Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 29323 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-45244 1 Hyperledger 1 Fabric 2024-10-30 N/A 5.3 MEDIUM
Hyperledger Fabric through 2.5.9 does not verify that a request has a timestamp within the expected time window.
CVE-2024-44460 1 Emqx 1 Nanomq 2024-10-30 N/A 7.5 HIGH
An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS).
CVE-2024-44287 1 Apple 1 Macos 2024-10-30 N/A 5.5 MEDIUM
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system.
CVE-2024-44265 1 Apple 1 Macos 2024-10-30 N/A 2.4 LOW
The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An attacker with physical access can input Game Controller events to apps running on a locked device.
CVE-2024-44253 1 Apple 1 Macos 2024-10-30 N/A 5.5 MEDIUM
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.
CVE-2024-44213 1 Apple 1 Macos 2024-10-30 N/A 5.9 MEDIUM
An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An attacker in a privileged network position may be able to leak sensitive user information.
CVE-2024-44208 1 Apple 1 Macos 2024-10-30 N/A 7.5 HIGH
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15. An app may be able to bypass certain Privacy preferences.
CVE-2024-44156 1 Apple 1 Macos 2024-10-30 N/A 7.1 HIGH
A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to bypass Privacy preferences.
CVE-2024-44137 1 Apple 1 Macos 2024-10-30 N/A 4.6 MEDIUM
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. An attacker with physical access may be able to share items from the lock screen.
CVE-2024-40855 1 Apple 1 Macos 2024-10-30 N/A 5.5 MEDIUM
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. A sandboxed app may be able to access sensitive user data.
CVE-2024-38312 1 Mozilla 1 Firefox 2024-10-30 N/A 6.5 MEDIUM
When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127.
CVE-2024-28067 1 Samsung 2 Exynos Modem 5300, Exynos Modem 5300 Firmware 2024-10-30 N/A 3.7 LOW
A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victim in plaintext.
CVE-2023-38198 1 Acme.sh Project 1 Acme.sh 2024-10-30 N/A 9.8 CRITICAL
acme.sh before 3.0.6 runs arbitrary commands from a remote server via eval, as exploited in the wild in June 2023.
CVE-2024-0568 1 Se 4 Renf22r2mmw, Renf22r2mmw Firmware, Rmnf22tb30 and 1 more 2024-10-30 N/A 8.8 HIGH
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of device configuration over NFC communication.
CVE-2024-44270 1 Apple 1 Macos 2024-10-30 N/A 8.6 HIGH
A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A sandboxed process may be able to circumvent sandbox restrictions.
CVE-2024-44269 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2024-10-30 N/A 5.5 MEDIUM
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. A malicious app may use shortcuts to access restricted files.
CVE-2024-44267 1 Apple 1 Macos 2024-10-30 N/A 5.5 MEDIUM
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system.
CVE-2024-50312 1 Redhat 1 Openshift Container Platform 2024-10-30 N/A 5.3 MEDIUM
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery of flaws or errors specific to the application's GraphQL implementation.
CVE-2024-9399 1 Mozilla 2 Firefox, Thunderbird 2024-10-30 N/A 7.5 HIGH
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9398 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2024-10-30 N/A 5.3 MEDIUM
By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.