Total
1270 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-29842 | 2024-04-15 | N/A | 7.5 HIGH | ||
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_ABACARD_FIELDS, allowing for an unauthenticated attacker to return the abacard field of any user | |||||
CVE-2024-29836 | 2024-04-15 | N/A | 9.8 CRITICAL | ||
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control, allowing for an unauthenticated attacker to update and add user profiles within the application, and gain full access of the site. | |||||
CVE-2024-29837 | 2024-04-15 | N/A | 8.8 HIGH | ||
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below uses poor session management, allowing for an unauthenticated attacker to access administrator functionality if any other user is already signed in. | |||||
CVE-2024-29841 | 2024-04-15 | N/A | 7.5 HIGH | ||
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_KEYS_FIELDS, allowing for an unauthenticated attacker to return the keys value of any user | |||||
CVE-2023-24844 | 1 Qualcomm | 86 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 83 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range. | |||||
CVE-2023-21673 | 1 Qualcomm | 326 Aqt1000, Aqt1000 Firmware, Ar8035 and 323 more | 2024-04-12 | N/A | 7.8 HIGH |
Improper Access to the VM resource manager can lead to Memory Corruption. | |||||
CVE-2023-21670 | 1 Qualcomm | 364 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 361 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. | |||||
CVE-2023-21642 | 1 Qualcomm | 26 Qam8295p, Qam8295p Firmware, Qca6574au and 23 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in HAB Memory management due to broad system privileges via physical address. | |||||
CVE-2022-40539 | 1 Qualcomm | 50 Qam8295p, Qam8295p Firmware, Qca6574au and 47 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Automotive Android OS due to improper validation of array index. | |||||
CVE-2022-40529 | 1 Qualcomm | 392 Aqt1000, Aqt1000 Firmware, Ar8031 and 389 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption due to improper access control in kernel while processing a mapping request from root process. | |||||
CVE-2022-33243 | 1 Qualcomm | 314 Apq8096au, Apq8096au Firmware, Aqt1000 and 311 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption due to improper access control in Qualcomm IPC. | |||||
CVE-2023-43517 | 1 Qualcomm | 38 Qam8255p, Qam8255p Firmware, Qam8295p and 35 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Automotive Multimedia due to improper access control in HAB. | |||||
CVE-2023-33071 | 1 Qualcomm | 26 Qca6574, Qca6574 Firmware, Qca6574a and 23 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities. | |||||
CVE-2024-26203 | 2024-04-11 | N/A | 7.3 HIGH | ||
Azure Data Studio Elevation of Privilege Vulnerability | |||||
CVE-2024-26201 | 2024-04-11 | N/A | 6.6 MEDIUM | ||
Microsoft Intune Linux Agent Elevation of Privilege Vulnerability | |||||
CVE-2024-21436 | 2024-04-11 | N/A | 7.8 HIGH | ||
Windows Installer Elevation of Privilege Vulnerability | |||||
CVE-2024-21418 | 2024-04-11 | N/A | 7.8 HIGH | ||
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability | |||||
CVE-2024-21401 | 1 Microsoft | 1 Entra Jira Sso Plugin | 2024-04-11 | N/A | 9.8 CRITICAL |
Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability | |||||
CVE-2024-21376 | 1 Microsoft | 1 Azure Kubernetes Service | 2024-04-11 | N/A | 9.0 CRITICAL |
Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability | |||||
CVE-2024-21364 | 1 Microsoft | 1 Azure Site Recovery | 2024-04-11 | N/A | 9.3 CRITICAL |
Microsoft Azure Site Recovery Elevation of Privilege Vulnerability |