Search Results (34218 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-26186 1 Microsoft 5 Sql 2016 Azure Connect Feature Pack, Sql Server 2016, Sql Server 2017 and 2 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37342 1 Microsoft 5 Sql 2016 Azure Connect Feature Pack, Sql Server 2016, Sql Server 2017 and 2 more 2024-12-31 7.1 High
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37337 1 Microsoft 5 Sql 2016 Azure Connect Feature Pack, Sql Server 2016, Sql Server 2017 and 2 more 2024-12-31 7.1 High
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37339 1 Microsoft 5 Sql 2016 Azure Connect Feature Pack, Sql Server 2016, Sql Server 2017 and 2 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37340 1 Microsoft 5 Sql 2016 Azure Connect Feature Pack, Sql Server 2016, Sql Server 2017 and 2 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37335 1 Microsoft 5 Sql 2016 Azure Connect Feature Pack, Sql Server 2016, Sql Server 2017 and 2 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-37338 1 Microsoft 5 Sql 2016 Azure Connect Feature Pack, Sql Server 2016, Sql Server 2017 and 2 more 2024-12-31 8.8 High
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2023-1329 1 Hp 1914 Laserjet Managed Mfp E62665 3gy14a, Laserjet Managed Mfp E62665 3gy14a Firmware, Laserjet Managed Mfp E62665 3gy15a and 1911 more 2024-12-31 9.8 Critical
A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products.
CVE-2022-41738 2 Ibm, Linux 2 Spectrum Scale Container Native Storage Access, Linux Kernel 2024-12-31 7.5 High
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an attacker to initiate connections to containers from external networks. IBM X-Force ID: 237812.
CVE-2022-41737 2 Ibm, Linux 2 Spectrum Scale Container Native Storage Access, Linux Kernel 2024-12-31 7.1 High
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local attacker to initiate connections from a container outside the current namespace. IBM X-Force ID: 237811.
CVE-2022-31645 1 Hp 654 Dragonfly Folio G3 2-in-1, Dragonfly Folio G3 2-in-1 Firmware, Elite Dragonfly and 651 more 2024-12-30 7.8 High
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
CVE-2022-31644 1 Hp 654 Dragonfly Folio G3 2-in-1, Dragonfly Folio G3 2-in-1 Firmware, Elite Dragonfly and 651 more 2024-12-30 7.8 High
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
CVE-2023-0009 1 Paloaltonetworks 1 Globalprotect 2024-12-30 7.8 High
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.
CVE-2022-31646 1 Hp 654 Dragonfly Folio G3 2-in-1, Dragonfly Folio G3 2-in-1 Firmware, Elite Dragonfly and 651 more 2024-12-30 7.8 High
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
CVE-2020-36723 1 Cridio 1 Listingpro 2024-12-28 5.3 Medium
The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Sensitive Data Exposure in versions before 2.6.1 via the ~/listingpro-plugin/functions.php file. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, full names, email addresses, phone numbers, physical addresses and user post counts.
CVE-2021-4380 1 Valvepress 1 Pinterest Automatic Pin 2024-12-28 9.8 Critical
The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wp_pinterest_automatic_parse_request' function and the 'process_form.php' script in versions up to, and including, 1.14.3. This makes it possible for unauthenticated attackers to update arbitrary options on a site that can be used to create new administrative user accounts or redirect unsuspecting site visitors.
CVE-2018-20060 3 Fedoraproject, Python, Redhat 4 Fedora, Urllib3, Ansible Tower and 1 more 2024-12-27 N/A
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2024-0115 2 Canonical, Nvidia 3 Ubuntu Linux, Cv-cuda, Jetpack Software Development Kit 2024-12-26 6.1 Medium
NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. A successful exploit of this vulnerability may lead to denial of service and data loss.
CVE-2022-48501 1 Huawei 1 Emui 2024-12-26 7.5 High
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48500 1 Huawei 1 Emui 2024-12-26 7.5 High
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.