Export limit exceeded: 334084 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334084 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34611 | 1 Samsung | 1 Android | 2024-08-12 | 5.1 Medium |
| Improper access control in KnoxService prior to SMR Aug-2024 Release 1 allows local attackers to get sensitive information. | ||||
| CVE-2024-34610 | 1 Samsung | 1 Android | 2024-08-12 | 5.1 Medium |
| Improper access control in ExtControlDeviceService prior to SMR Aug-2024 Release 1 allows local attackers to access protected data. | ||||
| CVE-2024-34609 | 1 Samsung | 1 Android | 2024-08-12 | 6.2 Medium |
| Improper access control in VoiceNoteService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | ||||
| CVE-2024-34608 | 1 Samsung | 1 Android | 2024-08-12 | 6.2 Medium |
| Improper access control in PaymentManagerService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | ||||
| CVE-2024-34607 | 1 Samsung | 1 Android | 2024-08-12 | 6.2 Medium |
| Improper access control in SamsungNotesService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | ||||
| CVE-2024-34606 | 1 Samsung | 1 Android | 2024-08-12 | 6.2 Medium |
| Improper access control in SmartThingsService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | ||||
| CVE-2024-34605 | 1 Samsung | 1 Android | 2024-08-12 | 6.2 Medium |
| Improper access control in SamsungHealthService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | ||||
| CVE-2024-34604 | 1 Samsung | 1 Android | 2024-08-12 | 6.2 Medium |
| Improper access control in LedCoverService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | ||||
| CVE-2024-7550 | 1 Google | 1 Chrome | 2024-08-12 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-7536 | 1 Google | 1 Chrome | 2024-08-12 | 8.8 High |
| Use after free in WebAudio in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-7533 | 2 Apple, Google | 2 Iphone Os, Chrome | 2024-08-12 | 8.8 High |
| Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-7532 | 1 Google | 1 Chrome | 2024-08-12 | 8.8 High |
| Out of bounds memory access in ANGLE in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2024-42219 | 1 1password | 1 1password | 2024-08-12 | 7 High |
| 1Password 8 before 8.10.36 for macOS allows local attackers to exfiltrate vault items because XPC inter-process communication validation is insufficient. | ||||
| CVE-2024-42218 | 1 1password | 1 1password | 2024-08-12 | 6.3 Medium |
| 1Password 8 before 8.10.38 for macOS allows local attackers to exfiltrate vault items by bypassing macOS-specific security mechanisms. | ||||
| CVE-2024-31200 | 1 Proges | 2 Sensor Net Connect Firmware V2, Sensor Net Connect V2 | 2024-08-12 | 4.2 Medium |
| A “CWE-201: Insertion of Sensitive Information Into Sent Data” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext when an administrative session is open in the browser. | ||||
| CVE-2024-41270 | 1 Appleboy | 1 Gorush | 2024-08-12 | 9.1 Critical |
| An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version. | ||||
| CVE-2024-42395 | 2 Arubanetworks, Hp | 3 Arubaos, Instant, Instantos | 2024-08-12 | 9.8 Critical |
| There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. | ||||
| CVE-2024-42394 | 3 Arubanetworks, Hp, Hpe | 4 Arubaos, Instantos, Aruba Networking Instantos and 1 more | 2024-08-12 | 9.8 Critical |
| There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. | ||||
| CVE-2024-42393 | 2 Arubanetworks, Hp | 3 Arubaos, Instant, Instantos | 2024-08-12 | 9.8 Critical |
| There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. | ||||
| CVE-2024-28739 | 1 Koha | 1 Koha | 2024-08-12 | 9.6 Critical |
| An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter. | ||||