Total
320 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-39826 | 2024-07-16 | N/A | 6.8 MEDIUM | ||
Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access. | |||||
CVE-2024-39821 | 2024-07-16 | N/A | 6.6 MEDIUM | ||
Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows may allow an authenticated user to conduct a denial of service via local access. | |||||
CVE-2024-27238 | 2024-07-16 | N/A | 7.1 HIGH | ||
Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access. | |||||
CVE-2024-39936 | 1 Qt | 1 Qt | 2024-07-08 | N/A | 5.9 MEDIUM |
An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed.. | |||||
CVE-2024-36304 | 2024-07-03 | N/A | 7.8 HIGH | ||
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2024-29149 | 2024-07-03 | N/A | 7.4 HIGH | ||
An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of a time-of-check time-of-use vulnerability, an authenticated attacker is able to replace the verified firmware image with malicious firmware during the update process. | |||||
CVE-2024-24995 | 2024-07-03 | N/A | 8.8 HIGH | ||
A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. | |||||
CVE-2024-24993 | 2024-07-03 | N/A | 8.8 HIGH | ||
A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. | |||||
CVE-2024-30084 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-06-21 | N/A | 7.0 HIGH |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | |||||
CVE-2024-30088 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-06-21 | N/A | 7.0 HIGH |
Windows Kernel Elevation of Privilege Vulnerability | |||||
CVE-2024-30099 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-06-20 | N/A | 7.0 HIGH |
Windows Kernel Elevation of Privilege Vulnerability | |||||
CVE-2024-35265 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2024-06-20 | N/A | 7.0 HIGH |
Windows Perception Service Elevation of Privilege Vulnerability | |||||
CVE-2023-20521 | 1 Amd | 186 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 183 more | 2024-06-18 | N/A | 5.7 MEDIUM |
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service. | |||||
CVE-2024-21433 | 2024-06-11 | N/A | 7.0 HIGH | ||
Windows Print Spooler Elevation of Privilege Vulnerability | |||||
CVE-2023-24861 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-05-29 | N/A | 7.0 HIGH |
Windows Graphics Component Elevation of Privilege Vulnerability | |||||
CVE-2023-23389 | 1 Microsoft | 1 Malware Protection Engine | 2024-05-29 | N/A | 6.3 MEDIUM |
Microsoft Defender Elevation of Privilege Vulnerability | |||||
CVE-2023-38146 | 1 Microsoft | 2 Windows 11 21h2, Windows 11 22h2 | 2024-05-29 | N/A | 8.8 HIGH |
Windows Themes Remote Code Execution Vulnerability | |||||
CVE-2023-38141 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-05-29 | N/A | 7.8 HIGH |
Windows Kernel Elevation of Privilege Vulnerability | |||||
CVE-2023-33156 | 1 Microsoft | 1 Malware Protection Engine | 2024-05-29 | N/A | 7.0 HIGH |
Microsoft Defender Elevation of Privilege Vulnerability | |||||
CVE-2023-33154 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-05-29 | N/A | 9.8 CRITICAL |
Windows Partition Management Driver Elevation of Privilege Vulnerability |