Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35583 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20859 | 1 Samsung | 1 Android | 2025-02-10 | 5.5 Medium |
| Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without privilege. | ||||
| CVE-2023-28368 | 1 Tp-link | 2 T2600g-28sq, T2600g-28sq Firmware | 2025-02-10 | 5.7 Medium |
| TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQ(UN)_V1_1.0.6 Build 20230227' uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential information for the affected device may be obtained. | ||||
| CVE-2023-1787 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 4.3 Medium |
| An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description. | ||||
| CVE-2023-1733 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 5.8 Medium |
| A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1. | ||||
| CVE-2023-1710 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 5.3 Medium |
| A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue. | ||||
| CVE-2023-1098 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 5.8 Medium |
| An information disclosure vulnerability has been discovered in GitLab EE/CE affecting all versions starting from 11.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 will allow an admin to leak password from repository mirror configuration. | ||||
| CVE-2023-0838 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 5.5 Medium |
| An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplete fix for CVE-2022-4342. | ||||
| CVE-2024-20857 | 1 Samsung | 1 Android | 2025-02-10 | 4 Medium |
| Improper access control vulnerability in startListening of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application. | ||||
| CVE-2024-20858 | 2 Samsung, Samsung Mobile | 2 Android, Cocktailbarservice | 2025-02-10 | 4 Medium |
| Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application. | ||||
| CVE-2024-21989 | 1 Netapp | 1 Ontap Select Deploy Administration Utility | 2025-02-10 | 8.1 High |
| ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges. | ||||
| CVE-2023-1980 | 1 Devolutions | 1 Remote Desktop Manager | 2025-02-10 | 6.5 Medium |
| Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries. | ||||
| CVE-2024-38370 | 1 Glpi-project | 1 Glpi | 2025-02-10 | 5.3 Medium |
| GLPI is a free asset and IT management software package. Starting in 9.2.0 and prior to 11.0.0, it is possible to download a document from the API without appropriate rights. Upgrade to 10.0.16. | ||||
| CVE-2023-27703 | 1 Mypikpak | 1 Pikpak | 2025-02-10 | 3.3 Low |
| The Android version of pikpak v1.29.2 was discovered to contain an information leak via the debug interface. | ||||
| CVE-2023-27654 | 1 Whoapp | 1 Who | 2025-02-10 | 9.8 Critical |
| An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a escalation of privileges via the TTMultiProvider component. | ||||
| CVE-2023-27653 | 1 Whoapp | 1 Who | 2025-02-10 | 7.5 High |
| An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a denial of service via the SharedPreference files. | ||||
| CVE-2023-27647 | 1 Dualspace | 1 Lock Master | 2025-02-10 | 7.1 High |
| An issue found in DUALSPACE Lock Master v.2.2.4 allows a local attacker to cause a denial of service or gain sensitive information via the com.ludashi.superlock.util.pref.SharedPrefProviderEntryMethod: insert of the android.net.Uri.insert method. | ||||
| CVE-2023-23591 | 1 Terminalfour | 1 Terminalfour | 2025-02-10 | 4.9 Medium |
| The Logback component in Terminalfour before 8.3.14.1 allows OS administrators to obtain sensitive information from application server logs when debug logging is enabled. The fixed versions are 8.2.18.7, 8.2.18.2.2, 8.3.11.1, and 8.3.14.1. | ||||
| CVE-2018-15472 | 1 Gitlab | 1 Gitlab | 2025-02-10 | 7.5 High |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. The diff formatter using rouge can block for a long time in Sidekiq jobs without any timeout. | ||||
| CVE-2022-33959 | 1 Ibm | 1 Sterling Order Management | 2025-02-10 | 5.4 Medium |
| IBM Sterling Order Management 10.0 could allow a user to bypass validation and perform unauthorized actions on behalf of other users. IBM X-Force ID: 229320. | ||||
| CVE-2022-43928 | 1 Ibm | 1 Db2 Mirror For I | 2025-02-10 | 4.9 Medium |
| The IBM Toolbox for Java (Db2 Mirror for i 7.4 and 7.5) could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. Since Java strings are immutable, their contents exist in memory until garbage collected. This means sensitive data could be visible in memory over an indefinite amount of time. IBM has addressed this issue by reducing the amount of time the sensitive data is visible in memory. IBM X-Force ID: 241675. | ||||