Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31970 | 1 Adtran | 2 834-5, Sdg Smartos | 2024-11-21 | N/A | 8.8 HIGH |
|
AdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1) have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with root-level privileges. An attacker can exploit this window to gain unauthorized root access by either modifying the existing admin account or creating a new account with equivalent privileges. This vuln ...
Show More |
|||||
| CVE-2024-31912 | 1 Ibm | 1 Mq | 2024-11-21 | N/A | 7.5 HIGH |
|
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. IBM X-Force ID: 289894.
|
|||||
| CVE-2024-31883 | 1 Ibm | 1 Security Verify Access | 2024-11-21 | N/A | 5.3 MEDIUM |
|
IBM Security Verify Access 10.0.0.0 through 10.0.7.1, under certain configurations, could allow an unauthenticated attacker to cause a denial of service due to asymmetric resource consumption. IBM X-Force ID: 287615.
|
|||||
| CVE-2024-30472 | 2 Dell, Microsoft | 2 Thinos, Telemetry Dashboard | 2024-11-21 | N/A | 7.5 HIGH |
|
Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability leading to information disclosure.
|
|||||
| CVE-2024-30105 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2024-11-21 | N/A | 7.5 HIGH |
|
.NET and Visual Studio Denial of Service Vulnerability
|
|||||
| CVE-2024-30100 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30098 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Windows Cryptographic Services Security Feature Bypass Vulnerability
|
|||||
| CVE-2024-30096 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Windows Cryptographic Services Information Disclosure Vulnerability
|
|||||
| CVE-2024-30094 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30091 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Win32k Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-30087 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Win32k Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-30086 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-30085 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-30083 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
|
|||||
| CVE-2024-30082 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Win32k Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-30081 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 7.1 HIGH |
|
Windows NTLM Spoofing Vulnerability
|
|||||
| CVE-2024-30079 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-30077 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 8.0 HIGH |
|
Windows OLE Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30076 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2024-11-21 | N/A | 6.8 MEDIUM |
|
Windows Container Manager Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-30075 | 1 Microsoft | 1 Windows Server 2008 | 2024-11-21 | N/A | 8.0 HIGH |
|
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30074 | 1 Microsoft | 1 Windows Server 2008 | 2024-11-21 | N/A | 8.0 HIGH |
|
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30072 | 1 Microsoft | 3 Windows 11 22h2, Windows 11 23h2, Windows Server 2022 23h2 | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30071 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 4.7 MEDIUM |
|
Windows Remote Access Connection Manager Information Disclosure Vulnerability
|
|||||
| CVE-2024-30070 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2024-11-21 | N/A | 7.5 HIGH |
|
DHCP Server Service Denial of Service Vulnerability
|
|||||
| CVE-2024-30067 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Winlogon Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-30066 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Winlogon Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-30065 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Windows Themes Denial of Service Vulnerability
|
|||||
| CVE-2024-30064 | 1 Microsoft | 2 Windows Server 2022, Windows Server 2022 23h2 | 2024-11-21 | N/A | 8.8 HIGH |
|
Windows Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-30063 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30062 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30061 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | N/A | 7.3 HIGH |
|
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
|
|||||
| CVE-2024-30057 | 1 Microsoft | 1 Edge | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Microsoft Edge for iOS Spoofing Vulnerability
|
|||||
| CVE-2024-30052 | 1 Microsoft | 2 Visual Studio 2019, Visual Studio 2022 | 2024-11-21 | N/A | 4.7 MEDIUM |
|
Visual Studio Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30013 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Windows MultiPoint Services Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30002 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-11-21 | N/A | 6.8 MEDIUM |
|
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
|
|||||
| CVE-2024-2880 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A | 2.7 LOW |
|
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2 in which a user with `admin_group_member` custom role permission could ban group members.
|
|||||
| CVE-2024-2628 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)
|
|||||
| CVE-2024-2625 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2024-2473 | 1 Wpserveur | 1 Wps Hide Login | 2024-11-21 | N/A | 5.3 MEDIUM |
|
The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is created when the 'action=postpass' parameter is supplied. This makes it possible for attackers to easily discover any login page that may have been hidden by the plugin.
|
|||||
| CVE-2024-2385 | 1 Livemeshelementor | 1 Addons For Elementor | 2024-11-21 | N/A | 8.8 HIGH |
|
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.3.7 via several of the plugin's widgets through the 'style' attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in ...
Show More |
|||||