Total
11450 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31865 | 1 Apache | 1 Zeppelin | 2026-06-17 | N/A | 6.5 MEDIUM |
| Improper Input Validation vulnerability in Apache Zeppelin. The attackers can call updating cron API with invalid or improper privileges so that the notebook can run with the privileges. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue. | |||||
| CVE-2024-31862 | 1 Apache | 1 Zeppelin | 2026-06-17 | N/A | 5.3 MEDIUM |
| Improper Input Validation vulnerability in Apache Zeppelin when creating a new note from Zeppelin's UI.This issue affects Apache Zeppelin: from 0.10.1 before 0.11.0. Users are recommended to upgrade to version 0.11.0, which fixes the issue. | |||||
| CVE-2024-31841 | 1 Italtel | 1 Embrace | 2026-06-17 | N/A | 7.5 HIGH |
| An issue was discovered in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated attackers to read arbitrary files on the filesystem. | |||||
| CVE-2024-31449 | 1 Redis | 1 Redis | 2026-06-17 | N/A | 7.0 HIGH |
| Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-31310 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In newServiceInfoLocked of AutofillManagerServiceImpl.java, there is a possible way to hide an enabled Autofill service app in the Autofill service settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2024-31309 | 3 Apache, Debian, Fedoraproject | 3 Traffic Server, Debian Linux, Fedora | 2026-06-17 | N/A | 7.5 HIGH |
| HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting (proxy.config.http2.max_continuation_frames_per_minute) to limit the number of CONTINUATION frames per minute. ATS does have a fixed amount of memory a request can use and ATS adheres to these limits in previous releases. Users are recommended to upgrade to versions 8.1.10 or 9.2.4 which fixes the issue. | |||||
| CVE-2024-31227 | 1 Redis | 1 Redis | 2026-06-17 | N/A | 4.4 MEDIUM |
| Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis 7 prior to versions 7.2.6 and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-31158 | 2026-06-17 | N/A | 7.5 HIGH | ||
| Improper input validation in UEFI firmware in some Intel(R) Server Board S2600BP Family may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-31154 | 2026-06-17 | N/A | 7.5 HIGH | ||
| Improper input validation in UEFI firmware for some Intel(R) Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-31153 | 1 Intel | 1 Quickassist Technology | 2026-06-17 | N/A | 5.0 MEDIUM |
| Improper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2024-30916 | 1 Eprosima | 1 Fast Dds | 2026-06-17 | N/A | 7.1 HIGH |
| An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in DurabilityService QoS component. | |||||
| CVE-2024-30258 | 1 Eprosima | 1 Fast Dds | 2026-06-17 | N/A | 8.2 HIGH |
| FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed `RTPS` packet, the subscriber crashes when creating `pthread`. This can remotely crash any Fast-DDS process, potentially leading to a DOS attack. Versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8 contain a patch for the issue. | |||||
| CVE-2024-30188 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | N/A | 8.1 HIGH |
| File read and write vulnerability in Apache DolphinScheduler , authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2. Users are recommended to upgrade to version 3.2.2, which fixes the issue. | |||||
| CVE-2024-30110 | 1 Hcltech | 1 Dryice Aex | 2026-06-17 | N/A | 3.7 LOW |
| HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which can cause the system to behave in unexpected ways. | |||||
| CVE-2024-30092 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2026-06-17 | N/A | 8.0 HIGH |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||
| CVE-2024-30087 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2024-30078 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 8.8 HIGH |
| Windows Wi-Fi Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-30054 | 1 Microsoft | 1 Powerbi-javascript | 2026-06-17 | N/A | 6.5 MEDIUM |
| Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability | |||||
| CVE-2024-30040 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2026-06-17 | N/A | 8.8 HIGH |
| Windows MSHTML Platform Security Feature Bypass Vulnerability | |||||
| CVE-2024-30002 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-06-17 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||||