Total
31690 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38245 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-09-17 | N/A | 7.8 HIGH |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-38246 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2024-09-17 | N/A | 7.0 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2024-38247 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-09-17 | N/A | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2024-38248 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2024-09-17 | N/A | 7.0 HIGH |
| Windows Storage Elevation of Privilege Vulnerability | |||||
| CVE-2024-38249 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-09-17 | N/A | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2024-38250 | 1 Microsoft | 16 Office, Office Long Term Servicing Channel, Windows 10 1507 and 13 more | 2024-09-17 | N/A | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2024-43457 | 1 Microsoft | 1 Windows 11 24h2 | 2024-09-17 | N/A | 7.8 HIGH |
| Windows Setup and Deployment Elevation of Privilege Vulnerability | |||||
| CVE-2024-43463 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-09-17 | N/A | 7.8 HIGH |
| Microsoft Office Visio Remote Code Execution Vulnerability | |||||
| CVE-2024-43467 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-09-17 | N/A | 7.5 HIGH |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | |||||
| CVE-2024-38876 | 1 Siemens | 6 Omnivise T3000 Application Server, Omnivise T3000 Domain Controller, Omnivise T3000 Product Data Management and 3 more | 2024-09-17 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Product Data Management (PDM) R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions), Omnivise T3000 Terminal Server R9.2 (All versions), Omnivise T3000 Thin Client R9.2 (All versions), Omnivise T3000 Whitelisting Server R9.2 (All versions). The affected application regularly executes user modifiable code as a privileged user. This could allow a local authenticated attacker to execute arbitrary code with elevated privileges. | |||||
| CVE-2024-38811 | 1 Vmware | 1 Fusion | 2024-09-17 | N/A | 7.8 HIGH |
| VMware Fusion (13.x before 13.6) contains a code-execution vulnerability due to the usage of an insecure environment variable. A malicious actor with standard user privileges may exploit this vulnerability to execute code in the context of the Fusion application. | |||||
| CVE-2024-42033 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-17 | N/A | 7.1 HIGH |
| Access control vulnerability in the security verification module mpact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2024-44945 | 1 Linux | 1 Linux Kernel | 2024-09-17 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation when ACKing BATCH_BEGIN and BATCH_END. | |||||
| CVE-2024-40766 | 1 Sonicwall | 52 Nsa 2650, Nsa 2700, Nsa 3600 and 49 more | 2024-09-16 | N/A | 9.8 CRITICAL |
| An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions. | |||||
| CVE-2024-28991 | 1 Solarwinds | 1 Access Rights Manager | 2024-09-16 | N/A | 8.8 HIGH |
| SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution. | |||||
| CVE-2024-33003 | 1 Sap | 1 Commerce Cloud | 2024-09-16 | N/A | 9.1 CRITICAL |
| Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a High impact on confidentiality and integrity of the application. | |||||
| CVE-2024-39574 | 1 Dell | 1 Insightiq | 2024-09-16 | N/A | 4.4 MEDIUM |
| Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. | |||||
| CVE-2024-39580 | 1 Dell | 1 Insightiq | 2024-09-16 | N/A | 6.7 MEDIUM |
| Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | |||||
| CVE-2024-8754 | 1 Gitlab | 1 Gitlab | 2024-09-14 | N/A | 8.1 HIGH |
| An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to squat on accounts via linking arbitrary unclaimed provider identities when JWT authentication is configured. | |||||
| CVE-2024-42037 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-13 | N/A | 6.2 MEDIUM |
| Vulnerability of uncaught exceptions in the Graphics module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||