Total
35714 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-35271 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2026-06-17 | N/A | 8.8 HIGH |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | |||||
| CVE-2024-35270 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 5.3 MEDIUM |
| Windows iSCSI Service Denial of Service Vulnerability | |||||
| CVE-2024-35267 | 1 Microsoft | 1 Azure Devops Server | 2026-06-17 | N/A | 7.6 HIGH |
| Azure DevOps Server Spoofing Vulnerability | |||||
| CVE-2024-35266 | 1 Microsoft | 1 Azure Devops Server | 2026-06-17 | N/A | 7.6 HIGH |
| Azure DevOps Server Spoofing Vulnerability | |||||
| CVE-2024-35264 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2026-06-17 | N/A | 8.1 HIGH |
| .NET and Visual Studio Remote Code Execution Vulnerability | |||||
| CVE-2024-35263 | 1 Microsoft | 1 Dynamics 365 | 2026-06-17 | N/A | 5.7 MEDIUM |
| Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | |||||
| CVE-2024-35261 | 1 Microsoft | 1 Azure Network Watcher Agent | 2026-06-17 | N/A | 7.8 HIGH |
| Azure Network Watcher VM Extension Elevation of Privilege Vulnerability | |||||
| CVE-2024-35256 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2026-06-17 | N/A | 8.8 HIGH |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | |||||
| CVE-2024-35230 | 1 Osgeo | 1 Geoserver | 2026-06-17 | N/A | 5.3 MEDIUM |
| GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. In affected versions the welcome and about page includes version and revision information about the software in use (including library and components used). This information is sensitive from a security point of view because it allows software used by the server to be easily identified. This issue has been patched in version 2.26.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-35212 | 1 Siemens | 1 Sinec Traffic Analyzer | 2026-06-17 | N/A | 6.2 MEDIUM |
| A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application lacks input validation due to which an attacker can gain access to the Database entries. | |||||
| CVE-2024-35178 | 2 Jupyter, Microsoft | 2 Jupyter Server, Windows | 2026-06-17 | N/A | 7.5 HIGH |
| The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows machine hosting the Jupyter server, or access other network-accessible machines or 3rd party services using that credential. Or an attacker perform an NTLM relay attack without cracking the credential to gain access to other network-accessible machines. This vulnerability is fixed in 2.14.1. | |||||
| CVE-2024-35171 | 1 Kodezen | 1 Academy Lms | 2026-06-17 | N/A | 5.3 MEDIUM |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.25. | |||||
| CVE-2024-35166 | 1 Ninjateam | 1 Filebird | 2026-06-17 | N/A | 5.3 MEDIUM |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a through 5.6.3. | |||||
| CVE-2024-35164 | 1 Apache | 1 Guacamole | 2026-06-17 | N/A | 6.8 MEDIUM |
| The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted sequence of console codes could allow arbitrary code to be executed with the privileges of the running guacd process. Users are recommended to upgrade to version 1.6.0, which fixes this issue. | |||||
| CVE-2024-35136 | 1 Ibm | 1 Db2 | 2026-06-17 | N/A | 5.3 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default conditions. IBM X-Force ID: 291307. | |||||
| CVE-2024-35122 | 1 Ibm | 1 I | 2026-06-17 | N/A | 2.8 LOW |
| IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to a file level local denial of service caused by an insufficient authority requirement. A local non-privileged user can configure a referential constraint with the privileges of a user socially engineered to access the target file. | |||||
| CVE-2024-34742 | 1 Google | 1 Android | 2026-06-17 | N/A | 5.5 MEDIUM |
| In shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from being persisted due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-34741 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-34739 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2024-34738 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to read their own restrictRead app-op states due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
