.- WAITING | CVE-2024-30051 | Microsoft DWM Core Library Privilege Escalation Vulnerability |
-.- WAITING | CVE-2024-30040 | Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability |
9.6 CRITICAL | CVE-2024-4671 | Google Chromium in Visuals Use-After-Free Vulnerability |
-.- WAITING | CVE-2023--.- | WAITING 7028 GitLab Community and Enterprise Editions Improper Access Control Vulnerability |
-.- WAITING | CVE-2023-7028 | Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability |
-.- WAITING | CVE-2024-29988 | Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability |
-.- WAITING | CVE-2024-20353 | Cisco ASA and FTD Denial of Service Vulnerability |
-.- WAITING | CVE-2024-20359 | Cisco ASA and FTD Privilege Escalation Vulnerability |
10.0 CRITICAL | CVE-2024-4040 | CrushFTP VFS Sandbox Escape Vulnerability |
-.- WAITING | CVE-2022-38028 | Microsoft Windows Print Spooler Privilege Escalation Vulnerability |
-.- WAITING | CVE-2024-3400 | Palo Alto Networks PAN-OS Command Injection Vulnerability |
-.- WAITING | CVE-2024-3272 | D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability |
-.- WAITING | CVE-2024-3273 | D-Link Multiple NAS Devices Command Injection Vulnerability |
-.- WAITING | CVE-2024-29745 | Android Pixel Information Disclosure Vulnerability |
-.- WAITING | CVE-2024-29748 | Android Pixel Privilege Escalation Vulnerability |
-.- WAITING | CVE-2023-29360 | Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability |
-.- WAITING | CVE-2023-24955 | Microsoft SharePoint Server Code Injection Vulnerability |
-.- WAITING | CVE-2023-48788 | Fortinet FortiClient EMS SQL Injection Vulnerability |
-.- WAITING | CVE-2021-44529 | Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability |
-.- WAITING | CVE-2019-7256 | Nice Linear eMerge E3-Series OS Command Injection Vulnerability |
-.- WAITING | CVE-2023-46808 | (Authenticated Remote File Write) for Ivanti Neurons for ITSM |
-.- WAITING | CVE-2023-41724 | (Remote Code Execution) for Ivanti Standalone Sentry |
-.- WAITING | CVE-2024-27198 | JetBrains TeamCity Authentication Bypass Vulnerability |
-.- WAITING | CVE-2024-23225 | Apple iOS and iPadOS Memory Corruption Vulnerability |
-.- WAITING | CVE-2024-23296 | Apple iOS and iPadOS Memory Corruption Vulnerability |
-.- WAITING | CVE-2023-21237 | Android Pixel Information Disclosure Vulnerability |
-.- WAITING | CVE-2021-36380 | Sunhillo SureLine OS Command Injection Vulnerablity |
-.- WAITING | CVE-2024-21338 | Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability |
-.- WAITING | CVE-2024-1709 | ConnectWise ScreenConnect Authentication Bypass Vulnerability |
-.- WAITING | CVE-2020-3259 | Cisco ASA and FTD Information Disclosure Vulnerability |
-.- WAITING | CVE-2024-21410 | Microsoft Exchange Server Privilege Escalation Vulnerability |
-.- WAITING | CVE-2023-43770 | Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability |
7.5 HIGH | CVE-2024-21351 | Windows SmartScreen Security Feature Bypass Vulnerability |
8.1 HIGH | CVE-2024-21412 | Internet Shortcut Files Security Feature Bypass Vulnerability |
-.- WAITING | CVE-2023-6549 | Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability |
-.- WAITING | CVE-2023-6548 | Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability |
-.- WAITING | CVE-2024-0519 | Google Chromium V8 Out-of-Bounds Memory Access Vulnerability |
