Total
4436 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-27895 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 7.5 HIGH |
| Vulnerability of permission control in the window module. Successful exploitation of this vulnerability may affect confidentiality. | |||||
| CVE-2024-27891 | 2026-06-17 | N/A | 5.3 MEDIUM | ||
| On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoing packets to incorrectly be allowed or denied. | |||||
| CVE-2024-27855 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-06-17 | N/A | 8.8 HIGH |
| The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. A shortcut may be able to use sensitive data with certain actions without prompting the user. | |||||
| CVE-2024-27841 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An app may be able to disclose kernel memory. | |||||
| CVE-2024-27819 | 1 Apple | 2 Ipados, Iphone Os | 2026-06-17 | N/A | 2.4 LOW |
| The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to access contacts from the lock screen. | |||||
| CVE-2024-27803 | 1 Apple | 2 Ipados, Iphone Os | 2026-06-17 | N/A | 2.4 LOW |
| A permissions issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to share items from the lock screen. | |||||
| CVE-2024-27792 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data. | |||||
| CVE-2024-27790 | 1 Claris | 1 Filemaker Server | 2026-06-17 | N/A | 7.5 HIGH |
| Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests. | |||||
| CVE-2024-27605 | 1 Alldata | 1 Alldata | 2026-06-17 | N/A | 7.5 HIGH |
| Alldata V0.4.6 is vulnerable to Insecure Permissions. Using users (test) can query information about the users in the system. | |||||
| CVE-2024-27602 | 1 Alldata | 1 Alldata | 2026-06-17 | N/A | 9.1 CRITICAL |
| Alldata V0.4.6 is vulnerable to Incorrect Access Control. A total of many modules interface documents have been leaked.For example, the /api/system/v2/api-docs module. | |||||
| CVE-2024-27497 | 1 Linksys | 2 E2000, E2000 Firmware | 2026-06-17 | N/A | 8.8 HIGH |
| Linksys E2000 Ver.1.0.06 build 1 is vulnerable to authentication bypass via the position.js file. | |||||
| CVE-2024-27348 | 1 Apache | 1 Hugegraph | 2026-06-17 | N/A | 9.8 CRITICAL |
| RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue. | |||||
| CVE-2024-27264 | 1 Ibm | 1 I | 2026-06-17 | N/A | 7.4 HIGH |
| IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 284563. | |||||
| CVE-2024-27200 | 2026-06-17 | N/A | 4.4 MEDIUM | ||
| Improper access control in some Intel(R) Granulate(TM) software before version 4.30.1 may allow a authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-27187 | 1 Joomla | 1 Joomla\! | 2026-06-17 | N/A | 7.5 HIGH |
| Improper Access Controls allows backend users to overwrite their username when disallowed. | |||||
| CVE-2024-26310 | 1 Archerirm | 1 Archer | 2026-06-17 | N/A | 4.3 MEDIUM |
| Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnerability. A remote authenticated malicious user could potentially exploit this to gain access to API information that should only be accessible with extra privileges. | |||||
| CVE-2024-26234 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| Proxy Driver Spoofing Vulnerability | |||||
| CVE-2024-26203 | 1 Microsoft | 1 Azure Data Studio | 2026-06-17 | N/A | 7.3 HIGH |
| Azure Data Studio Elevation of Privilege Vulnerability | |||||
| CVE-2024-26201 | 1 Microsoft | 1 Intune Company Portal | 2026-06-17 | N/A | 6.6 MEDIUM |
| Microsoft Intune Linux Agent Elevation of Privilege Vulnerability | |||||
| CVE-2024-26139 | 1 Citeum | 1 Opencti | 2026-06-17 | N/A | 8.3 HIGH |
| OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionality, an authenticated attacker with low privileges can gain administrative privileges on the web application. | |||||
