Total
29590 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-38193 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-14 | N/A | 7.8 HIGH |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||||
CVE-2024-38107 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-08-14 | N/A | 7.8 HIGH |
Windows Power Dependency Coordinator Elevation of Privilege Vulnerability | |||||
CVE-2024-38213 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-08-14 | N/A | 6.5 MEDIUM |
Windows Mark of the Web Security Feature Bypass Vulnerability | |||||
CVE-2024-39404 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 4.3 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-39405 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 4.3 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-39407 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 4.3 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-39411 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 4.3 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-39413 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 4.3 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-39414 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 4.3 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-39415 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 4.3 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-39416 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 4.3 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-39417 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 4.3 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-39418 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 5.4 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures to view and edit low-sensitivity information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-39419 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 4.3 MEDIUM |
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. | |||||
CVE-2024-38200 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-08-13 | N/A | 6.5 MEDIUM |
Microsoft Office Spoofing Vulnerability | |||||
CVE-2022-4003 | 1 Motorola | 2 Q14, Q14 Firmware | 2024-08-13 | N/A | 6.5 MEDIUM |
A denial-of-service vulnerability could allow an authenticated user to trigger an internal service restart via a specially crafted API request. | |||||
CVE-2023-1577 | 1 Lenovo | 1 Drivers Management | 2024-08-13 | N/A | 7.8 HIGH |
A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307.1308 that could allow a local user to execute code with elevated privileges. | |||||
CVE-2017-3772 | 1 Lenovo | 1 Pcmanager | 2024-08-13 | N/A | 5.5 MEDIUM |
A vulnerability was reported in Lenovo PC Manager versions prior to 2.6.40.3154 that could allow an attacker to cause a system reboot. | |||||
CVE-2024-6758 | 1 Sprecher-automation | 24 Sprecon-e-c, Sprecon-e-c Firmware, Sprecon-e-p Dd6-2 and 21 more | 2024-08-13 | N/A | 6.5 MEDIUM |
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments. | |||||
CVE-2024-42347 | 1 Matrix | 1 Matrix-react-sdk | 2024-08-12 | N/A | 6.5 MEDIUM |
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability. |