-.- WAITING | CVE-2023-35082 | Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability |
-.- WAITING | CVE-2024-21412 | Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability |
-.- WAITING | CVE-2024-21351 | Microsoft Windows SmartScreen Security Feature Bypass Vulnerability |
-.- WAITING | CVE-2024-21762 | Fortinet FortiOS Out-of-Bound Write Vulnerability |
-.- WAITING | CVE-2023-4762 | Google Chromium V8 Type Confusion Vulnerability |
10.0 CRITICAL | CVE-2023-22527 | Atlassian Confluence Data Center and Server Template Injection Vulnerability |
-.- WAITING | CVE-2023-34048 | VMware vCenter Server Out-of-Bounds Write Vulnerability |
-.- WAITING | CVE-2024-21887 | Ivanti Connect Secure and Policy Secure Command Injection Vulnerability |
-.- WAITING | CVE-2023-7101 | Spreadsheet::ParseExcel Remote Code Execution Vulnerability |
-.- WAITING | CVE-2023-7024 | Google Chromium WebRTC Heap Buffer Overflow Vulnerability |
-.- WAITING | CVE-2023-5217 | Google Chrome libvpx Heap Buffer Overflow Vulnerability |
-.- WAITING | CVE-2023-47246 | SysAid Server Path Traversal Vulnerability |
-.- WAITING | CVE-2023-46805 | Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability |
-.- WAITING | CVE-2023-46748 | F5 BIG-IP SQL Injection Vulnerability |
-.- WAITING | CVE-2023-46747 | F5 BIG-IP Authentication Bypass Vulnerability |
-.- WAITING | CVE-2023-46604 | Apache ActiveMQ Deserialization of Untrusted Data Vulnerability |
-.- WAITING | CVE-2023-44487 | HTTP/2 Rapid Reset Attack Vulnerability |
-.- WAITING | CVE-2023-42917 | Apple Multiple Products WebKit Memory Corruption Vulnerability |
-.- WAITING | CVE-2023-42916 | Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability |
-.- WAITING | CVE-2023-4211 | Arm Mali GPU Kernel Driver Use-After-Free Vulnerability |
-.- WAITING | CVE-2023-41993 | Apple Multiple Products WebKit Code Execution Vulnerability |
-.- WAITING | CVE-2023-41992 | Apple Multiple Products Kernel Privilege Escalation Vulnerability |
-.- WAITING | CVE-2023-41991 | Apple Multiple Products Improper Certificate Validation Vulnerability |
-.- WAITING | CVE-2023-41990 | Apple Multiple Products Code Execution Vulnerability |
-.- WAITING | CVE-2023-41763 | Microsoft Skype for Business Privilege Escalation Vulnerability |
-.- WAITING | CVE-2023-41721 | UniFi Network Application |
-.- WAITING | CVE-2023-38831 | RARLAB WinRAR Code Execution Vulnerability |
-.- WAITING | CVE-2023-38203 | Adobe ColdFusion Deserialization of Untrusted Data Vulnerability |
-.- WAITING | CVE-2023-38035 | Ivanti Sentry Authentication Bypass Vulnerability |
-.- WAITING | CVE-2023-36884 | Microsoft Office and Windows HTML Remote Code Execution Vulnerability |
-.- WAITING | CVE-2023-36874 | Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability |
-.- WAITING | CVE-2023-36851 | Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
-.- WAITING | CVE-2023-36846 | Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
-.- WAITING | CVE-2023-36845 | Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability |
-.- WAITING | CVE-2023-36844 | Juniper Junos OS EX Series PHP External Variable Modification Vulnerability |
-.- WAITING | CVE-2023-36802 | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability |
-.- WAITING | CVE-2023-36761 | Microsoft Word Information Disclosure Vulnerability |
