Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-44076 | 1 Microcks | 1 Microcks | 2024-08-21 | N/A | 9.8 CRITICAL |
|
In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.
|
|||||
| CVE-2024-41723 | 1 F5 | 21 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 18 more | 2024-08-20 | N/A | 4.3 MEDIUM |
|
Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
|||||
| CVE-2024-22069 | 1 Zte | 4 Zxv10 Et301, Zxv10 Et301 Firmware, Zxv10 Xt802 and 1 more | 2024-08-20 | N/A | 8.8 HIGH |
|
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords.
|
|||||
| CVE-2024-39815 | 1 Vonets | 28 Vap11ac, Vap11ac Firmware, Vap11g and 25 more | 2024-08-20 | N/A | 7.5 HIGH |
|
Improper check or handling of exceptional conditions vulnerability
affecting Vonets
industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated
remote attacker to cause a denial of service. A specially-crafted
HTTP request to pre-authentication resources can crash the service.
|
|||||
| CVE-2024-42030 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-20 | N/A | 6.2 MEDIUM |
|
Access permission verification vulnerability in the content sharing pop-up module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2024-42658 | 1 Nepstech | 2 Ntpl-xpon1gfevn, Ntpl-xpon1gfevn Firmware | 2024-08-20 | N/A | 9.8 CRITICAL |
|
An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter
|
|||||
| CVE-2024-7925 | 1 Zzcms | 1 Zzcms | 2024-08-20 | 4.0 MEDIUM | 7.5 HIGH |
|
A vulnerability was found in ZZCMS 2023. It has been rated as problematic. This issue affects some unknown processing of the file 3/E_bak5.1/upload/eginfo.php. The manipulation of the argument phome with the input ShowPHPInfo leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2023-24064 | 1 Dieboldnixdorf | 1 Vynamic Security Suite | 2024-08-19 | N/A | 6.8 MEDIUM |
|
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR4 fails to validate /etc/initab during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.
|
|||||
| CVE-2024-6359 | 1 Opentext | 1 Arcsight Intelligence | 2024-08-19 | N/A | 9.8 CRITICAL |
|
Privilege escalation vulnerability identified in OpenText ArcSight Intelligence.
|
|||||
| CVE-2024-7799 | 1 Oretnom23 | 1 Simple Online Bidding System | 2024-08-19 | 5.0 MEDIUM | 7.3 HIGH |
|
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/bidding/admin/users.php. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2024-39778 | 1 F5 | 21 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 18 more | 2024-08-19 | N/A | 7.5 HIGH |
|
When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
|||||
| CVE-2024-39947 | 1 Dahuasecurity | 112 Nvr4104-4ks2\/l, Nvr4104-4ks2\/l Firmware, Nvr4104-4ks3 and 109 more | 2024-08-19 | N/A | 6.5 MEDIUM |
|
A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash.
|
|||||
| CVE-2024-39946 | 1 Dahuasecurity | 112 Nvr4104-4ks2\/l, Nvr4104-4ks2\/l Firmware, Nvr4104-4ks3 and 109 more | 2024-08-19 | N/A | 7.2 HIGH |
|
A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization.
|
|||||
| CVE-2024-38161 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2024-08-16 | N/A | 6.8 MEDIUM |
|
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38160 | 1 Microsoft | 2 Windows 10 1607, Windows Server 2016 | 2024-08-16 | N/A | 9.1 CRITICAL |
|
Windows Network Virtualization Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38159 | 1 Microsoft | 2 Windows 10 1607, Windows Server 2016 | 2024-08-16 | N/A | 9.1 CRITICAL |
|
Windows Network Virtualization Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38154 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-08-16 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38148 | 1 Microsoft | 6 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 3 more | 2024-08-16 | N/A | 7.5 HIGH |
|
Windows Secure Channel Denial of Service Vulnerability
|
|||||
| CVE-2024-38147 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2024-08-16 | N/A | 7.8 HIGH |
|
Microsoft DWM Core Library Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38146 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-08-16 | N/A | 7.5 HIGH |
|
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
|
|||||
| CVE-2024-38145 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-08-16 | N/A | 7.5 HIGH |
|
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
|
|||||
| CVE-2024-38144 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-16 | N/A | 8.8 HIGH |
|
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38143 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-08-16 | N/A | 4.2 MEDIUM |
|
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38142 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-08-16 | N/A | 7.8 HIGH |
|
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38141 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-08-16 | N/A | 7.8 HIGH |
|
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38138 | 1 Microsoft | 4 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 1 more | 2024-08-16 | N/A | 7.5 HIGH |
|
Windows Deployment Services Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38114 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-16 | N/A | 8.8 HIGH |
|
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38084 | 1 Microsoft | 1 Officeplus | 2024-08-16 | N/A | 7.8 HIGH |
|
Microsoft OfficePlus Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-37968 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-08-16 | N/A | 7.5 HIGH |
|
Windows DNS Spoofing Vulnerability
|
|||||
| CVE-2024-38063 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-16 | N/A | 9.8 CRITICAL |
|
Windows TCP/IP Remote Code Execution Vulnerability
|
|||||
| CVE-2024-29995 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-08-16 | N/A | 8.1 HIGH |
|
Windows Kerberos Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38162 | 1 Microsoft | 1 Azure Connected Machine Agent | 2024-08-16 | N/A | 7.8 HIGH |
|
Azure Connected Machine Agent Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38158 | 1 Microsoft | 1 Azure Iot Hub Device Client Sdk | 2024-08-16 | N/A | 7.0 HIGH |
|
Azure IoT SDK Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38157 | 1 Microsoft | 1 Azure Iot Hub Device Client Sdk | 2024-08-16 | N/A | 7.0 HIGH |
|
Azure IoT SDK Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38155 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2024-08-16 | N/A | 5.5 MEDIUM |
|
Security Center Broker Information Disclosure Vulnerability
|
|||||
| CVE-2024-38098 | 1 Microsoft | 1 Azure Connected Machine Agent | 2024-08-16 | N/A | 7.8 HIGH |
|
Azure Connected Machine Agent Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38180 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-16 | N/A | 8.8 HIGH |
|
Windows SmartScreen Security Feature Bypass Vulnerability
|
|||||
| CVE-2024-38177 | 1 Microsoft | 1 App Installer | 2024-08-16 | N/A | 7.8 HIGH |
|
Windows App Installer Spoofing Vulnerability
|
|||||
| CVE-2024-38173 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-08-16 | N/A | 6.7 MEDIUM |
|
Microsoft Outlook Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38172 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2024-08-16 | N/A | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||