Export limit exceeded: 334952 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334952 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-44808 | 1 Vypor | 1 Attack Api System | 2024-09-05 | 9.8 Critical |
| An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via the user GET parameter. | ||||
| CVE-2024-8194 | 1 Google | 1 Chrome | 2024-09-05 | 7.5 High |
| Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-8193 | 1 Google | 1 Chrome | 2024-09-05 | 8.8 High |
| Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-43359 | 1 Zoneminder | 1 Zoneminder | 2024-09-04 | 0 Low |
| ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in 1.36.34 and 1.37.61. | ||||
| CVE-2024-43360 | 1 Zoneminder | 1 Zoneminder | 2024-09-04 | 9.8 Critical |
| ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder is affected by a time-based SQL Injection vulnerability. This vulnerability is fixed in 1.36.34 and 1.37.61. | ||||
| CVE-2024-43358 | 1 Zoneminder | 1 Zoneminder | 2024-09-04 | 6.1 Medium |
| ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filter[Id]. This vulnerability is fixed in 1.36.34 and 1.37.61. | ||||
| CVE-2024-42437 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2024-09-04 | 6.5 Medium |
| Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2024-42436 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2024-09-04 | 6.5 Medium |
| Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2024-42435 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2024-09-04 | 4.9 Medium |
| Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | ||||
| CVE-2024-39825 | 1 Zoom | 6 Rooms, Vdi Windows Meeting Client, Workplace and 3 more | 2024-09-04 | 8.5 High |
| Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2024-39822 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2024-09-04 | 6.5 Medium |
| Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. | ||||
| CVE-2024-44820 | 1 Zzcms | 1 Zzcms | 2024-09-04 | 7.5 High |
| A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo.php file located at /3/E_bak5.1/upload/. When accessed with the query parameter phome=ShowPHPInfo, the application executes the phpinfo() function, which exposes detailed information about the PHP environment, including server configuration, loaded modules, and environment variables. | ||||
| CVE-2023-34122 | 2024-09-04 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as this is a duplicate of CVE-2023-36540. | ||||
| CVE-2023-34113 | 2024-09-04 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as this is a duplicate of CVE-2023-36541. | ||||
| CVE-2024-38868 | 1 Zohocorp | 1 Manageengine Endpoint Central | 2024-09-04 | 7.6 High |
| Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15 | ||||
| CVE-2024-7927 | 1 Zzcms | 1 Zzcms | 2024-09-04 | 7.3 High |
| A vulnerability classified as critical was found in ZZCMS 2023. Affected by this vulnerability is an unknown functionality of the file /admin/class.php?dowhat=modifyclass. The manipulation of the argument skin[] leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-7926 | 1 Zzcms | 1 Zzcms | 2024-09-04 | 7.3 High |
| A vulnerability classified as critical has been found in ZZCMS 2023. Affected is an unknown function of the file /admin/about_edit.php?action=modify. The manipulation of the argument skin leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-39776 | 2 Avtec, Avtecinc | 5 Outpost 0810, Outpost Uploader Utility, Outpost 0810 and 2 more | 2024-09-04 | 7.5 High |
| Avtec Outpost stores sensitive information in an insecure location without proper access controls in place. | ||||
| CVE-2024-42418 | 2 Avtec, Avtecinc | 5 Outpost 0810, Outpost Uploader Utility, Outpost 0810 and 2 more | 2024-09-04 | 7.5 High |
| Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information. | ||||
| CVE-2024-8139 | 2 Angeljudesuarez, Itsourcecode | 2 E-commerce Website, E-commerce Website | 2024-09-04 | 6.3 Medium |
| A vulnerability has been found in itsourcecode E-Commerce Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file search_list.php. The manipulation of the argument user leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||