Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-42967 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-03-13 | N/A | 9.8 CRITICAL |
| Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh. | |||||
| CVE-2024-21230 | 1 Oracle | 1 Mysql | 2025-03-13 | N/A | N/A |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2024-40521 | 1 Seacms | 1 Seacms | 2025-03-13 | N/A | 8.8 HIGH |
| SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is due to the fact that although admin_template.php imposes certain restrictions on the edited file, attackers can still bypass the restrictions and write code in some way, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges. | |||||
| CVE-2024-27896 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | N/A |
| Input verification vulnerability in the log module. Impact: Successful exploitation of this vulnerability can affect integrity. | |||||
| CVE-2024-27897 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | N/A |
| Input verification vulnerability in the call module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-52551 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | N/A |
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-52552 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | N/A |
| Input verification vulnerability in the power module. Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2022-44698 | 1 Microsoft | 10 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 7 more | 2025-03-13 | N/A | 5.4 MEDIUM |
| Windows SmartScreen Security Feature Bypass Vulnerability | |||||
| CVE-2023-52543 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | N/A |
| Permission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2023-52549 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | N/A |
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-52550 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | N/A | N/A |
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2024-37391 | 2 Microsoft, Proton | 2 Windows, Protonvpn | 2025-03-13 | N/A | 7.8 HIGH |
| ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant('{autopf}\Proton\Drive') + '"' in Setup/setup.iss. | |||||
| CVE-2024-27792 | 1 Apple | 1 Macos | 2025-03-13 | N/A | 5.5 MEDIUM |
| This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data. | |||||
| CVE-2023-42859 | 1 Apple | 1 Macos | 2025-03-13 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system. | |||||
| CVE-2024-6609 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-03-13 | N/A | 8.8 HIGH |
| When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128. | |||||
| CVE-2024-29779 | 1 Google | 1 Android | 2025-03-13 | N/A | 7.8 HIGH |
| there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-45335 | 1 Trendmicro | 1 Antivirus One | 2025-03-13 | N/A | 5.5 MEDIUM |
| Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection. | |||||
| CVE-2024-27881 | 1 Apple | 1 Macos | 2025-03-13 | N/A | 5.3 MEDIUM |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to access information about a user’s contacts. | |||||
| CVE-2024-5697 | 1 Mozilla | 1 Firefox | 2025-03-13 | N/A | 4.3 MEDIUM |
| A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127. | |||||
| CVE-2023-21113 | 1 Google | 1 Android | 2025-03-13 | N/A | 7.8 HIGH |
| In multiple locations, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||