Total
79788 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-24258 | 1 Artifex | 1 Mupdf | 2025-06-05 | N/A | 7.5 HIGH |
freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function. | |||||
CVE-2022-39151 | 1 Siemens | 2 Parasolid, Simcenter Femap | 2025-06-05 | N/A | 7.8 HIGH |
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17736) | |||||
CVE-2022-34699 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-06-05 | N/A | 7.8 HIGH |
Windows Win32k Elevation of Privilege Vulnerability | |||||
CVE-2022-34696 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2025-06-05 | N/A | 7.8 HIGH |
Windows Hyper-V Remote Code Execution Vulnerability | |||||
CVE-2022-34691 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-06-05 | N/A | 8.8 HIGH |
Active Directory Domain Services Elevation of Privilege Vulnerability | |||||
CVE-2022-33646 | 1 Microsoft | 1 Azure Batch | 2025-06-05 | N/A | 7.0 HIGH |
Azure Batch Node Agent Elevation of Privilege Vulnerability | |||||
CVE-2022-33640 | 1 Microsoft | 2 Open Management Infrastructure, System Center Operations Manager | 2025-06-05 | N/A | 7.8 HIGH |
System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | |||||
CVE-2022-33631 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2025-06-05 | N/A | 7.3 HIGH |
Microsoft Excel Security Feature Bypass Vulnerability | |||||
CVE-2022-32555 | 1 Unisys | 1 Data Exchange Management Studio | 2025-06-05 | N/A | 8.8 HIGH |
Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request forgery attack could occur. | |||||
CVE-2022-2989 | 2 Podman Project, Redhat | 3 Podman, Enterprise Linux, Openshift Container Platform | 2025-06-05 | N/A | 7.1 HIGH |
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. | |||||
CVE-2022-20392 | 1 Google | 1 Android | 2025-06-05 | N/A | 7.8 HIGH |
In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or upgrade with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-213323615 | |||||
CVE-2024-22919 | 1 Swftools | 1 Swftools | 2025-06-05 | N/A | 7.8 HIGH |
swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587. | |||||
CVE-2024-22851 | 1 Liveconfig | 1 Liveconfig | 2025-06-05 | N/A | 7.5 HIGH |
Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint. | |||||
CVE-2024-22817 | 1 Flycms Project | 1 Flycms | 2025-06-05 | N/A | 8.8 HIGH |
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagte | |||||
CVE-2024-22773 | 1 Intelbras | 2 Action Rf 1200, Action Rf 1200 Firmware | 2025-06-05 | N/A | 8.1 HIGH |
Intelbras Action RF 1200 routers 1.2.2 and earlier and Action RG 1200 routers 2.1.7 and earlier expose the Password in Cookie resulting in Login Bypass. | |||||
CVE-2024-22911 | 1 Swftools | 1 Swftools | 2025-06-05 | N/A | 7.8 HIGH |
A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602. | |||||
CVE-2024-22895 | 1 Dedecms | 1 Dedecms | 2025-06-05 | N/A | 8.8 HIGH |
DedeCMS 5.7.112 has a File Upload vulnerability via uploads/dede/module_upload.php. | |||||
CVE-2024-22795 | 1 Forescout | 1 Secureconnector | 2025-06-05 | N/A | 7.0 HIGH |
Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component. | |||||
CVE-2024-22699 | 1 Flycms Project | 1 Flycms | 2025-06-05 | N/A | 8.8 HIGH |
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/update_group_save. | |||||
CVE-2024-22519 | 1 Sorenfriis | 1 Opendroneid Osm | 2025-06-05 | N/A | 8.2 HIGH |
An issue discovered in OpenDroneID OSM 3.5.1 allows attackers to impersonate other drones via transmission of crafted data packets. |