Total
11572 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21975 | 1 Amd | 1 Ryzen Ai Software | 2026-06-17 | N/A | 8.8 HIGH |
| Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. | |||||
| CVE-2024-21974 | 1 Amd | 1 Ryzen Ai Software | 2026-06-17 | N/A | 8.8 HIGH |
| Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. | |||||
| CVE-2024-21949 | 1 Amd | 1 Ryzen Ai Software | 2026-06-17 | N/A | 5.5 MEDIUM |
| Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash. | |||||
| CVE-2024-21944 | 2026-06-17 | N/A | 5.3 MEDIUM | ||
| Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integrity. | |||||
| CVE-2024-21925 | 2026-06-17 | N/A | 8.2 HIGH | ||
| Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution. | |||||
| CVE-2024-21871 | 2026-06-17 | N/A | 7.5 HIGH | ||
| Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21829 | 2026-06-17 | N/A | 7.5 HIGH | ||
| Improper input validation in UEFI firmware error handler for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21810 | 2026-06-17 | N/A | 8.8 HIGH | ||
| Improper input validation in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21781 | 2026-06-17 | N/A | 7.2 HIGH | ||
| Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to enable information disclosure or denial of service via local access. | |||||
| CVE-2024-21625 | 1 Sidequestvr | 1 Sidequest | 2026-06-17 | N/A | 8.8 HIGH |
| SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol (`sidequest://`) to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized properly in all cases, a one-click remote code execution can be achieved in cases when a device is connected, the user is presented with a malicious link and clicks it from within the application. As of version 0.10.35, the custom protocol links within the electron application are now being parsed and sanitized properly. | |||||
| CVE-2024-21590 | 1 Juniper | 1 Junos Os Evolved | 2026-06-17 | N/A | 5.3 MEDIUM |
| An Improper Input Validation vulnerability in Juniper Tunnel Driver (jtd) and ICMP module of Juniper Networks Junos OS Evolved allows an unauthenticated attacker within the MPLS administrative domain to send specifically crafted packets to the Routing Engine (RE) to cause a Denial of Service (DoS). When specifically crafted transit MPLS IPv4 packets are received by the Packet Forwarding Engine (PFE), these packets are internally forwarded to the RE. Continued receipt of these packets may create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: * All versions before 21.2R3-S8-EVO; * from 21.4-EVO before 21.4R3-S6-EVO; * from 22.2-EVO before 22.2R3-S4-EVO; * from 22.3-EVO before 22.3R3-S3-EVO; * from 22.4-EVO before 22.4R3-EVO; * from 23.2-EVO before 23.2R2-EVO. * from 23.4-EVO before 23.4R1-S1-EVO. | |||||
| CVE-2024-21549 | 2026-06-17 | N/A | 8.6 HIGH | ||
| Versions of the package spatie/browsershot before 5.0.3 are vulnerable to Improper Input Validation due to improper URL validation through the setUrl method. An attacker can exploit this vulnerability by utilizing view-source:file://, which allows for arbitrary file reading on a local file. **Note:** This is a bypass of the fix for [CVE-2024-21544](https://security.snyk.io/vuln/SNYK-PHP-SPATIEBROWSERSHOT-8496745). | |||||
| CVE-2024-21544 | 2026-06-17 | N/A | 8.6 HIGH | ||
| Versions of the package spatie/browsershot before 5.0.1 are vulnerable to Improper Input Validation due to improper URL validation in the setUrl method. An attacker can exploit this vulnerability by using leading whitespace (%20) before the file:// protocol, resulting in Local File Inclusion, which allows the attacker to read sensitive files on the server. | |||||
| CVE-2024-21519 | 1 Opencart | 1 Opencart | 2026-06-17 | N/A | 6.6 MEDIUM |
| This affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup file with an arbitrary filename (including the extension), within /system/storage/backup. **Note:** It is less likely for the created file to be available within the web root, as part of the security recommendations for the application suggest moving the storage path outside of the web root. | |||||
| CVE-2024-21476 | 1 Qualcomm | 96 Aqt1000, Aqt1000 Firmware, Ar8035 and 93 more | 2026-06-17 | N/A | 7.8 HIGH |
| Memory corruption when the channel ID passed by user is not validated and further used. | |||||
| CVE-2024-21473 | 1 Qualcomm | 254 Ar8035, Ar8035 Firmware, Ar9380 and 251 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| Memory corruption while redirecting log file to any file location with any file name. | |||||
| CVE-2024-21453 | 1 Qualcomm | 26 C-v2x 9150, C-v2x 9150 Firmware, Qcs410 and 23 more | 2026-06-17 | N/A | 7.5 HIGH |
| Transient DOS while decoding message of size that exceeds the available system memory. | |||||
| CVE-2024-21452 | 1 Qualcomm | 12 C-v2x 9150, C-v2x 9150 Firmware, Qca6584au and 9 more | 2026-06-17 | N/A | 7.3 HIGH |
| Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions. | |||||
| CVE-2024-21448 | 1 Microsoft | 1 Teams | 2026-06-17 | N/A | 5.0 MEDIUM |
| Microsoft Teams for Android Information Disclosure Vulnerability | |||||
| CVE-2024-21413 | 1 Microsoft | 4 365 Apps, Office 2016, Office 2019 and 1 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| Microsoft Outlook Remote Code Execution Vulnerability | |||||
