Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35865 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-48997 1 Microsoft 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 2026-06-17 N/A 8.8 HIGH
SQL Server Native Client Remote Code Execution Vulnerability
CVE-2024-48996 1 Microsoft 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 2026-06-17 N/A 8.8 HIGH
SQL Server Native Client Remote Code Execution Vulnerability
CVE-2024-48995 1 Microsoft 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 2026-06-17 N/A 8.8 HIGH
SQL Server Native Client Remote Code Execution Vulnerability
CVE-2024-48994 1 Microsoft 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 2026-06-17 N/A 8.8 HIGH
SQL Server Native Client Remote Code Execution Vulnerability
CVE-2024-48993 1 Microsoft 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 2026-06-17 N/A 8.8 HIGH
SQL Server Native Client Remote Code Execution Vulnerability
CVE-2024-48942 1 Syracom 1 Secure Login 2026-06-17 N/A 5.9 MEDIUM
The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint. The last 30 and the next 30 tokens are valid.
CVE-2024-48941 1 Syracom 1 Secure Login 2026-06-17 N/A 5.4 MEDIUM
The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted.
CVE-2024-48912 1 Glpi-project 1 Glpi 2026-06-17 N/A 8.1 HIGH
GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.17, an authenticated user can use an application endpoint to delete any user account. Version 10.0.17 contains a patch for this issue.
CVE-2024-48900 1 Moodle 1 Moodle 2026-06-17 N/A 4.3 MEDIUM
A vulnerability was found in Moodle. Additional checks are required to ensure users with permission to view badge recipients can only access lists of those they are intended to have access to.
CVE-2024-48837 1 Dell 1 Smartfabric Os10 2026-06-17 N/A 7.8 HIGH
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution
CVE-2024-48828 1 Dell 1 Smartfabric Os10 2026-06-17 N/A 5.5 MEDIUM
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2024-48783 1 Ruijie 2 Nbr3000d-e, Nbr3000d-e Firmware 2026-06-17 N/A 7.5 HIGH
An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information via the /tool/shell/postgresql.conf component.
CVE-2024-48270 1 Misstt123 1 Oasys 2026-06-17 N/A 7.5 HIGH
An issue in the component /logins of oasys v1.1 allows attackers to access sensitive information via a burst attack.
CVE-2024-48227 1 Funadmin 1 Funadmin 2026-06-17 N/A 4.9 MEDIUM
Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service (DOS).
CVE-2024-48225 1 Funadmin 1 Funadmin 2026-06-17 N/A 6.5 MEDIUM
Funadmin v5.0.2 has an arbitrary file deletion vulnerability in /curd/index/delfile.
CVE-2024-48196 1 Eyoucms 1 Eyoucms 2026-06-17 N/A 7.5 HIGH
An issue in eyouCMS v.1.6.7 allows a remote attacker to obtain sensitive information via a crafted script to the post parameter.
CVE-2024-48011 1 Dell 1 Data Domain Operating System 2026-06-17 N/A 3.1 LOW
Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2024-48010 1 Dell 1 Data Domain Operating System 2026-06-17 N/A 6.5 MEDIUM
Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application.
CVE-2024-47984 1 Dell 1 Recoverpoint For Virtual Machines 2026-06-17 N/A 4.4 MEDIUM
Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability. A User with Remote access could potentially exploit this vulnerability, leading to the disruption of most functionalities of the RPA persistent after reboot, resulting in need of technical support intervention in getting system back to stable state.
CVE-2024-47978 1 Dell 1 Nativeedge Orchestrator 2026-06-17 N/A 7.8 HIGH
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.