-.- WAITING | CVE-2023-36631 | Lack of access control in wfc.exe in Malwarebytes Binisoft |
-.- WAITING | CVE-2023-36563 | Microsoft WordPad Information Disclosure Vulnerability |
-.- WAITING | CVE-2023-36019 | Microsoft Power Platform Connector Spoofing Vulnerability |
-.- WAITING | CVE-2023-36012 | DHCP Server Service Information Disclosure Vulnerability |
-.- WAITING | CVE-2023-35643 | DHCP Server Service Information Disclosure Vulnerability |
8.1 HIGH | CVE-2023-35628 | Windows MSHTML Platform Remote Code Execution Vulnerability |
8.8 HIGH | CVE-2023-35630 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability |
6.5 MEDIUM | CVE-2023-35636 | Microsoft Outlook Information Disclosure Vulnerability |
8.8 HIGH | CVE-2023-35639 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
8.8 HIGH | CVE-2023-35641 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability |
6.5 MEDIUM | CVE-2023-35642 | Internet Connection Sharing (ICS) Denial-of-Service Vulnerability |
9.6 CRITICAL | CVE-2023-36019 | Microsoft Power Platform Connector Spoofing Vulnerability |
7.5 HIGH | CVE-2023-35638 | DHCP Server Service Denial-of-Service Vulnerability |
7.5 HIGH | CVE-2023-35643 | DHCP Server Service Information Disclosure Vulnerability |
5.3 MEDIUM | CVE-2023-36012 | DHCP Server Service Information Disclosure Vulnerability |
9.8 CRITICAL | CVE-2023-47246 | SysAid Server Path Traversal Vulnerability |
5.3 MEDIUM | CVE-2023-36844 | Juniper Junos OS EX Series PHP External Variable Modification Vulnerability |
9.8 CRITICAL | CVE-2023-36845 | Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability |
5.3 MEDIUM | CVE-2023-36846 | Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
5.3 MEDIUM | CVE-2023-36851 | Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
7.5 HIGH | CVE-2023-29552 | Service Location Protocol (SLP) Denial-of-Service Vulnerability |
10.0 CRITICAL | CVE-2023-22518 | Atlassian Confluence Data Center and Server Improper Authorization Vulnerability |
10.0 CRITICAL | CVE-2023-46604 | Apache ActiveMQ Deserialization of Untrusted Data Vulnerability |
9.8 CRITICAL | CVE-2023-46747 | F5 BIG-IP Authentication Bypass Vulnerability |
8.8 HIGH | CVE-2023-46748 | F5 BIG-IP SQL Injection Vulnerability |
5.5 MEDIUM | CVE-2023-4211 | Arm Mali GPU Kernel Driver Use-After-Free Vulnerability |
10.0 CRITICAL | CVE-2023-20198 | Cisco IOS XE Web UI Privilege Escalation Vulnerability |
10.0 CRITICAL | CVE-2023-41721 | UniFi Network Application |
7.8 HIGH | CVE-2023-21608 | Adobe Acrobat and Reader Use-After-Free Vulnerability |
6.6 MEDIUM | CVE-2023-20109 | Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability |
5.3 MEDIUM | CVE-2023-41763 | Microsoft Skype for Business Privilege Escalation Vulnerability |
6.5 MEDIUM | CVE-2023-36563 | Microsoft WordPad Information Disclosure Vulnerability |
7.5 HIGH | CVE-2023-44487 | HTTP/2 Rapid Reset Attack Vulnerability |
8.8 HIGH | CVE-2023-5217 | Google Chrome libvpx Heap Buffer Overflow Vulnerability |
5.5 MEDIUM | CVE-2023-41991 | Apple Multiple Products Improper Certificate Validation Vulnerability |
7.8 HIGH | CVE-2023-41992 | Apple Multiple Products Kernel Privilege Escalation Vulnerability |
9.8 CRITICAL | CVE-2023-41993 | Apple Multiple Products WebKit Code Execution Vulnerability |
7.8 HIGH | CVE-2023-38831 | RARLAB WinRAR Code Execution Vulnerability |
