Total
292 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-54818 | 2025-01-08 | N/A | 8.8 HIGH | ||
| SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list. | |||||
| CVE-2024-53934 | 2025-01-08 | N/A | 7.7 HIGH | ||
| The com.windymob.callscreen.ringtone.callcolor.colorphone (aka Color Phone Call Screen Themes) application through 1.1.2 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.frovis.androidbase.call.DialerActivity component. | |||||
| CVE-2024-46622 | 2025-01-07 | N/A | 9.8 CRITICAL | ||
| An Escalation of Privilege security vulnerability was found in SecureAge Security Suite software 7.0.x before 7.0.38, 7.1.x before 7.1.11, 8.0.x before 8.0.18, and 8.1.x before 8.1.18 that allows arbitrary file creation, modification and deletion. | |||||
| CVE-2023-42867 | 1 Apple | 1 Garageband | 2025-01-06 | N/A | 7.8 HIGH |
| This issue was addressed with improved validation of the process entitlement and Team ID. This issue is fixed in GarageBand 10.4.9. An app may be able to gain root privileges. | |||||
| CVE-2024-44211 | 1 Apple | 1 Macos | 2025-01-06 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data. | |||||
| CVE-2024-44223 | 1 Apple | 1 Macos | 2025-01-06 | N/A | 4.6 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access to a Mac may be able to view protected content from the Login Window. | |||||
| CVE-2024-56317 | 2025-01-02 | N/A | 7.5 HIGH | ||
| In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0, the WriteAcl function deletes all existing ACL entries first, and then attempts to recreate them based on user input. If input validation fails during decoding, the process stops, and no entries are restored by access-control-server.cpp, i.e., a denial of service. | |||||
| CVE-2024-22177 | 1 Openatom | 1 Openharmony | 2025-01-02 | N/A | 3.3 LOW |
| in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission. | |||||
| CVE-2024-37649 | 2024-12-31 | N/A | 4.6 MEDIUM | ||
| Insecure Permissions vulnerability in SecureSTATION v.2.5.5.3116-S50-SMA-B20160811A and before allows a physically proximate attacker to obtain sensitive information via the modification of user credentials. | |||||
| CVE-2024-21816 | 1 Openatom | 1 Openharmony | 2024-12-16 | N/A | 4.0 MEDIUM |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through improper preservation of permissions. | |||||
| CVE-2024-54465 | 1 Apple | 1 Macos | 2024-12-16 | N/A | 9.8 CRITICAL |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.2. An app may be able to elevate privileges. | |||||
| CVE-2024-41644 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | N/A | 9.8 CRITICAL |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via the dyn_param_handler_ component. | |||||
| CVE-2024-41645 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | N/A | 9.8 CRITICAL |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2__amcl. | |||||
| CVE-2024-41646 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | N/A | 9.8 CRITICAL |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_dwb_controller. | |||||
| CVE-2024-41648 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | N/A | 9.8 CRITICAL |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_regulated_pure_pursuit_controller. | |||||
| CVE-2024-41649 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | N/A | 9.8 CRITICAL |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executor_thread_. | |||||
| CVE-2024-41650 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | N/A | 9.8 CRITICAL |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_costmap_2d. | |||||
| CVE-2024-54484 | 1 Apple | 1 Macos | 2024-12-13 | N/A | 5.5 MEDIUM |
| The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data. | |||||
| CVE-2024-54515 | 1 Apple | 1 Macos | 2024-12-13 | N/A | 7.8 HIGH |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2. A malicious app may be able to gain root privileges. | |||||
| CVE-2024-54513 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-13 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to access sensitive user data. | |||||