Total
4404 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45208 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. Active and Standby Directors communicate over TCP ports 4566 and 4570 to exchange High Availability (HA) information using a shared password. Affected versions of Versa Director bound to these ports on all interfaces. An attacker that can access the Versa Director could access the NCS service on port 4566 and exploit it to perform unauthorized administrative actions and perform remote code execution. Customers are recommended to follow the hardening guide. Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers. | |||||
| CVE-2024-45170 | 1 C-mor | 1 C-mor Video Surveillance | 2026-06-17 | N/A | 8.1 HIGH |
| An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper or missing access control, low privileged users can use administrative functions of the C-MOR web interface. It was found out that different functions are only available to administrative users. However, access those functions is restricted via the web application user interface and not checked on the server side. Thus, by sending corresponding HTTP requests to the web server of the C-MOR web interface, low privileged users can also use administrative functionality, for instance downloading backup files or changing configuration settings. | |||||
| CVE-2024-45149 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-06-17 | N/A | 2.7 LOW |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction. | |||||
| CVE-2024-45135 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-06-17 | N/A | 2.7 LOW |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. | |||||
| CVE-2024-45133 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-06-17 | N/A | 2.7 LOW |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction. | |||||
| CVE-2024-45130 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-06-17 | N/A | 4.3 MEDIUM |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. | |||||
| CVE-2024-45129 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-06-17 | N/A | 4.3 MEDIUM |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. | |||||
| CVE-2024-45124 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-06-17 | N/A | 5.3 MEDIUM |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. | |||||
| CVE-2024-45122 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-06-17 | N/A | 4.3 MEDIUM |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction. | |||||
| CVE-2024-45121 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-06-17 | N/A | 4.3 MEDIUM |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. | |||||
| CVE-2024-45118 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-06-17 | N/A | 6.5 MEDIUM |
| Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction. | |||||
| CVE-2024-44915 | 1 Irfanview | 1 Exr | 2026-06-17 | N/A | 5.5 MEDIUM |
| An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2024-44914 | 1 Irfanview | 1 Exr | 2026-06-17 | N/A | 5.5 MEDIUM |
| An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2024-44913 | 1 Irfanview | 1 Exr | 2026-06-17 | N/A | 5.5 MEDIUM |
| An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2024-44860 | 1 Solvait | 1 Solvait | 2026-06-17 | N/A | 7.5 HIGH |
| An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request. | |||||
| CVE-2024-44571 | 1 Relyum | 2 Rely-pcie, Rely-pcie Firmware | 2026-06-17 | N/A | 8.8 HIGH |
| RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php. | |||||
| CVE-2024-44313 | 1 Tastyigniter | 1 Tastyigniter | 2026-06-17 | N/A | 8.1 HIGH |
| TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks. | |||||
| CVE-2024-44303 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 7.5 HIGH |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1. A malicious application may be able to modify protected parts of the file system. | |||||
| CVE-2024-44271 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 3.3 LOW |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator. | |||||
| CVE-2024-44219 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 7.5 HIGH |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious application with root privileges may be able to access private information. | |||||
