Total
10073 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-33031 | 1 Qualcomm | 32 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 29 more | 2024-11-07 | N/A | 6.7 MEDIUM |
Memory corruption while processing the update SIM PB records request. | |||||
CVE-2024-51529 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-07 | N/A | 5.5 MEDIUM |
Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability. | |||||
CVE-2024-51530 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-07 | N/A | 5.5 MEDIUM |
LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
CVE-2024-51520 | 1 Huawei | 1 Harmonyos | 2024-11-07 | N/A | 5.5 MEDIUM |
Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
CVE-2024-23386 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2024-11-07 | N/A | 6.7 MEDIUM |
memory corruption when WiFi display APIs are invoked with large random inputs. | |||||
CVE-2024-51514 | 1 Huawei | 1 Harmonyos | 2024-11-07 | N/A | 5.5 MEDIUM |
Vulnerability of pop-up windows belonging to no app in the VPN module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
CVE-2024-51512 | 1 Huawei | 1 Harmonyos | 2024-11-07 | N/A | 5.5 MEDIUM |
Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
CVE-2024-51511 | 1 Huawei | 1 Harmonyos | 2024-11-07 | N/A | 5.5 MEDIUM |
Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
CVE-2024-51519 | 1 Huawei | 1 Harmonyos | 2024-11-06 | N/A | 5.5 MEDIUM |
Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
CVE-2024-49368 | 1 Nginxui | 1 Nginx Ui | 2024-11-06 | N/A | 9.8 CRITICAL |
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, when Nginx UI configures logrotate, it does not verify the input and directly passes it to exec.Command, causing arbitrary command execution. Version 2.0.0-beta.36 fixes this issue. | |||||
CVE-2024-20484 | 2024-11-06 | N/A | 7.5 HIGH | ||
A vulnerability in the External Agent Assignment Service (EAAS) feature of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of Media Routing Peripheral Interface Manager (MR PIM) traffic that is received by an affected device. An attacker could exploit this vulnerability by sending crafted MR PIM traffic to an affected device. A successful exploit could allow the attacker to trigger a failure on the MR PIM connection between Cisco ECE and Cisco Unified Contact Center Enterprise (CCE), leading to a DoS condition on EAAS that would prevent customers from starting chat, callback, or delayed callback sessions. Note: When the attack traffic stops, the EAAS process must be manually restarted to restore normal operation. To restart the process in the System Console, choose Shared Resources > Services > Unified CCE > EAAS, then click Start. | |||||
CVE-2024-45802 | 1 Squid-cache | 1 Squid | 2024-11-05 | N/A | 7.5 HIGH |
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10. | |||||
CVE-2024-24549 | 2024-11-04 | N/A | 7.5 HIGH | ||
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue. | |||||
CVE-2014-9907 | 1 Imagemagick | 1 Imagemagick | 2024-11-04 | 4.3 MEDIUM | 6.5 MEDIUM |
coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file. | |||||
CVE-2014-9815 | 1 Imagemagick | 1 Imagemagick | 2024-10-31 | 4.3 MEDIUM | 5.5 MEDIUM |
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file. | |||||
CVE-2014-9813 | 1 Imagemagick | 1 Imagemagick | 2024-10-31 | 4.3 MEDIUM | 5.5 MEDIUM |
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file. | |||||
CVE-2014-9811 | 1 Imagemagick | 1 Imagemagick | 2024-10-31 | 4.3 MEDIUM | 5.5 MEDIUM |
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file. | |||||
CVE-2014-9810 | 1 Imagemagick | 1 Imagemagick | 2024-10-31 | 4.3 MEDIUM | 5.5 MEDIUM |
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file. | |||||
CVE-2014-9809 | 1 Imagemagick | 1 Imagemagick | 2024-10-31 | 4.3 MEDIUM | 5.5 MEDIUM |
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. | |||||
CVE-2014-9805 | 1 Imagemagick | 1 Imagemagick | 2024-10-31 | 4.3 MEDIUM | 5.5 MEDIUM |
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file. |