Total
35703 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31004 | 1 Axiosys | 1 Bento4 | 2026-06-17 | N/A | 9.8 CRITICAL |
| An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4StsdAtom.cpp,AP4_StsdAtom::AP4_StsdAtom,mp4fragment. | |||||
| CVE-2024-30961 | 1 Openrobotics | 1 Robot Operating System | 2026-06-17 | N/A | 7.8 HIGH |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2_bt_navigator. | |||||
| CVE-2024-30916 | 1 Eprosima | 1 Fast Dds | 2026-06-17 | N/A | 7.1 HIGH |
| An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in DurabilityService QoS component. | |||||
| CVE-2024-30656 | 1 Fireboltt | 2 Dream, Dream Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| An issue in Fireboltt Dream Wristphone BSW202_FB_AAC_v2.0_20240110-20240110-1956 allows attackers to cause a Denial of Service (DoS) via a crafted deauth frame. | |||||
| CVE-2024-30619 | 1 Chamilo | 1 Chamilo Lms | 2026-06-17 | N/A | 7.5 HIGH |
| Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker can request the number of messages and the number of online users via "/main/inc/ajax/message.ajax.php?a=get_count_message" AND "/main/inc/ajax/online.ajax.php?a=get_users_online." | |||||
| CVE-2024-30542 | 1 Wpxpo | 1 Wholesalex | 2026-06-17 | N/A | 9.8 CRITICAL |
| Improper Privilege Management vulnerability in Wholesale WholesaleX allows Privilege Escalation.This issue affects WholesaleX: from n/a through 1.3.2. | |||||
| CVE-2024-30481 | 1 Jch Optimize Project | 1 Jch Optimize | 2026-06-17 | N/A | 6.5 MEDIUM |
| Broken Access Control vulnerability in Samuel Marshall JCH Optimize.This issue affects JCH Optimize: from n/a through 4.0.0. | |||||
| CVE-2024-30473 | 1 Dell | 1 Elastic Cloud Storage | 2026-06-17 | N/A | 4.9 MEDIUM |
| Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. A remote high privileged attacker could potentially exploit this vulnerability, gaining access to unauthorized end points. | |||||
| CVE-2024-30472 | 2 Dell, Microsoft | 2 Thinos, Telemetry Dashboard | 2026-06-17 | N/A | 7.5 HIGH |
| Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability leading to information disclosure. | |||||
| CVE-2024-30413 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-17 | N/A | 7.5 HIGH |
| Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2024-30269 | 1 Dataease | 1 Dataease | 2026-06-17 | N/A | 5.3 MEDIUM |
| DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the `/de2api/engine/getEngine;.js` path via a browser reveals that the platform's database configuration is returned. The vulnerability has been fixed in v2.5.0. No known workarounds are available aside from upgrading. | |||||
| CVE-2024-30261 | 2 Fedoraproject, Nodejs | 2 Fedora, Undici | 2026-06-17 | N/A | 2.6 LOW |
| Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1. | |||||
| CVE-2024-30258 | 1 Eprosima | 1 Fast Dds | 2026-06-17 | N/A | 8.2 HIGH |
| FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed `RTPS` packet, the subscriber crashes when creating `pthread`. This can remotely crash any Fast-DDS process, potentially leading to a DOS attack. Versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8 contain a patch for the issue. | |||||
| CVE-2024-30233 | 1 Wpxpo | 1 Wholesalex | 2026-06-17 | N/A | 6.5 MEDIUM |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.1. | |||||
| CVE-2024-30203 | 2 Debian, Gnu | 3 Debian Linux, Emacs, Org Mode | 2026-06-17 | N/A | 5.5 MEDIUM |
| In Emacs before 29.3, Gnus treats inline MIME contents as trusted. | |||||
| CVE-2024-30188 | 1 Apache | 1 Dolphinscheduler | 2026-06-17 | N/A | 8.1 HIGH |
| File read and write vulnerability in Apache DolphinScheduler , authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2. Users are recommended to upgrade to version 3.2.2, which fixes the issue. | |||||
| CVE-2024-30170 | 1 Ssh | 1 Privx | 2026-06-17 | N/A | 9.1 CRITICAL |
| PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in minor versions 33.1, 32.3, 31.3, and later, and in major version 34.0 and later, | |||||
| CVE-2024-30146 | 1 Hcltech | 1 Domino Leap | 2026-06-17 | N/A | 4.1 MEDIUM |
| Improper access control of endpoint in HCL Domino Leap allows certain admin users to import applications from the server's filesystem. | |||||
| CVE-2024-30135 | 1 Hcltech | 1 Dryice Aex | 2026-06-17 | N/A | 3.3 LOW |
| HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken. | |||||
| CVE-2024-30122 | 1 Hcltech | 1 Sametime | 2026-06-17 | N/A | 5.8 MEDIUM |
| HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that some HTTP headers were missing on web service responses. This will lead to less secure browser default treatment for the policies controlled by these headers. | |||||