Total
32233 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22680 | 1 Synology | 1 Diskstation Manager | 2025-01-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2018-7170 | 4 Hpe, Netapp, Ntp and 1 more | 10 Hpux-ntp, Hci, Solidfire and 7 more | 2025-01-14 | 3.5 LOW | 5.3 MEDIUM |
| ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549. | |||||
| CVE-2023-31873 | 1 Gin Project | 1 Gin | 2025-01-14 | N/A | 7.8 HIGH |
| Gin 0.7.4 allows execution of arbitrary code when a crafted file is opened, e.g., via require('child_process'). | |||||
| CVE-2023-30350 | 1 Fs | 2 S3900 24t4s, S3900 24t4s Firmware | 2025-01-14 | N/A | 8.8 HIGH |
| FS S3900-24T4S devices allow authenticated attackers with guest access to escalate their privileges and reset the admin password. | |||||
| CVE-2020-9236 | 1 Huawei | 1 Fusioncompute | 2025-01-14 | N/A | 8.8 HIGH |
| There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability to perform malicious operatation to compromise module service. (Vulnerability ID: HWPSIRT-2020-05010) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9236. | |||||
| CVE-2024-54100 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-14 | N/A | 6.2 MEDIUM |
| Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | |||||
| CVE-2023-28153 | 1 Kiddoware | 1 Kiddoware | 2025-01-14 | N/A | 6.4 MEDIUM |
| An issue was discovered in the Kiddoware Kids Place Parental Control application before 3.8.50 for Android. The child can remove all restrictions temporarily without the parents noticing by rebooting into Android Safe Mode and disabling the "Display over other apps" permission. | |||||
| CVE-2023-24604 | 1 Open-xchange | 1 Ox App Suite | 2025-01-14 | N/A | 4.3 MEDIUM |
| OX App Suite before backend 7.10.6-rev37 does not check HTTP header lengths when downloading, e.g., potentially allowing a crafted iCal feed to provide an unlimited amount of header data. | |||||
| CVE-2023-24603 | 1 Open-xchange | 1 Ox App Suite | 2025-01-14 | N/A | 6.5 MEDIUM |
| OX App Suite before backend 7.10.6-rev37 does not check size limits when downloading, e.g., potentially allowing a crafted iCal feed to provide an unlimited amount of data. | |||||
| CVE-2021-37845 | 1 Citadel | 1 Webcit | 2025-01-14 | N/A | 3.7 LOW |
| An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a violation of "The STARTTLS command is only valid in non-authenticated state." in RFC2595). This potentially allows an attacker to cause a victim's e-mail messages to be stored into an attacker's IMAP mailbox, but depends on details of the victim's client behavior. | |||||
| CVE-2019-19791 | 1 Lemonldap-ng | 1 Lemonldap\ | 2025-01-14 | N/A | 9.8 CRITICAL |
| In LemonLDAP::NG (aka lemonldap-ng) before 2.0.7, the default Apache HTTP Server configuration does not properly restrict access to SOAP/REST endpoints (when some LemonLDAP::NG setup options are used). For example, an attacker can insert index.fcgi/index.fcgi into a URL to bypass a Require directive. | |||||
| CVE-2024-54119 | 1 Huawei | 1 Harmonyos | 2025-01-14 | N/A | 6.2 MEDIUM |
| Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2020-9082 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2025-01-14 | N/A | 3.5 LOW |
| There is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the attacker should gain the permit to execute commands in ADB mode and then do a series of operation on the phone. Successful exploit could allow the attacker to gain certain information from certain apps locked by Applock. (Vulnerability ID: HWPSIRT-2019-07112) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9082. | |||||
| CVE-2024-49111 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-14 | N/A | 6.6 MEDIUM |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | |||||
| CVE-2024-49110 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-14 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-49112 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-14 | N/A | 9.8 CRITICAL |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||
| CVE-2024-49113 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-14 | N/A | 7.5 HIGH |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | |||||
| CVE-2024-49114 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-14 | N/A | 7.8 HIGH |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-49117 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2025-01-14 | N/A | 8.8 HIGH |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||
| CVE-2024-49121 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-14 | N/A | 7.5 HIGH |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | |||||