Total
101534 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31799 | 1 Gncchome | 2 Gncc C2, Gncc C2 Firmware | 2024-08-16 | N/A | 4.6 MEDIUM |
| Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port. | |||||
| CVE-2024-38122 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-16 | N/A | 5.5 MEDIUM |
| Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | |||||
| CVE-2024-38118 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-16 | N/A | 5.5 MEDIUM |
| Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | |||||
| CVE-2024-41962 | 1 Yonle | 1 Bostr | 2024-08-16 | N/A | 6.3 MEDIUM |
| Bostr is an nostr relay aggregator proxy that acts like a regular nostr relay. bostr let everyone in even having authorized_keys being set when noscraper is set to true. This vulnerability is fixed in 3.0.10. | |||||
| CVE-2024-38123 | 1 Microsoft | 1 Windows 11 24h2 | 2024-08-16 | N/A | 4.4 MEDIUM |
| Windows Bluetooth Driver Information Disclosure Vulnerability | |||||
| CVE-2024-6347 | 1 Nissan-global | 2 Altima, Blind Spot Detection Sensor Ecu Firmware | 2024-08-16 | N/A | 6.5 MEDIUM |
| * Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima (2022) allows attackers to trigger denial-of-service (DoS) by unauthorized access to the ECU's programming session. * No preconditions implemented for ECU management functionality through UDS session in the Blind Spot Detection Sensor ECU in Nissan Altima (2022) allows attackers to disrupt normal ECU operations by triggering a control command without authentication. | |||||
| CVE-2024-31798 | 1 Gncchome | 2 Gncc C2, Gncc C2 Firmware | 2024-08-16 | N/A | 6.8 MEDIUM |
| Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices | |||||
| CVE-2024-38214 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-08-15 | N/A | 6.5 MEDIUM |
| Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | |||||
| CVE-2024-38223 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-15 | N/A | 6.8 MEDIUM |
| Windows Initial Machine Configuration Elevation of Privilege Vulnerability | |||||
| CVE-2024-40704 | 1 Ibm | 1 Infosphere Information Server | 2024-08-15 | N/A | 4.9 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277. | |||||
| CVE-2024-40705 | 1 Ibm | 1 Infosphere Information Server | 2024-08-15 | N/A | 6.5 MEDIUM |
| IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. IBM X-Force ID: 298279. | |||||
| CVE-2024-7343 | 1 Baidu | 1 Ueditor | 2024-08-15 | 4.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This vulnerability affects unknown code of the file /ueditor142/php/controller.php?action=catchimage. The manipulation of the argument source[] leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273274 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-7342 | 1 Baidu | 1 Ueditor | 2024-08-15 | 4.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability was found in Baidu UEditor 1.4.3.3. It has been classified as problematic. This affects an unknown part of the file /ueditor/php/controller.php?action=uploadfile&encode=utf-8. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273273 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-21981 | 2024-08-15 | N/A | 5.7 MEDIUM | ||
| Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASPĀ to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity. | |||||
| CVE-2024-7678 | 1 Oretnom23 | 1 Car Driving School Management System | 2024-08-15 | 4.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=save_package. The manipulation of the argument name/description/training_duration leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-7677 | 1 Oretnom23 | 1 Car Driving School Management System | 2024-08-15 | 4.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument contact/address leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-5678 | 1 Zohocorp | 1 Manageengine Applications Manager | 2024-08-15 | N/A | 4.7 MEDIUM |
| Zohocorp ManageEngine Applications Manager versionsĀ 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature. | |||||
| CVE-2024-7676 | 1 Oretnom23 | 1 Car Driving School Management System | 2024-08-15 | 6.5 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in Sourcecodester Car Driving School Management System 1.0. It has been classified as critical. Affected is the function save_package of the file /classes/Master.php?f=save_package. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-7669 | 1 Oretnom23 | 1 Car Driving School Management System | 2024-08-15 | 6.5 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in SourceCodester Car Driving School Management System 1.0 and classified as critical. This issue affects the function delete_enrollment of the file Master.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-7668 | 1 Oretnom23 | 1 Car Driving School Management System | 2024-08-15 | 6.5 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in SourceCodester Car Driving School Management System 1.0 and classified as critical. This vulnerability affects the function delete_package of the file Master.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||