Total
1457 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38182 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2023-38181 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.8 HIGH |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2023-38177 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-05-29 | N/A | 6.8 MEDIUM |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2023-36439 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2023-36050 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2023-36039 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2023-36035 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2023-35388 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2023-32031 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.8 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2023-28310 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2023-21529 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.8 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2024-21318 | 1 Microsoft | 1 Sharepoint Server | 2024-05-29 | N/A | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2024-26289 | 2024-05-28 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in PMB Services PMB allows Remote Code Inclusion.This issue affects PMB: from 7.5.1 before 7.5.6-2, from 7.4.1 before 7.4.9, from 7.3.1 before 7.3.18. | |||||
| CVE-2024-31879 | 2024-05-20 | N/A | 7.5 HIGH | ||
| IBM i 7.2, 7.3, and 7.4 could allow a remote attacker to execute arbitrary code leading to a denial of service of network ports on the system, caused by the deserialization of untrusted data. IBM X-Force ID: 287539. | |||||
| CVE-2024-34751 | 2024-05-17 | N/A | 4.4 MEDIUM | ||
| Deserialization of Untrusted Data vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.9. | |||||
| CVE-2024-3740 | 2024-05-17 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability, which was classified as critical, has been found in cym1102 nginxWebUI up to 3.9.9. This issue affects the function exec of the file /adminPage/conf/reload. The manipulation of the argument nginxExe leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260579. | |||||
| CVE-2024-3431 | 2024-05-17 | 5.8 MEDIUM | 4.7 MEDIUM | ||
| A vulnerability was found in EyouCMS 1.6.5. It has been declared as critical. This vulnerability affects unknown code of the file /login.php?m=admin&c=Field&a=channel_edit of the component Backend. The manipulation of the argument channel_id leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259612. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1750 | 2024-05-17 | 5.1 MEDIUM | 5.6 MEDIUM | ||
| A vulnerability, which was classified as critical, was found in TemmokuMVC up to 2.3. Affected is the function get_img_url/img_replace in the library lib/images_get_down.php of the component Image Download Handler. The manipulation leads to deserialization. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254532. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1748 | 2024-05-17 | 5.1 MEDIUM | 5.0 MEDIUM | ||
| A vulnerability classified as critical was found in van_der_Schaar LAB AutoPrognosis 0.1.21. This vulnerability affects the function load_model_from_file of the component Release Note Handler. The manipulation leads to deserialization. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-254530 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1353 | 1 Phpems | 1 Phpems | 2024-05-17 | 5.8 MEDIUM | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. Affected by this issue is the function index of the file app/weixin/controller/index.api.php. The manipulation of the argument picurl leads to deserialization. The exploit has been disclosed to the public and may be used. VDB-253226 is the identifier assigned to this vulnerability. | |||||