Export limit exceeded: 344055 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344055 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344055 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-5956 | 1 Trellix | 1 Intrusion Prevention System Manager | 2024-09-06 | 6.5 Medium |
| This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly | ||||
| CVE-2024-5957 | 1 Trellix | 1 Intrusion Prevention System Manager | 2024-09-06 | 6.3 Medium |
| This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager. | ||||
| CVE-2024-29730 | 1 Sportsnet | 2 Sportsnet, Sportsnetcms | 2024-09-06 | 9.8 Critical |
| SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/consejoRandom/ , parameter idCat;. | ||||
| CVE-2024-29726 | 1 Sportsnet | 2 Sportsnet, Sportsnetcms | 2024-09-06 | 9.8 Critical |
| SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/setAsRead/, parameter id. | ||||
| CVE-2024-43965 | 1 Smackcoders | 1 Sendgrid | 2024-09-06 | 8.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4. | ||||
| CVE-2024-8340 | 2 Oretnom23, Sourcecodester | 2 Electric Billing Management System, Electric Billing Management System | 2024-09-06 | 7.3 High |
| A vulnerability classified as critical has been found in SourceCodester Electric Billing Management System 1.0. This affects an unknown part of the file /Actions.php?a=login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-43250 | 1 Bitapps | 1 Bit Form | 2024-09-06 | 7.1 High |
| Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bit Form Pro: from n/a through 2.6.4. | ||||
| CVE-2024-34656 | 1 Samsung | 1 Notes | 2024-09-06 | 7.3 High |
| Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. | ||||
| CVE-2024-8181 | 1 Flowiseai | 1 Flowise | 2024-09-06 | 9.8 Critical |
| An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality. | ||||
| CVE-2024-34641 | 1 Samsung | 1 Android | 2024-09-06 | 5.1 Medium |
| Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration. | ||||
| CVE-2024-8298 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 6.2 Medium |
| Memory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-38321 | 1 Ibm | 1 Business Automation Workflow | 2024-09-06 | 5.3 Medium |
| IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-Force ID: 284868. | ||||
| CVE-2024-45449 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 5.1 Medium |
| Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-45447 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 4.4 Medium |
| Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-45446 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 5.5 Medium |
| Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-45445 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 4 Medium |
| Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-45444 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 5.5 Medium |
| Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-45443 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 6.1 Medium |
| Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2024-45392 | 1 Salesagility | 1 Suitecrm | 2024-09-06 | 7.7 High |
| SuiteCRM is an open-source customer relationship management (CRM) system. Prior to version 7.14.5 and 8.6.2, insufficient access control checks allow a threat actor to delete records via the API. Versions 7.14.5 and 8.6.2 contain a patch for the issue. | ||||
| CVE-2024-44728 | 2 Angeljudesuarez, Sourcecodehero | 2 Event Management System, Event Management System | 2024-09-06 | 7.6 High |
| Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact# in /clientdetails/admin/regester.php. | ||||