Vulnerabilities (CVE)

Total 82117 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-43622 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-11-15 N/A 8.8 HIGH
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2024-43623 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-11-15 N/A 7.8 HIGH
Windows NT OS Kernel Elevation of Privilege Vulnerability
CVE-2024-43625 1 Microsoft 6 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 3 more 2024-11-15 N/A 8.1 HIGH
Microsoft Windows VMSwitch Elevation of Privilege Vulnerability
CVE-2024-29119 1 Siemens 1 Spectrum Power 7 2024-11-15 N/A 7.8 HIGH
A vulnerability has been identified in Spectrum Power 7 (All versions < V24Q3). The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges.
CVE-2024-11124 1 Timgeyssens 1 Ui-o-matic 2024-11-15 5.8 MEDIUM 7.2 HIGH
A vulnerability has been found in TimGeyssens UIOMatic 5 and classified as critical. This vulnerability affects unknown code of the file /src/UIOMatic/wwwroot/backoffice/resources/uioMaticObject.r. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2021-27702 2024-11-15 N/A 7.3 HIGH
Sercomm Router Etisalat Model S3- AC2100 is affected by Incorrect Access Control via the diagnostic utility in the router dashboard.
CVE-2024-50143 1 Linux 1 Linux Kernel 2024-11-15 N/A 7.8 HIGH
In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After applying the patch reproducer did not trigger any issue[2]. [1] https://syzkaller.appspot.com/bug?extid=8901c4560b7ab5c2f9df [2] https://syzkaller.appspot.com/x/log.txt?x=10242227980000
CVE-2024-44760 1 Sunmochina 1 Enterprise Management System 2024-11-15 N/A 7.5 HIGH
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server.
CVE-2024-41209 2024-11-15 N/A 8.8 HIGH
A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Denial of Service (DoS) and Code Execution via a crafted MOV video file.
CVE-2024-21974 1 Amd 1 Ryzen Ai Software 2024-11-15 N/A 7.8 HIGH
Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.
CVE-2024-21975 1 Amd 1 Ryzen Ai Software 2024-11-15 N/A 7.8 HIGH
Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution.
CVE-2024-49778 2024-11-15 N/A 8.8 HIGH
A heap-based buffer overflow in tsMuxer version nightly-2024-05-12-02-01-18 allows attackers to cause Denial of Service (DoS) and Code Execution via a crafted MOV video file.
CVE-2024-49777 2024-11-15 N/A 8.8 HIGH
A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Denial of Service (DoS), Information Disclosure and Code Execution via a crafted MKV video file.
CVE-2024-11065 1 Dlink 2 Dsl6740c, Dsl6740c Firmware 2024-11-15 N/A 7.2 HIGH
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.
CVE-2024-11064 1 Dlink 2 Dsl6740c, Dsl6740c Firmware 2024-11-15 N/A 7.2 HIGH
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.
CVE-2024-11063 1 Dlink 2 Dsl6740c, Dsl6740c Firmware 2024-11-15 N/A 7.2 HIGH
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.
CVE-2024-11062 1 Dlink 2 Dsl6740c, Dsl6740c Firmware 2024-11-15 N/A 7.2 HIGH
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.
CVE-2024-49557 1 Dell 1 Smartfabric Os10 2024-11-15 N/A 7.8 HIGH
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
CVE-2024-49558 1 Dell 1 Smartfabric Os10 2024-11-15 N/A 7.8 HIGH
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2024-49560 1 Dell 1 Smartfabric Os10 2024-11-15 N/A 7.8 HIGH
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.