Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 25507 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-21401 1 Microsoft 1 Entra Jira Sso Plugin 2024-02-23 N/A 9.8 CRITICAL
Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability
CVE-2024-21413 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2024-02-23 N/A 9.8 CRITICAL
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2022-21476 4 Azul, Debian, Netapp and 1 more 18 Zulu, Debian Linux, Active Iq Unified Manager and 15 more 2024-02-23 5.0 MEDIUM 7.5 HIGH
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVE-2022-3479 1 Mozilla 1 Network Security Services 2024-02-23 N/A 7.5 HIGH
A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.
CVE-2024-21397 1 Microsoft 1 Azure File Sync 2024-02-23 N/A 5.3 MEDIUM
Microsoft Azure File Sync Elevation of Privilege Vulnerability
CVE-2024-21396 1 Microsoft 1 Dynamics 365 2024-02-23 N/A 7.6 HIGH
Dynamics 365 Sales Spoofing Vulnerability
CVE-2024-21394 1 Microsoft 1 Dynamics 365 2024-02-23 N/A 7.6 HIGH
Dynamics 365 Field Service Spoofing Vulnerability
CVE-2024-21384 1 Microsoft 2 365 Apps, Office Long Term Servicing Channel 2024-02-23 N/A 7.8 HIGH
Microsoft Office OneNote Remote Code Execution Vulnerability
CVE-2024-21381 1 Microsoft 1 Azure Active Directory 2024-02-23 N/A 6.8 MEDIUM
Microsoft Azure Active Directory B2C Spoofing Vulnerability
CVE-2024-21371 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2024-02-22 N/A 7.0 HIGH
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-21372 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-02-22 N/A 8.8 HIGH
Windows OLE Remote Code Execution Vulnerability
CVE-2024-21374 1 Microsoft 1 Teams 2024-02-22 N/A 5.0 MEDIUM
Microsoft Teams for Android Information Disclosure
CVE-2024-21386 1 Microsoft 2 Asp.net Core, Visual Studio 2022 2024-02-22 N/A 7.5 HIGH
.NET Denial of Service Vulnerability
CVE-2024-21402 1 Microsoft 1 365 Apps 2024-02-22 N/A 7.1 HIGH
Microsoft Outlook Elevation of Privilege Vulnerability
CVE-2024-21404 1 Microsoft 2 Asp.net Core, Visual Studio 2022 2024-02-22 N/A 7.5 HIGH
.NET Denial of Service Vulnerability
CVE-2024-21405 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-02-22 N/A 7.0 HIGH
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
CVE-2023-43115 2 Artifex, Fedoraproject 2 Ghostscript, Fedora 2024-02-22 N/A 8.8 HIGH
In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server).
CVE-2024-20667 1 Microsoft 1 Azure Devops Server 2024-02-22 N/A 7.5 HIGH
Azure DevOps Server Remote Code Execution Vulnerability
CVE-2024-20673 1 Microsoft 7 Excel, Office, Powerpoint and 4 more 2024-02-22 N/A 7.8 HIGH
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-21327 1 Microsoft 1 Dynamics 365 2024-02-22 N/A 7.6 HIGH
Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability