Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35714 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-35271 1 Microsoft 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more 2026-06-17 N/A 8.8 HIGH
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-35270 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2026-06-17 N/A 5.3 MEDIUM
Windows iSCSI Service Denial of Service Vulnerability
CVE-2024-35267 1 Microsoft 1 Azure Devops Server 2026-06-17 N/A 7.6 HIGH
Azure DevOps Server Spoofing Vulnerability
CVE-2024-35266 1 Microsoft 1 Azure Devops Server 2026-06-17 N/A 7.6 HIGH
Azure DevOps Server Spoofing Vulnerability
CVE-2024-35264 1 Microsoft 2 .net, Visual Studio 2022 2026-06-17 N/A 8.1 HIGH
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-35263 1 Microsoft 1 Dynamics 365 2026-06-17 N/A 5.7 MEDIUM
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2024-35261 1 Microsoft 1 Azure Network Watcher Agent 2026-06-17 N/A 7.8 HIGH
Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
CVE-2024-35256 1 Microsoft 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more 2026-06-17 N/A 8.8 HIGH
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-35230 1 Osgeo 1 Geoserver 2026-06-17 N/A 5.3 MEDIUM
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. In affected versions the welcome and about page includes version and revision information about the software in use (including library and components used). This information is sensitive from a security point of view because it allows software used by the server to be easily identified. This issue has been patched in version 2.26.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-35212 1 Siemens 1 Sinec Traffic Analyzer 2026-06-17 N/A 6.2 MEDIUM
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application lacks input validation due to which an attacker can gain access to the Database entries.
CVE-2024-35178 2 Jupyter, Microsoft 2 Jupyter Server, Windows 2026-06-17 N/A 7.5 HIGH
The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows machine hosting the Jupyter server, or access other network-accessible machines or 3rd party services using that credential. Or an attacker perform an NTLM relay attack without cracking the credential to gain access to other network-accessible machines. This vulnerability is fixed in 2.14.1.
CVE-2024-35171 1 Kodezen 1 Academy Lms 2026-06-17 N/A 5.3 MEDIUM
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.25.
CVE-2024-35166 1 Ninjateam 1 Filebird 2026-06-17 N/A 5.3 MEDIUM
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a through 5.6.3.
CVE-2024-35164 1 Apache 1 Guacamole 2026-06-17 N/A 6.8 MEDIUM
The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted sequence of console codes could allow arbitrary code to be executed with the privileges of the running guacd process. Users are recommended to upgrade to version 1.6.0, which fixes this issue.
CVE-2024-35136 1 Ibm 1 Db2 2026-06-17 N/A 5.3 MEDIUM
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default conditions. IBM X-Force ID: 291307.
CVE-2024-35122 1 Ibm 1 I 2026-06-17 N/A 2.8 LOW
IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to a file level local denial of service caused by an insufficient authority requirement. A local non-privileged user can configure a referential constraint with the privileges of a user socially engineered to access the target file.
CVE-2024-34742 1 Google 1 Android 2026-06-17 N/A 5.5 MEDIUM
In shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from being persisted due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-34741 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-34739 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-34738 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to read their own restrictRead app-op states due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.