Total
32192 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-20834 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 3.3 LOW |
| The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission. | |||||
| CVE-2024-20875 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 4.0 MEDIUM |
| Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files. | |||||
| CVE-2024-20876 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 6.1 MEDIUM |
| Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption. | |||||
| CVE-2024-20874 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 7.9 HIGH |
| Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2024-20866 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 5.7 MEDIUM |
| Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step. | |||||
| CVE-2024-20865 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 6.6 MEDIUM |
| Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical attackers to flash arbitrary images. | |||||
| CVE-2024-20859 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without privilege. | |||||
| CVE-2023-28368 | 1 Tp-link | 2 T2600g-28sq, T2600g-28sq Firmware | 2025-02-10 | N/A | 5.7 MEDIUM |
| TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQ(UN)_V1_1.0.6 Build 20230227' uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential information for the affected device may be obtained. | |||||
| CVE-2023-1787 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 4.3 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description. | |||||
| CVE-2023-1733 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 5.8 MEDIUM |
| A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1. | |||||
| CVE-2023-1710 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 5.3 MEDIUM |
| A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue. | |||||
| CVE-2023-1098 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 5.8 MEDIUM |
| An information disclosure vulnerability has been discovered in GitLab EE/CE affecting all versions starting from 11.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 will allow an admin to leak password from repository mirror configuration. | |||||
| CVE-2023-0838 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 5.5 MEDIUM |
| An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplete fix for CVE-2022-4342. | |||||
| CVE-2024-20857 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in startListening of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application. | |||||
| CVE-2024-20858 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application. | |||||
| CVE-2024-21989 | 1 Netapp | 1 Ontap Select Deploy Administration Utility | 2025-02-10 | N/A | 8.1 HIGH |
| ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges. | |||||
| CVE-2023-1980 | 1 Devolutions | 1 Remote Desktop Manager | 2025-02-10 | N/A | 6.5 MEDIUM |
| Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries. | |||||
| CVE-2023-42824 | 1 Apple | 2 Ipados, Iphone Os | 2025-02-10 | N/A | 7.8 HIGH |
| The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6. | |||||
| CVE-2023-41990 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-02-10 | N/A | 7.8 HIGH |
| The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. | |||||
| CVE-2024-38370 | 1 Glpi-project | 1 Glpi | 2025-02-10 | N/A | 5.3 MEDIUM |
| GLPI is a free asset and IT management software package. Starting in 9.2.0 and prior to 11.0.0, it is possible to download a document from the API without appropriate rights. Upgrade to 10.0.16. | |||||