Total
306815 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-28950 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software for Windows before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-28885 | 2024-11-15 | N/A | 5.9 MEDIUM | ||
Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. | |||||
CVE-2024-25647 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-33617 | 2024-11-15 | N/A | 5.9 MEDIUM | ||
Insufficient control flow management in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. | |||||
CVE-2024-36282 | 2024-11-15 | N/A | 8.2 HIGH | ||
Improper input validation in the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-31154 | 2024-11-15 | N/A | 7.5 HIGH | ||
Improper input validation in UEFI firmware for some Intel(R) Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-29079 | 2024-11-15 | N/A | 6.8 MEDIUM | ||
Insufficient control flow management in some Intel(R) VROC software before version 8.6.0.3001 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-45594 | 2024-11-15 | N/A | 7.7 HIGH | ||
Decidim is a participatory democracy framework. The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.28.3 and 0.29.0. | |||||
CVE-2024-40885 | 2024-11-15 | N/A | 6.4 MEDIUM | ||
Use after free in the UEFI firmware of some Intel(R) Server M20NTP BIOS may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-29083 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
Incorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-34776 | 2024-11-15 | N/A | 4.5 MEDIUM | ||
Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-27200 | 2024-11-15 | N/A | 4.4 MEDIUM | ||
Improper access control in some Intel(R) Granulate(TM) software before version 4.30.1 may allow a authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-52552 | 2024-11-15 | N/A | 8.0 HIGH | ||
Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | |||||
CVE-2024-11206 | 2024-11-15 | N/A | 7.5 HIGH | ||
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to the leakage of user information. | |||||
CVE-2024-52374 | 2024-11-15 | N/A | 10.0 CRITICAL | ||
Unrestricted Upload of File with Dangerous Type vulnerability in DoThatTask Do That Task allows Upload a Web Shell to a Web Server.This issue affects Do That Task: from n/a through 1.5.5. | |||||
CVE-2024-52384 | 2024-11-15 | N/A | 9.9 CRITICAL | ||
Unrestricted Upload of File with Dangerous Type vulnerability in Sage AI Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation allows Upload a Web Shell to a Web Server.This issue affects Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation: from n/a through 2.4.9. | |||||
CVE-2024-51688 | 2024-11-15 | N/A | 7.1 HIGH | ||
Cross-Site Request Forgery (CSRF) vulnerability in FraudLabs Pro FraudLabs Pro SMS Verification allows Stored XSS.This issue affects FraudLabs Pro SMS Verification: from n/a through 1.10.1. | |||||
CVE-2024-52375 | 2024-11-15 | N/A | 10.0 CRITICAL | ||
Unrestricted Upload of File with Dangerous Type vulnerability in Arttia Creative Datasets Manager by Arttia Creative.This issue affects Datasets Manager by Arttia Creative: from n/a through 1.5. | |||||
CVE-2024-51687 | 2024-11-15 | N/A | 7.1 HIGH | ||
Cross-Site Request Forgery (CSRF) vulnerability in Platform.Ly Platform.Ly Official allows Stored XSS.This issue affects Platform.Ly Official: from n/a through 1.1.3. | |||||
CVE-2022-31666 | 2024-11-15 | N/A | 7.7 HIGH | ||
Harbor fails to validate user permissions while deleting Webhook policies, allowing malicious users to view, update and delete Webhook policies of other users. The attacker could modify Webhook policies configured in other projects. |