Export limit exceeded: 43056 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2850 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32220 | 1 Milesight | 2 Ncr\/camera, Ncr\/camera Firmware | 2025-01-06 | 8.2 High |
| Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. | ||||
| CVE-2023-32219 | 1 Mazda | 2 Mazda, Mazda Firmware | 2025-01-06 | 6.5 Medium |
| A Mazda model (2015-2016) can be unlocked via an unspecified method. | ||||
| CVE-2023-21245 | 1 Google | 1 Android | 2025-01-06 | 7.8 High |
| In showNextSecurityScreenOrFinish of KeyguardSecurityContainerController.java, there is a possible way to access the lock screen during device setup due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-24546 | 1 Arista | 1 Cloudvision Portal | 2025-01-06 | 8.1 High |
| On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. This advisory impacts the Arista CloudVision Portal product when run on-premise. It does not impact CloudVision as-a-Service. | ||||
| CVE-2024-27933 | 1 Deno | 1 Deno | 2025-01-03 | 8.3 High |
| Deno is a JavaScript, TypeScript, and WebAssembly runtime. In version 1.39.0, use of raw file descriptors in `op_node_ipc_pipe()` leads to premature close of arbitrary file descriptors, allowing standard input to be re-opened as a different resource resulting in permission prompt bypass. Node child_process IPC relies on the JS side to pass the raw IPC file descriptor to `op_node_ipc_pipe()`, which returns a `IpcJsonStreamResource` ID associated with the file descriptor. On closing the resource, the raw file descriptor is closed together. Use of raw file descriptors in `op_node_ipc_pipe()` leads to premature close of arbitrary file descriptors. This allow standard input (fd 0) to be closed and re-opened for a different resource, which allows a silent permission prompt bypass. This is exploitable by an attacker controlling the code executed inside a Deno runtime to obtain arbitrary code execution on the host machine regardless of permissions. This bug is known to be exploitable. There is a working exploit that achieves arbitrary code execution by bypassing prompts from zero permissions, additionally abusing the fact that Cache API lacks filesystem permission checks. The attack can be conducted silently as stderr can also be closed, suppressing all prompt outputs. Version 1.39.1 fixes the bug. | ||||
| CVE-2024-12831 | 1 Arista | 1 Ng Firewall | 2025-01-03 | 7.8 High |
| Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the uvm_login module. The issue results from incorrect authorization. An attacker can leverage this to escalate privileges to resources normally protected from the user. Was ZDI-CAN-24324. | ||||
| CVE-2023-34965 | 1 Sspanel-uim Project | 1 Sspanel-uim | 2025-01-03 | 5.3 Medium |
| SSPanel-Uim 2023.3 does not restrict access to the /link/ interface which can lead to a leak of user information. | ||||
| CVE-2023-32061 | 1 Discourse | 1 Discourse | 2025-01-02 | 5.4 Medium |
| Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, the lack of restrictions on the iFrame tag makes it easy for an attacker to exploit the vulnerability and hide subsequent comments from other users. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. There are no known workarounds. | ||||
| CVE-2024-56348 | 1 Jetbrains | 1 Teamcity | 2025-01-02 | 4.3 Medium |
| In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents | ||||
| CVE-2024-56350 | 1 Jetbrains | 1 Teamcity | 2025-01-02 | 4.3 Medium |
| In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects | ||||
| CVE-2022-21894 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more | 2025-01-02 | 4.4 Medium |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2023-21560 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-01-01 | 6.6 Medium |
| Windows Boot Manager Security Feature Bypass Vulnerability | ||||
| CVE-2022-31644 | 1 Hp | 654 Dragonfly Folio G3 2-in-1, Dragonfly Folio G3 2-in-1 Firmware, Elite Dragonfly and 651 more | 2024-12-30 | 7.8 High |
| Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2022-31646 | 1 Hp | 654 Dragonfly Folio G3 2-in-1, Dragonfly Folio G3 2-in-1 Firmware, Elite Dragonfly and 651 more | 2024-12-30 | 7.8 High |
| Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2018-9374 | 1 Google | 2 Android, Pixel | 2024-12-18 | 7.8 High |
| In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21270 | 1 Google | 1 Android | 2024-12-18 | 7.8 High |
| In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-28175 | 1 Bosch | 16 Divar Ip 3000, Divar Ip 3000 Firmware, Divar Ip 4000 and 13 more | 2024-12-17 | 7.1 High |
| Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request. | ||||
| CVE-2024-24761 | 1 Galette | 1 Galette | 2024-12-17 | 7.5 High |
| Galette is a membership management web application for non profit organizations. Starting in version 1.0.0 and prior to version 1.0.2, public pages are per default restricted to only administrators and staff members. From configuration, it is possible to restrict to up-to-date members or to everyone. Version 1.0.2 fixes this issue. | ||||
| CVE-2022-48495 | 1 Huawei | 1 Emui | 2024-12-17 | 5.3 Medium |
| Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained. | ||||
| CVE-2024-21987 | 1 Netapp | 1 Snapcenter | 2024-12-16 | 5.4 Medium |
| SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an authenticated SnapCenter Server user to modify system logging configuration settings | ||||