9.8 CRITICAL | CVE-2023-38035 | Ivanti Sentry Authentication Bypass Vulnerability |
8.8 HIGH | CVE-2023-36884 | Microsoft Office and Windows HTML Remote Code Execution Vulnerability |
7.8 HIGH | CVE-2023-36874 | Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability |
7.8 HIGH | CVE-2023-36802 | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability |
6.2 MEDIUM | CVE-2023-36761 | Microsoft Word Information Disclosure Vulnerability |
7.8 HIGH | CVE-2023-36631 | Lack of access control in wfc.exe in Malwarebytes Binisoft |
8.8 HIGH | CVE-2023-35311 | Microsoft Outlook Security Feature Bypass Vulnerability |
10.0 CRITICAL | CVE-2023-35078 | Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability |
5.4 MEDIUM | CVE-2023-34830 | i-doit Open v24 was discovered to contain a reflected cross-site scripting (XSS) vulnerability |
5.3 MEDIUM | CVE-2023-34099 | Shopware is an open source e-commerce software. |
9.8 CRITICAL | CVE-2023-33246 | Apache RocketMQ Command Execution Vulnerability |
8.8 HIGH | CVE-2023-32049 | Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability |
7.8 HIGH | CVE-2023-32046 | Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability |
8.8 HIGH | CVE-2023-3079 | Google Chromium V8 Type Confusion Vulnerability |
8.8 HIGH | CVE-2023-28434 | MinIO Security Feature Bypass Vulnerability |
9.8 CRITICAL | CVE-2023-27997 | Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability |
7.5 HIGH | CVE-2023-27532 | Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability |
7.8 HIGH | CVE-2023-26369 | Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability |
9.8 CRITICAL | CVE-2023-24489 | Citrix Content Collaboration ShareFile Improper Access Control Vulnerability |
9.8 CRITICAL | CVE-2023-20887 | VMware Aria Operations for Networks Command Injection Vulnerability |
9.8 CRITICAL | CVE-2022-31199 | Netwrix Auditor Insecure Object Deserialization Vulnerability |
9.8 CRITICAL | CVE-2022-29303 | SolarView Compact Command Injection Vulnerability |
9.8 CRITICAL | CVE-2021-44026 | Roundcube Webmail SQL Injection Vulnerability |
5.5 MEDIUM | CVE-2021-25489 | Samsung Mobile Devices Improper Input Validation Vulnerability |
7.8 HIGH | CVE-2021-25487 | Samsung Mobile Devices Out-of-Bounds Read Vulnerability |
6.4 MEDIUM | CVE-2021-25395 | Samsung Mobile Devices Race Condition Vulnerability |
6.4 MEDIUM | CVE-2021-25394 | Samsung Mobile Devices Race Condition Vulnerability |
6.7 MEDIUM | CVE-2021-25372 | Samsung Mobile Devices Improper Boundary Check Vulnerability |
6.7 MEDIUM | CVE-2021-25371 | Samsung Mobile Devices Unspecified Vulnerability |
6.1 MEDIUM | CVE-2020-35730 | Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability |
9.8 CRITICAL | CVE-2020-12641 | Roundcube Webmail Remote Code Execution Vulnerability |
7.8 HIGH | CVE-2019-20500 | D-Link DWL-2600AP Access Point Command Injection Vulnerability |
9.8 CRITICAL | CVE-2019-17621 | D-Link DIR-859 Router Command Execution Vulnerability |
Severity | Severity Score Range |
---|---|
CRITICAL | 9.0 - 10.0 |
HIGH | 7.0 - 8.9 |
MEDIUM | 4.0 - 6.9 |
LOW | 0.1 - 3.9 |
NONE | 0.0 |
Copyright © 2017 - 2024 Cyberprotech ® all rights reserved. The Cyberprotech name and logo are registered trademarks with the Nº. 639923. Use of this site constitutes acceptance of our website Terms of Service, Terms of Sale and Privacy Policy .