Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-0020 | 1 Google | 1 Android | 2025-03-19 | N/A | 5.5 MEDIUM |
| In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-24109 | 1 Apple | 1 Macos | 2025-03-19 | N/A | 5.5 MEDIUM |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access sensitive user data. | |||||
| CVE-2025-26705 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 7.5 HIGH |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05. | |||||
| CVE-2025-26704 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 4.3 MEDIUM |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05. | |||||
| CVE-2025-26703 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 4.3 MEDIUM |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04. | |||||
| CVE-2025-26702 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 7.5 HIGH |
| Improper Input Validation vulnerability in ZTE GoldenDB allows Input Data Manipulation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04. | |||||
| CVE-2024-26795 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-03-19 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: riscv: Sparse-Memory/vmemmap out-of-bounds fix Offset vmemmap so that the first page of vmemmap will be mapped to the first page of physical memory in order to ensure that vmemmap’s bounds will be respected during pfn_to_page()/page_to_pfn() operations. The conversion macros will produce correct SV39/48/57 addresses for every possible/valid DRAM_BASE inside the physical memory limits. v2:Address Alex's comments | |||||
| CVE-2021-47006 | 1 Linux | 1 Linux Kernel | 2025-03-19 | N/A | N/A |
| In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook The commit 1879445dfa7b ("perf/core: Set event's default ::overflow_handler()") set a default event->overflow_handler in perf_event_alloc(), and replace the check event->overflow_handler with is_default_overflow_handler(), but one is missing. Currently, the bp->overflow_handler can not be NULL. As a result, enable_single_step() is always not invoked. Comments from Zhen Lei: https://patchwork.kernel.org/project/linux-arm-kernel/patch/20210207105934.2001-1-thunder.leizhen@huawei.com/ | |||||
| CVE-2022-44595 | 1 Melapress | 1 Wp 2fa | 2025-03-19 | N/A | 5.3 MEDIUM |
| Improper Authentication vulnerability in Melapress WP 2FA allows Authentication Bypass.This issue affects WP 2FA: from n/a through 2.2.0. | |||||
| CVE-2024-40796 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-18 | N/A | 5.3 MEDIUM |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Private browsing may leak some browsing history. | |||||
| CVE-2024-44163 | 1 Apple | 1 Macos | 2025-03-18 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. A malicious application may be able to access private information. | |||||
| CVE-2024-39817 | 1 Cybozu | 1 Office | 2025-03-18 | N/A | 6.5 MEDIUM |
| Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access by conducting 'search' under certain conditions in Custom App. | |||||
| CVE-2024-6610 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-03-18 | N/A | 4.3 MEDIUM |
| Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128. | |||||
| CVE-2024-41600 | 1 Talelin | 1 Lin-cms-spring-boot | 2025-03-18 | N/A | 7.5 HIGH |
| Insecure Permissions vulnerability in lin-CMS Springboot v.0.2.1 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component. | |||||
| CVE-2024-41623 | 1 D3dsecurity | 2 D8801, D8801 Firmware | 2025-03-18 | N/A | 9.8 CRITICAL |
| An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload | |||||
| CVE-2024-40655 | 1 Google | 1 Android | 2025-03-18 | N/A | 7.8 HIGH |
| In bindAndGetCallIdentification of CallScreeningServiceHelper.java, there is a possible way to maintain a while-in-use permission in the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2023-52379 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-18 | N/A | N/A |
| Permission control vulnerability in the calendarProvider module.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2024-8900 | 1 Mozilla | 1 Firefox | 2025-03-18 | N/A | 7.5 HIGH |
| An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3. | |||||
| CVE-2024-22074 | 1 Dynamsoft | 1 Dynamsoft Service | 2025-03-18 | N/A | 9.8 CRITICAL |
| Dynamsoft Service 1.8.1025 through 1.8.2013, 1.7.0330 through 1.7.2531, 1.6.0428 through 1.6.1112, 1.5.0625 through 1.5.3116, 1.4.0618 through 1.4.1230, and 1.0.516 through 1.3.0115 has Incorrect Access Control. This is fixed in 1.8.2014, 1.7.4212, 1.6.3212, 1.5.31212, 1.4.3212, and 1.3.3212. | |||||
| CVE-2024-22102 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2025-03-18 | N/A | 5.5 MEDIUM |
| Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error. | |||||