CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-40583 UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails au... | 8.2 | HIGH | — | 0 |
| CVE-2023-6516 To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chu... | 7.5 | HIGH | — | 0 |
| CVE-2024-1309 Uncontrolled Resource Consumption vulnerability in Honeywell Niagara Framework on Windows, Linux, QNX allows Content Spoofing.This issue affects Niagara Framework: before Niagara AX 3.8.1, before Niag... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-24781 An unauthenticated remote attacker can use an uncontrolled resource consumption vulnerability to DoS the affected devices through excessive traffic on a single ethernet port. | 7.5 | HIGH | — | 0 |
| CVE-2024-24782 An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-1096 Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112067, 0x801120CB 0x801120CC 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-1163 The attacker may exploit a path traversal vulnerability leading to information disclosure. | 7.1 | HIGH | — | 0 |
| CVE-2024-21397 Microsoft Azure File Sync Elevation of Privilege Vulnerability | 5.3 | MEDIUM | — | 0 |
| CVE-2023-26562 In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) can send e-mail messages when configured for Imap/smtp. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-50808 Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI. | 6.1 | MEDIUM | — | 0 |
| CVE-2024-20667 Azure DevOps Server Remote Code Execution Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2024-20673 Microsoft Office Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-20679 Azure Stack Hub Spoofing Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2024-20684 Windows Hyper-V Denial of Service Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2024-20695 Skype for Business Information Disclosure Vulnerability | 5.7 | MEDIUM | — | 0 |
| CVE-2024-21304 Trusted Compute Base Elevation of Privilege Vulnerability | 4.1 | MEDIUM | — | 0 |
| CVE-2024-21315 Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-21327 Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | 7.6 | HIGH | — | 0 |
| CVE-2024-21328 Dynamics 365 Sales Spoofing Vulnerability | 7.6 | HIGH | — | 0 |
| CVE-2024-21329 Azure Connected Machine Agent Elevation of Privilege Vulnerability | 7.3 | HIGH | — | 0 |
| CVE-2024-21339 Windows USB Generic Parent Driver Remote Code Execution Vulnerability | 6.4 | MEDIUM | — | 0 |
| CVE-2024-21401 Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability | 9.8 | CRITICAL | — | 0 |
| CVE-2024-21402 Microsoft Outlook Elevation of Privilege Vulnerability | 7.1 | HIGH | — | 0 |
| CVE-2024-21340 Windows Kernel Information Disclosure Vulnerability | 4.6 | MEDIUM | — | 0 |
| CVE-2024-21341 Windows Kernel Remote Code Execution Vulnerability | 6.8 | MEDIUM | — | 0 |
| CVE-2024-21342 Windows DNS Client Denial of Service Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2024-21343 Windows Network Address Translation (NAT) Denial of Service Vulnerability | 5.9 | MEDIUM | — | 0 |
| CVE-2024-21403 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | 9.0 | CRITICAL | — | 0 |
| CVE-2024-26521 HTML Injection vulnerability in CE Phoenix v1.0.8.20 and before allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted payload to the e... | 4.8 | MEDIUM | — | 0 |
| CVE-2024-21344 Windows Network Address Translation (NAT) Denial of Service Vulnerability | 5.9 | MEDIUM | — | 0 |
| CVE-2024-21345 Windows Kernel Elevation of Privilege Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-21346 Win32k Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-21347 Microsoft ODBC Driver Remote Code Execution Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2024-21348 Internet Connection Sharing (ICS) Denial of Service Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2024-21349 Microsoft ActiveX Data Objects Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-21350 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-21352 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-21353 Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-1369 A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setti... | 9.1 | CRITICAL | — | 0 |
| CVE-2024-21354 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-21355 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | 7.0 | HIGH | — | 0 |
| CVE-2024-21356 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2024-21357 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | 8.1 | HIGH | — | 0 |
| CVE-2023-25535 Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This v... | 7.2 | HIGH | — | 0 |
| CVE-2024-21358 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-21359 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-21360 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-21361 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-21362 Windows Kernel Security Feature Bypass Vulnerability | 5.5 | MEDIUM | — | 0 |
| CVE-2024-21363 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.