Export limit exceeded: 10571 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10571 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-24711 | 1 Wedevs | 1 Woocommerce Conversion Tracking | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11. | ||||
| CVE-2024-24704 | 1 Addonmaster | 1 Load More Anything | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in AddonMaster Load More Anything.This issue affects Load More Anything: from n/a through 3.3.3. | ||||
| CVE-2024-23669 | 1 Fortinet | 2 Fortiweb Manager, Fortiwebmanager | 2024-11-21 | 6.4 Medium |
| An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI. | ||||
| CVE-2024-23653 | 1 Mobyproject | 1 Buildkit | 2024-11-21 | 9.8 Critical |
| BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, running such containers is only allowed if special `security.insecure` entitlement is enabled both by buildkitd configuration and allowed by the user initializing the build request. The issue has been fixed in v0.12.5 . Avoid using BuildKit frontends from untrusted sources. | ||||
| CVE-2024-23629 | 1 Motorola | 2 Mr2600, Mr2600 Firmware | 2024-11-21 | 9.6 Critical |
| An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An attacker can exploit this vulnerability to access protected URLs and retrieve sensitive information. | ||||
| CVE-2024-23524 | 1 Ontraport | 1 Pilotpress | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in ONTRAPORT Inc. PilotPress.This issue affects PilotPress: from n/a through 2.0.30. | ||||
| CVE-2024-23521 | 1 Happyforms | 1 Happyforms | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in Happyforms.This issue affects Happyforms: from n/a through 1.25.10. | ||||
| CVE-2024-23518 | 2024-11-21 | 4.3 Medium | ||
| Missing Authorization vulnerability in Navneil Naicker ACF Photo Gallery Field.This issue affects ACF Photo Gallery Field: from n/a through 2.6. | ||||
| CVE-2024-23504 | 1 Wpmanageninja | 1 Ninja Tables | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.5. | ||||
| CVE-2024-23503 | 1 Wpmanageninja | 1 Ninja Tables | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.6. | ||||
| CVE-2024-22296 | 1 Code4recovery | 1 12 Step Meeting List | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.28. | ||||
| CVE-2024-22156 | 1 Snpdigital | 1 Salesking Wordpress | 2024-11-21 | 6.5 Medium |
| Missing Authorization vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15. | ||||
| CVE-2024-21864 | 2024-11-21 | 7.8 High | ||
| Improper neutralization in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.5081 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent network access. | ||||
| CVE-2024-21751 | 1 Yoginetwork | 1 Rabbitloader | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13. | ||||
| CVE-2024-21748 | 1 Icegram | 1 Icegram Express | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21. | ||||
| CVE-2024-20828 | 1 Samsung | 1 Internet | 2024-11-21 | 2.4 Low |
| Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication. | ||||
| CVE-2024-1350 | 2024-11-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in Prasidhda Malla Honeypot for WP Comment.This issue affects Honeypot for WP Comment: from n/a through 2.2.3. | ||||
| CVE-2024-1137 | 2024-11-21 | 4.3 Medium | ||
| The Proxy and Client components of TIBCO Software Inc.'s TIBCO ActiveSpaces - Enterprise Edition contain a vulnerability that theoretically allows an Active Spaces client to passively observe data traffic to other clients. Affected releases are TIBCO Software Inc.'s TIBCO ActiveSpaces - Enterprise Edition: versions 4.4.0 through 4.9.0. | ||||
| CVE-2024-0394 | 2024-11-21 | 7.8 High | ||
| Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability whereby an authenticated attacker can elevate privileges and execute arbitrary code with SYSTEM privilege. The vulnerability is caused by the product's implementation of OpenSSL's`OPENSSLDIR` parameter where it is set to a path accessible to low-privileged users. The vulnerability has been remediated and fixed in version 4.5.5. | ||||
| CVE-2024-0160 | 1 Dell | 30 G3 3500, G3 3500 Firmware, G5 5500 and 27 more | 2024-11-21 | 6.8 Medium |
| Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS. | ||||