Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2024-49521 Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to a security feature bypass. A low privileged attacker could exploit this ... | 7.7 | HIGH | — | 0 |
| CVE-2024-49526 Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue ... | 7.8 | HIGH | — | 0 |
| CVE-2024-49527 Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypa... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-47427 Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of... | 7.8 | HIGH | — | 0 |
| CVE-2024-49528 Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this ... | 7.8 | HIGH | — | 0 |
| CVE-2024-51749 Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. ... | 3.5 | LOW | — | 0 |
| CVE-2024-51750 Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web and Desktop from rendering single messag... | 5.0 | MEDIUM | — | 0 |
| CVE-2024-52010 Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. A command injection vulnerability in the Web SSH feature allows an authenticated attacker to execute arbitrary commands as root on t... | N/A | NONE | — | 0 |
| CVE-2024-9999 In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in wit... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-21949 Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash. | 5.5 | MEDIUM | — | 0 |
| CVE-2024-21974 Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. | 8.8 | HIGH | — | 0 |
| CVE-2024-21975 Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. | 8.8 | HIGH | — | 0 |
| CVE-2024-38203 Windows Package Library Manager Information Disclosure Vulnerability | 6.2 | MEDIUM | — | 0 |
| CVE-2024-38255 SQL Server Native Client Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-38264 Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability | 5.9 | MEDIUM | — | 0 |
| CVE-2024-43447 Windows SMBv3 Server Remote Code Execution Vulnerability | 8.1 | HIGH | — | 0 |
| CVE-2024-43449 Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 | MEDIUM | — | 0 |
| CVE-2024-43450 Windows DNS Spoofing Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2024-43452 Windows Registry Elevation of Privilege Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2024-28881 Uncontrolled search path for some Intel(R) Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access. | 6.7 | MEDIUM | — | 0 |
| CVE-2024-43459 SQL Server Native Client Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-43462 SQL Server Native Client Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-43498 .NET and Visual Studio Remote Code Execution Vulnerability | 9.8 | CRITICAL | — | 0 |
| CVE-2024-43499 .NET and Visual Studio Denial of Service Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2024-43530 Windows Update Stack Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-43598 LightGBM Remote Code Execution Vulnerability | 8.1 | HIGH | — | 0 |
| CVE-2024-43602 Azure CycleCloud Remote Code Execution Vulnerability | 9.9 | CRITICAL | — | 0 |
| CVE-2024-43620 Windows Telephony Service Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-43621 Windows Telephony Service Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-43622 Windows Telephony Service Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-43623 Windows NT OS Kernel Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-43624 Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-43625 Microsoft Windows VMSwitch Elevation of Privilege Vulnerability | 8.1 | HIGH | — | 0 |
| CVE-2024-43629 Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-43630 Windows Kernel Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-43631 Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 6.7 | MEDIUM | — | 0 |
| CVE-2024-43633 Windows Hyper-V Denial of Service Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2024-43634 Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 | MEDIUM | — | 0 |
| CVE-2024-43635 Windows Telephony Service Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-43639 Windows KDC Proxy Remote Code Execution Vulnerability | 9.8 | CRITICAL | — | 0 |
| CVE-2024-43640 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-43641 Windows Registry Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-43642 Windows SMB Denial of Service Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2024-43643 Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 | MEDIUM | — | 0 |
| CVE-2024-43644 Windows Client-Side Caching Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2024-43645 Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability | 6.7 | MEDIUM | — | 0 |
| CVE-2024-28885 Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. | 5.9 | MEDIUM | — | 0 |
| CVE-2024-43646 Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 6.7 | MEDIUM | — | 0 |
| CVE-2024-48993 SQL Server Native Client Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2024-7184 A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. Affected by this vulnerability is the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi. ... | 8.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.