CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2021-34975 Foxit PDF Reader transitionToState Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reade... | N/A | NONE | — | 0 |
| CVE-2021-34976 Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit P... | 5.5 | MEDIUM | — | 0 |
| CVE-2021-34981 Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attack... | 6.7 | MEDIUM | — | 0 |
| CVE-2022-43653 Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. U... | N/A | NONE | — | 0 |
| CVE-2021-34982 NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations... | N/A | NONE | — | 0 |
| CVE-2021-34983 NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information... | N/A | NONE | — | 0 |
| CVE-2021-34999 OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of Ope... | 5.5 | MEDIUM | — | 0 |
| CVE-2021-35000 OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of Ope... | N/A | NONE | — | 0 |
| CVE-2022-0369 Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected insta... | 8.8 | HIGH | — | 0 |
| CVE-2025-20099 Improper access control for some Intel(R) Rapid Storage Technology installation software may allow an authenticated user to potentially enable escalation of privilege via local access. | 6.7 | MEDIUM | — | 0 |
| CVE-2022-43654 NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR CAX30S rou... | N/A | NONE | — | 0 |
| CVE-2022-43655 Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley ... | N/A | NONE | — | 0 |
| CVE-2022-43656 Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-27321 OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected ins... | N/A | NONE | — | 0 |
| CVE-2023-35748 D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code... | N/A | NONE | — | 0 |
| CVE-2021-47674 Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was in a CNA pool that was not assigned to any issues during 2021. Notes: none. | N/A | NONE | — | 0 |
| CVE-2023-35749 D-Link DAP-2622 DDP Firmware Upgrade Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte... | N/A | NONE | — | 0 |
| CVE-2023-37325 D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installati... | N/A | NONE | — | 0 |
| CVE-2024-1930 No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-28132 Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local access to view sensitive information. Note: Software versions which... | 4.4 | MEDIUM | — | 0 |
| CVE-2024-28883 An origin validation vulnerability exists in BIG-IP APM browser network access VPN client for Windows, macOS and Linux which may allow an attacker to bypass F5 endpoint inspection. Note: Sof... | 7.4 | HIGH | — | 0 |
| CVE-2024-32943 An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly. | 7.5 | HIGH | — | 0 |
| CVE-2021-1440 A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Border Gateway... | 6.8 | MEDIUM | — | 0 |
| CVE-2021-1462 A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to elevate privileges on an affected system. To exploit this vulnerability, an attacker wo... | 6.7 | MEDIUM | — | 0 |
| CVE-2021-1465 A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to s... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-26066 A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. Th... | N/A | NONE | — | 0 |
| CVE-2020-26067 A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper valida... | 5.4 | MEDIUM | — | 0 |
| CVE-2024-52303 aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError.... | 7.5 | HIGH | — | 0 |
| CVE-2025-21096 Improper buffer restrictions in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. | 1.9 | LOW | — | 0 |
| CVE-2024-45420 Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-45422 Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-10382 There exists a code execution vulnerability in the Car App Android Jetpack Library. CarAppService uses deserialization logic that allows construction of arbitrary java classes. This can lead to arbitr... | 7.5 | HIGH | — | 0 |
| CVE-2024-52597 2FAuth is a web app to manage Two-Factor Authentication (2FA) accounts and generate their security codes. Versions prior to 5.4.1 are vulnerable to stored cross-site scripting due to improper headers ... | 6.1 | MEDIUM | — | 0 |
| CVE-2024-5581 Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is ... | N/A | NONE | — | 0 |
| CVE-2024-52598 2FAuth is a web app to manage Two-Factor Authentication (2FA) accounts and generate their security codes. Two interconnected vulnerabilities exist in version 5.4.1 a SSRF and URI validation bypass iss... | 7.5 | HIGH | — | 0 |
| CVE-2024-45663 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, 11.5, and 12.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted qu... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-48288 TP-Link TL-IPC42C V4.0_20211227_1.0.16 is vulnerable to command injection due to the lack of malicious code verification on both the frontend and backend. | 8.0 | HIGH | — | 0 |
| CVE-2024-52287 authentik is an open-source identity provider. When using the client_credentials or device_code OAuth grants, it was possible for an attacker to get a token from authentik with scopes that haven't bee... | 7.2 | HIGH | — | 0 |
| CVE-2024-52307 authentik is an open-source identity provider. Due to the usage of a non-constant time comparison for the /-/metrics/ endpoint it was possible to brute-force the SECRET_KEY, which is used to authentic... | 5.6 | MEDIUM | — | 0 |
| CVE-2024-41779 IBM Engineering Systems Design Rhapsody - Model Manager 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. By sending a specially crafted reques... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-41781 IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromi... | 5.1 | MEDIUM | — | 0 |
| CVE-2024-5510 Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P... | 7.8 | HIGH | — | 0 |
| CVE-2024-5511 Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P... | 7.8 | HIGH | — | 0 |
| CVE-2024-5512 Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofa... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-5513 Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power ... | 7.8 | HIGH | — | 0 |
| CVE-2024-5579 Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegr... | N/A | NONE | — | 0 |
| CVE-2024-5874 IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User in... | N/A | NONE | — | 0 |
| CVE-2024-5875 IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User in... | N/A | NONE | — | 0 |
| CVE-2024-5876 IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... | N/A | NONE | — | 0 |
| CVE-2024-5877 IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User in... | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.