Total
2606 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23253 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 3.3 LOW |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to access a user's Photos Library. | |||||
| CVE-2024-22922 | 1 Projectworlds | 1 Visitor Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php | |||||
| CVE-2024-22893 | 1 Openslides | 1 Openslides | 2026-06-17 | N/A | 7.5 HIGH |
| OpenSlides 4.0.15 verifies passwords by comparing password hashes using a function with content-dependent runtime. This can allow attackers to obtain information about the password hash using a timing attack. | |||||
| CVE-2024-22795 | 1 Forescout | 1 Secureconnector | 2026-06-17 | N/A | 7.0 HIGH |
| Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component. | |||||
| CVE-2024-22774 | 2026-06-17 | N/A | 7.8 HIGH | ||
| An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component. | |||||
| CVE-2024-22752 | 2026-06-17 | N/A | 8.1 HIGH | ||
| Insecure permissions issue in EaseUS MobiMover 6.0.5 Build 21620 allows attackers to gain escalated privileges via use of crafted executable launched from the application installation directory. | |||||
| CVE-2024-22278 | 1 Linuxfoundation | 1 Harbor | 2026-06-17 | N/A | 6.4 MEDIUM |
| Incorrect user permission validation in Harbor <v2.9.5 and Harbor <v2.10.3 allows authenticated users to modify configurations. | |||||
| CVE-2024-22264 | 2026-06-17 | N/A | 7.2 HIGH | ||
| VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with admin privileges on VMware Avi Load Balancer can create, modify, execute and delete files as a root user on the host system. | |||||
| CVE-2024-22239 | 1 Vmware | 1 Aria Operations For Networks | 2026-06-17 | N/A | 5.3 MEDIUM |
| Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access. | |||||
| CVE-2024-22237 | 1 Vmware | 1 Aria Operations For Networks | 2026-06-17 | N/A | 7.8 HIGH |
| Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system. | |||||
| CVE-2024-22235 | 1 Vmware | 2 Aria Operations, Cloud Foundation | 2026-06-17 | N/A | 6.7 MEDIUM |
| VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. | |||||
| CVE-2024-22157 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation.This issue affects SalesKing: from n/a through 1.6.15. | |||||
| CVE-2024-22145 | 1 Instawp | 1 Instawp Connect | 2026-06-17 | N/A | 8.8 HIGH |
| Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8. | |||||
| CVE-2024-22106 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2026-06-17 | N/A | 7.8 HIGH |
| Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS). | |||||
| CVE-2024-22069 | 1 Zte | 4 Zxv10 Et301, Zxv10 Et301 Firmware, Zxv10 Xt802 and 1 more | 2026-06-17 | N/A | 7.1 HIGH |
| There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords. | |||||
| CVE-2024-22068 | 1 Zte | 8 Zxr10 160, Zxr10 160 Firmware, Zxr10 1800-2s and 5 more | 2026-06-17 | N/A | 6.0 MEDIUM |
| Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier. | |||||
| CVE-2024-22036 | 2026-06-17 | N/A | 9.1 CRITICAL | ||
| A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher container itself. For the test and development environments, based on a –privileged Docker container, it is possible to escape the Docker container and gain execution access on the host system. This issue affects rancher: from 2.7.0 before 2.7.16, from 2.8.0 before 2.8.9, from 2.9.0 before 2.9.3. | |||||
| CVE-2024-22008 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In config_gov_time_windows of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-21989 | 1 Netapp | 1 Ontap Select Deploy Administration Utility | 2026-06-17 | N/A | 8.1 HIGH |
| ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges. | |||||
| CVE-2024-21966 | 2026-06-17 | N/A | 7.3 HIGH | ||
| A DLL hijacking vulnerability in the AMD Ryzen™ Master Utility could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | |||||