Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35865 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-42064 1 Linux 1 Linux Kernel 2026-06-17 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip pipe if the pipe idx not set properly [why] Driver crashes when pipe idx not set properly [how] Add code to skip the pipe that idx not set properly
CVE-2024-42039 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 4.3 MEDIUM
Access control vulnerability in the SystemUI module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42038 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 8.8 HIGH
Vulnerability of PIN enhancement failures in the screen lock module Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
CVE-2024-42037 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 9.3 CRITICAL
Vulnerability of uncaught exceptions in the Graphics module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42036 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 2.5 LOW
Access permission verification vulnerability in the Notepad module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42035 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 8.4 HIGH
Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality.
CVE-2024-42034 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 6.6 MEDIUM
LaunchAnywhere vulnerability in the account module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42033 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 6.9 MEDIUM
Access control vulnerability in the security verification module mpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-42032 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 4.4 MEDIUM
Access permission verification vulnerability in the Contacts module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42031 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 7.5 HIGH
Access permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42030 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 6.2 MEDIUM
Access permission verification vulnerability in the content sharing pop-up module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42022 1 Veeam 1 One 2026-06-17 N/A 5.3 MEDIUM
An incorrect permission assignment vulnerability allows an attacker to modify product configuration files.
CVE-2024-42021 1 Veeam 1 One 2026-06-17 N/A 6.5 MEDIUM
An improper access control vulnerability allows an attacker with valid access tokens to access saved credentials.
CVE-2024-42006 1 Keyfactor 1 Aws Orchestrator 2026-06-17 N/A 7.5 HIGH
Keyfactor AWS Orchestrator through 2.0 allows Information Disclosure.
CVE-2024-42004 1 Microsoft 1 Teams 2026-06-17 N/A 7.1 HIGH
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
CVE-2024-41990 1 Djangoproject 1 Django 2026-06-17 N/A 7.5 HIGH
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
CVE-2024-41989 1 Djangoproject 1 Django 2026-06-17 N/A 7.5 HIGH
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.
CVE-2024-41976 1 Siemens 52 Ruggedcom Rm1224 Lte\(4g\) Eu, Ruggedcom Rm1224 Lte\(4g\) Eu Firmware, Ruggedcom Rm1224 Lte\(4g\) Nam and 49 more 2026-06-17 N/A 7.2 HIGH
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device.
CVE-2024-41958 1 Mailcow 1 Mailcow\ 2026-06-17 N/A 6.6 MEDIUM
mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated attacker to bypass the 2FA protection, enabling unauthorized access to other accounts that are otherwise secured with 2FA. To exploit this vulnerability, the attacker must first have access to an account within the system and possess the credentials of the target account that has 2FA enabled. By leveraging these credentials, the attacker can circumvent the 2FA process and gain access to the protected account. This issue has been addressed in the `2024-07` release. All users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-41949 1 Biscuitsec 1 Biscuit-auth 2026-06-17 N/A 3.0 LOW
biscuit-rust is the Rust implementation of Biscuit, an authentication and authorization token for microservices architectures. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the necessary info to generate a third-party block and to sign it, which includes the public key of the previous block (used in the signature) and the public keys part of the token symbol table (for public key interning in datalog expressions). A third-part block request forged by a malicious user can trick the third-party authority into generating datalog trusting the wrong keypair.