Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35862 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-45642 2 Ibm, Linux 2 Security Qradar Edr, Linux Kernel 2026-06-17 N/A 5.3 MEDIUM
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2024-45626 1 Apache 1 James Server 2026-06-17 N/A 6.5 MEDIUM
Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service. Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue.
CVE-2024-45595 1 Man 1 D-tale 2026-06-17 N/A 6.1 MEDIUM
D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrade to version 3.14.1 where the "Custom Filter" input is turned off by default.
CVE-2024-45590 1 Openjsf 1 Body-parser 2026-06-17 N/A 7.5 HIGH
body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in 1.20.3.
CVE-2024-45537 1 Apache 1 Druid 2026-06-17 N/A 6.5 MEDIUM
Apache Druid allows users with certain permissions to read data from other database systems using JDBC. This functionality allows trusted users to set up Druid lookups or run ingestion tasks. Druid also allows administrators to configure a list of allowed properties that users are able to provide for their JDBC connections. By default, this allowed properties list restricts users to TLS-related properties only. However, when configuration a MySQL JDBC connection, users can use a particularly-crafted JDBC connection string to provide properties that are not on this allow list. Users without the permission to configure JDBC connections are not able to exploit this vulnerability. CVE-2021-26919 describes a similar vulnerability which was partially addressed in Apache Druid 0.20.2. This issue is fixed in Apache Druid 30.0.1.
CVE-2024-45519 1 Synacor 1 Zimbra Collaboration Suite 2026-06-17 N/A 10.0 CRITICAL
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.
CVE-2024-45506 1 Haproxy 1 Haproxy 2026-06-17 N/A 7.5 HIGH
HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as exploited in the wild in 2024.
CVE-2024-45475 1 Siemens 1 Tecnomatix Plant Simulation 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
CVE-2024-45474 1 Siemens 1 Tecnomatix Plant Simulation 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
CVE-2024-45473 1 Siemens 1 Tecnomatix Plant Simulation 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
CVE-2024-45472 1 Siemens 1 Tecnomatix Plant Simulation 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
CVE-2024-45468 1 Siemens 1 Tecnomatix Plant Simulation 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
CVE-2024-45467 1 Siemens 1 Tecnomatix Plant Simulation 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
CVE-2024-45450 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 4.0 MEDIUM
Permission control vulnerability in the software update module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45449 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 5.1 MEDIUM
Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45448 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 4.1 MEDIUM
Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45447 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 4.4 MEDIUM
Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45446 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 5.5 MEDIUM
Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-45444 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 5.5 MEDIUM
Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45442 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 5.1 MEDIUM
Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability.