Total
10125 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38241 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-09-17 | N/A | 7.8 HIGH |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-38243 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-09-17 | N/A | 7.8 HIGH |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-38244 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-09-17 | N/A | 7.8 HIGH |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-38245 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-09-17 | N/A | 7.8 HIGH |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-38811 | 1 Vmware | 1 Fusion | 2024-09-17 | N/A | 7.8 HIGH |
| VMware Fusion (13.x before 13.6) contains a code-execution vulnerability due to the usage of an insecure environment variable. A malicious actor with standard user privileges may exploit this vulnerability to execute code in the context of the Fusion application. | |||||
| CVE-2024-21829 | 2024-09-16 | N/A | 7.5 HIGH | ||
| Improper input validation in UEFI firmware error handler for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21781 | 2024-09-16 | N/A | 7.2 HIGH | ||
| Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to enable information disclosure or denial of service via local access. | |||||
| CVE-2024-21871 | 2024-09-16 | N/A | 7.5 HIGH | ||
| Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-45058 | 1 Portabilis | 1 I-educar | 2024-09-13 | N/A | 8.1 HIGH |
| i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. Prior to the 2.9 branch, an attacker with only minimal viewing privileges in the settings section is able to change their user type to Administrator (or another type with super-permissions) through a specifically crafted POST request to `/intranet/educar_usuario_cad.php`, modifying the `nivel_usuario_` parameter. The vulnerability occurs in the file located at `ieducar/intranet/educar_usuario_cad.php`, which does not check the user's current permission level before allowing changes. Commit c25910cdf11ab50e50162a49dd44bef544422b6e contains a patch for the issue. | |||||
| CVE-2021-38122 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | N/A | 8.2 HIGH |
| A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1 | |||||
| CVE-2024-43455 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-09-13 | N/A | 9.8 CRITICAL |
| Windows Remote Desktop Licensing Service Spoofing Vulnerability | |||||
| CVE-2024-41856 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-09-13 | N/A | 7.8 HIGH |
| Illustrator versions 28.5, 27.9.4, 28.6, 27.9.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-8073 | 1 Hillstonenet | 1 Web Application Firewall | 2024-09-12 | N/A | 9.8 CRITICAL |
| Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from 5.5R6-2.6.7 through 5.5R6-2.8.13. | |||||
| CVE-2024-45441 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-12 | N/A | 7.5 HIGH |
| Input verification vulnerability in the system service module Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2024-34163 | 1 Intel | 18 Nuc X15 Laptop Kit Lapac71g, Nuc X15 Laptop Kit Lapac71g Firmware, Nuc X15 Laptop Kit Lapac71h and 15 more | 2024-09-12 | N/A | 8.2 HIGH |
| Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access. | |||||
| CVE-2024-28947 | 1 Intel | 1 Server Board S2600st Firmware | 2024-09-12 | N/A | 8.2 HIGH |
| Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-45446 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | N/A | 5.5 MEDIUM |
| Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2024-45444 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | N/A | 5.5 MEDIUM |
| Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2024-42458 | 1 Any1 | 1 Neatvnc | 2024-09-05 | N/A | 9.8 CRITICAL |
| server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369. | |||||
| CVE-2024-44808 | 2024-09-05 | N/A | 9.8 CRITICAL | ||
| An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via the user GET parameter. | |||||