Export limit exceeded: 343535 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 343535 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 343535 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343535 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-22066 | 1 Zte | 8 Zxr10 160, Zxr10 160 Firmware, Zxr10 1800-2s and 5 more | 2024-11-08 | 7.5 High |
| There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the device. | ||||
| CVE-2024-0067 | 2024-11-08 | 4.3 Medium | ||
| Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. | ||||
| CVE-2024-43967 | 1 Starkdigital | 1 Wp Testimonial Widget | 2024-11-08 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Stark Digital WP Testimonial Widget allows Stored XSS.This issue affects WP Testimonial Widget: from n/a through 3.1. | ||||
| CVE-2024-43966 | 1 Starkdigital | 1 Wp Testimonial Widget | 2024-11-08 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stark Digital WP Testimonial Widget.This issue affects WP Testimonial Widget: from n/a through 3.1. | ||||
| CVE-2024-20418 | 1 Cisco | 1 Aironet Access Point Software | 2024-11-08 | 10 Critical |
| A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating system. This vulnerability is due to improper validation of input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system of the affected device. | ||||
| CVE-2024-33033 | 1 Qualcomm | 56 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 53 more | 2024-11-08 | 6.7 Medium |
| Memory corruption while processing IOCTL calls to unmap the buffers. | ||||
| CVE-2024-33032 | 1 Qualcomm | 140 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 137 more | 2024-11-08 | 6.7 Medium |
| Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it. | ||||
| CVE-2024-33030 | 1 Qualcomm | 44 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 41 more | 2024-11-08 | 6.7 Medium |
| Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size. | ||||
| CVE-2024-33029 | 1 Qualcomm | 6 Qca6584au, Qca6584au Firmware, Qca6698aq and 3 more | 2024-11-08 | 6.7 Medium |
| Memory corruption while handling the PDR in driver for getting the remote heap maps. | ||||
| CVE-2024-23377 | 1 Qualcomm | 79 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 76 more | 2024-11-08 | 6.7 Medium |
| Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver. | ||||
| CVE-2024-51358 | 1 Linuxserver | 1 Heimdall Application Dashboard | 2024-11-07 | 9.8 Critical |
| An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application. | ||||
| CVE-2024-47855 | 1 Redhat | 1 Ocp Tools | 2024-11-07 | 5.3 Medium |
| util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string. | ||||
| CVE-2024-33068 | 1 Qualcomm | 246 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 243 more | 2024-11-07 | 7.5 High |
| Transient DOS while parsing fragments of MBSSID IE from beacon frame. | ||||
| CVE-2024-38403 | 1 Qualcomm | 156 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 153 more | 2024-11-07 | 7.5 High |
| Transient DOS while parsing BTM ML IE when per STA profile is not included. | ||||
| CVE-2024-38405 | 1 Qualcomm | 200 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 197 more | 2024-11-07 | 7.5 High |
| Transient DOS while processing the CU information from RNR IE. | ||||
| CVE-2024-23385 | 1 Qualcomm | 189 205 Mobile Platform, 205 Mobile Platform Firmware, Apq8017 and 186 more | 2024-11-07 | 7.5 High |
| Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. | ||||
| CVE-2024-51522 | 1 Huawei | 1 Harmonyos | 2024-11-07 | 6.2 Medium |
| Vulnerability of improper device information processing in the device management module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-51523 | 1 Huawei | 1 Harmonyos | 2024-11-07 | 7.1 High |
| Information management vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-51524 | 1 Huawei | 1 Harmonyos | 2024-11-07 | 4 Medium |
| Permission control vulnerability in the Wi-Fi module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-51526 | 1 Huawei | 1 Harmonyos | 2024-11-07 | 8.2 High |
| Permission control vulnerability in the hidebug module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||