Total
1295 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-43517 | 1 Qualcomm | 38 Qam8255p, Qam8255p Firmware, Qam8295p and 35 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in Automotive Multimedia due to improper access control in HAB. | |||||
| CVE-2023-33071 | 1 Qualcomm | 26 Qca6574, Qca6574 Firmware, Qca6574a and 23 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities. | |||||
| CVE-2024-26203 | 2024-04-11 | N/A | 7.3 HIGH | ||
| Azure Data Studio Elevation of Privilege Vulnerability | |||||
| CVE-2024-26201 | 2024-04-11 | N/A | 6.6 MEDIUM | ||
| Microsoft Intune Linux Agent Elevation of Privilege Vulnerability | |||||
| CVE-2024-21436 | 2024-04-11 | N/A | 7.8 HIGH | ||
| Windows Installer Elevation of Privilege Vulnerability | |||||
| CVE-2024-21418 | 2024-04-11 | N/A | 7.8 HIGH | ||
| Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability | |||||
| CVE-2024-21401 | 1 Microsoft | 1 Entra Jira Sso Plugin | 2024-04-11 | N/A | 9.8 CRITICAL |
| Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability | |||||
| CVE-2024-21376 | 1 Microsoft | 1 Azure Kubernetes Service | 2024-04-11 | N/A | 9.0 CRITICAL |
| Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability | |||||
| CVE-2024-21364 | 1 Microsoft | 1 Azure Site Recovery | 2024-04-11 | N/A | 9.3 CRITICAL |
| Microsoft Azure Site Recovery Elevation of Privilege Vulnerability | |||||
| CVE-2024-20695 | 1 Microsoft | 1 Skype For Business Server | 2024-04-11 | N/A | 5.7 MEDIUM |
| Skype for Business Information Disclosure Vulnerability | |||||
| CVE-2024-20657 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 7.0 HIGH |
| Windows Group Policy Elevation of Privilege Vulnerability | |||||
| CVE-2024-3270 | 2024-04-11 | 4.7 MEDIUM | 3.8 LOW | ||
| A vulnerability classified as problematic was found in ThingsBoard up to 3.6.2. This vulnerability affects unknown code of the component AdvancedFeature. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259282 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure and replied to be planning to fix this issue in version 3.7. | |||||
| CVE-2024-2481 | 2024-04-11 | 6.4 MEDIUM | 6.5 MEDIUM | ||
| A vulnerability, which was classified as critical, was found in Surya2Developer Hostel Management System 1.0. Affected is an unknown function of the file /admin/manage-students.php. The manipulation of the argument del leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-256890 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-2281 | 2024-04-11 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability was found in boyiddha Automated-Mess-Management-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256048. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-21767 | 2024-04-11 | N/A | 9.4 CRITICAL | ||
| A remote attacker may be able to bypass access control of Commend WS203VICM by creating a malicious request. | |||||
| CVE-2024-1823 | 2024-04-11 | 5.0 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability classified as critical was found in CodeAstro Simple Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file users.php of the component Backend. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254611. | |||||
| CVE-2024-1701 | 2024-04-11 | 5.0 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254389 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1114 | 1 Openbi | 1 Openbi | 2024-04-11 | 6.4 MEDIUM | 9.8 CRITICAL |
| A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252472. | |||||
| CVE-2024-1011 | 1 Employee Management System Project | 1 Employee Management System | 2024-04-11 | 4.0 MEDIUM | 8.8 HIGH |
| A vulnerability classified as problematic was found in SourceCodester Employee Management System 1.0. This vulnerability affects unknown code of the file delete-leave.php of the component Leave Handler. The manipulation of the argument id leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252280. | |||||
| CVE-2024-0712 | 1 Byzoro | 2 Smart S150, Smart S150 Firmware | 2024-04-11 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in Byzoro Smart S150 Management Platform V31R02B15. It has been classified as critical. Affected is an unknown function of the file /useratte/inc/userattea.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-251538 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||