Total
11557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-32485 | 1 Intel | 1 Virtual Raid On Cpu | 2026-06-17 | N/A | 3.9 LOW |
| Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2024-32371 | 1 Hsclabs | 1 Mailinspector | 2026-06-17 | N/A | 7.5 HIGH |
| An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a regular user account to escalate their privileges and gain administrative access by changing the type parameter from 1 to 0. | |||||
| CVE-2024-32048 | 2026-06-17 | N/A | 6.5 MEDIUM | ||
| Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Model Server software before version 2024.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2024-32007 | 1 Apache | 1 Cxf | 2026-06-17 | N/A | 7.5 HIGH |
| An improper input validation of the p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token. | |||||
| CVE-2024-31965 | 2026-06-17 | N/A | 4.2 MEDIUM | ||
| A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker with administrative privilege to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow an attacker to access sensitive information. | |||||
| CVE-2024-31959 | 1 Samsung | 6 Exynos 1480, Exynos 1480 Firmware, Exynos 2200 and 3 more | 2026-06-17 | N/A | 8.4 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code execution. | |||||
| CVE-2024-31867 | 1 Apache | 1 Zeppelin | 2026-06-17 | N/A | 6.5 MEDIUM |
| Improper Input Validation vulnerability in Apache Zeppelin. The attackers can execute malicious queries by setting improper configuration properties to LDAP search filter. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue. | |||||
| CVE-2024-31865 | 1 Apache | 1 Zeppelin | 2026-06-17 | N/A | 6.5 MEDIUM |
| Improper Input Validation vulnerability in Apache Zeppelin. The attackers can call updating cron API with invalid or improper privileges so that the notebook can run with the privileges. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue. | |||||
| CVE-2024-31862 | 1 Apache | 1 Zeppelin | 2026-06-17 | N/A | 5.3 MEDIUM |
| Improper Input Validation vulnerability in Apache Zeppelin when creating a new note from Zeppelin's UI.This issue affects Apache Zeppelin: from 0.10.1 before 0.11.0. Users are recommended to upgrade to version 0.11.0, which fixes the issue. | |||||
| CVE-2024-31841 | 1 Italtel | 1 Embrace | 2026-06-17 | N/A | 7.5 HIGH |
| An issue was discovered in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated attackers to read arbitrary files on the filesystem. | |||||
| CVE-2024-31449 | 1 Redis | 1 Redis | 2026-06-17 | N/A | 7.0 HIGH |
| Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-31310 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In newServiceInfoLocked of AutofillManagerServiceImpl.java, there is a possible way to hide an enabled Autofill service app in the Autofill service settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2024-31309 | 3 Apache, Debian, Fedoraproject | 3 Traffic Server, Debian Linux, Fedora | 2026-06-17 | N/A | 7.5 HIGH |
| HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting (proxy.config.http2.max_continuation_frames_per_minute) to limit the number of CONTINUATION frames per minute. ATS does have a fixed amount of memory a request can use and ATS adheres to these limits in previous releases. Users are recommended to upgrade to versions 8.1.10 or 9.2.4 which fixes the issue. | |||||
| CVE-2024-31227 | 1 Redis | 1 Redis | 2026-06-17 | N/A | 4.4 MEDIUM |
| Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis 7 prior to versions 7.2.6 and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-31158 | 2026-06-17 | N/A | 7.5 HIGH | ||
| Improper input validation in UEFI firmware in some Intel(R) Server Board S2600BP Family may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-31154 | 2026-06-17 | N/A | 7.5 HIGH | ||
| Improper input validation in UEFI firmware for some Intel(R) Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-31153 | 1 Intel | 1 Quickassist Technology | 2026-06-17 | N/A | 5.0 MEDIUM |
| Improper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2024-30916 | 1 Eprosima | 1 Fast Dds | 2026-06-17 | N/A | 7.1 HIGH |
| An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in DurabilityService QoS component. | |||||
| CVE-2024-30258 | 1 Eprosima | 1 Fast Dds | 2026-06-17 | N/A | 8.2 HIGH |
| FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed `RTPS` packet, the subscriber crashes when creating `pthread`. This can remotely crash any Fast-DDS process, potentially leading to a DOS attack. Versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8 contain a patch for the issue. | |||||
| CVE-2024-30188 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | N/A | 8.1 HIGH |
| File read and write vulnerability in Apache DolphinScheduler , authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2. Users are recommended to upgrade to version 3.2.2, which fixes the issue. | |||||
