Total
29907 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23360 | 1 Qualcomm | 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more | 2026-06-17 | N/A | 8.4 HIGH |
| Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers. | |||||
| CVE-2024-23351 | 1 Qualcomm | 188 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 185 more | 2026-06-17 | N/A | 8.4 HIGH |
| Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions. | |||||
| CVE-2024-23136 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2026-06-17 | N/A | 7.8 HIGH |
| A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. | |||||
| CVE-2024-23055 | 1 Plone | 1 Plone Docker Official Image | 2026-06-17 | N/A | 6.1 MEDIUM |
| An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers. | |||||
| CVE-2024-22902 | 1 Vinchin | 1 Vinchin Backup And Recovery | 2026-06-17 | N/A | 9.8 CRITICAL |
| Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials. | |||||
| CVE-2024-22901 | 1 Vinchin | 1 Vinchin Backup And Recovery | 2026-06-17 | N/A | 9.8 CRITICAL |
| Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials. | |||||
| CVE-2024-22727 | 1 Teltonika | 10 Trb140, Trb140 Firmware, Trb141 and 7 more | 2026-06-17 | N/A | 8.3 HIGH |
| Teltonika TRB1-series devices with firmware before TRB1_R_00.07.05.2 allow attackers to exploit a firmware vulnerability via Ethernet LAN or USB. | |||||
| CVE-2024-22452 | 1 Dell | 1 Display And Peripheral Manager | 2026-06-17 | N/A | 7.3 HIGH |
| Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the installation folder to execute arbitrary code, leading to privilege escalation. | |||||
| CVE-2024-22388 | 1 Hidglobal | 16 Iclass Se Cp1000 Encoder, Iclass Se Cp1000 Encoder Firmware, Iclass Se Processors and 13 more | 2026-06-17 | N/A | 5.9 MEDIUM |
| Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys. | |||||
| CVE-2024-22362 | 1 Drupal | 1 Drupal | 2026-06-17 | N/A | 7.5 HIGH |
| Drupal contains a vulnerability with improper handling of structural elements. If this vulnerability is exploited, an attacker may be able to cause a denial-of-service (DoS) condition. | |||||
| CVE-2024-22343 | 1 Ibm | 1 Txseries For Multiplatform | 2026-06-17 | N/A | 4.0 MEDIUM |
| IBM TXSeries for Multiplatforms 8.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 280190. | |||||
| CVE-2024-22341 | 1 Ibm | 1 Watson Query With Cloud Pak For Data | 2026-06-17 | N/A | 5.3 MEDIUM |
| IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management. | |||||
| CVE-2024-22278 | 1 Linuxfoundation | 1 Harbor | 2026-06-17 | N/A | 6.4 MEDIUM |
| Incorrect user permission validation in Harbor <v2.9.5 and Harbor <v2.10.3 allows authenticated users to modify configurations. | |||||
| CVE-2024-22187 | 1 Automationdirect | 12 P1-540, P1-540 Firmware, P1-550 and 9 more | 2026-06-17 | N/A | 9.1 CRITICAL |
| A write-what-where vulnerability exists in the Programming Software Connection Remote Memory Diagnostics functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to an arbitrary write. An attacker can send an unauthenticated packet to trigger this vulnerability. | |||||
| CVE-2024-22178 | 1 Openautomationsoftware | 1 Open Automation Software | 2026-06-17 | N/A | 4.9 MEDIUM |
| A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2024-22045 | 1 Siemens | 1 Sinema Remote Connect Client | 2026-06-17 | N/A | 7.6 HIGH |
| A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1). The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product. | |||||
| CVE-2024-21983 | 1 Netapp | 1 Storagegrid | 2026-06-17 | N/A | 6.5 MEDIUM |
| StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to an out of memory condition or node reboot. | |||||
| CVE-2024-21890 | 1 Nodejs | 1 Node.js | 2026-06-17 | N/A | 6.5 MEDIUM |
| The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | |||||
| CVE-2024-21870 | 1 Openautomationsoftware | 1 Open Automation Software | 2026-06-17 | N/A | 4.9 MEDIUM |
| A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2024-21849 | 1 F5 | 2 Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager | 2026-06-17 | N/A | 7.5 HIGH |
| When an Advanced WAF/ASM security policy and a Websockets profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||