Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21150 | 1 Oracle | 1 Jd Edwards Enterpriseone Tools | 2025-02-10 | N/A | N/A |
| Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.8.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). | |||||
| CVE-2024-20881 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 6.7 MEDIUM |
| Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code execution. | |||||
| CVE-2024-20879 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 7.1 HIGH |
| Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2023-27645 | 1 Powerampapp | 1 Poweramp | 2025-02-10 | N/A | 9.8 CRITICAL |
| An issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote attacker to gain privileges via the reverb and EQ preset parameters. | |||||
| CVE-2022-3375 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 3.7 LOW |
| An issue has been discovered in GitLab affecting all versions starting from 11.10 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible to disclose the branch names when attacker has a fork of a project that was switched to private. | |||||
| CVE-2024-20834 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 3.3 LOW |
| The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission. | |||||
| CVE-2024-20835 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 7.8 HIGH |
| Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors. | |||||
| CVE-2024-20875 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 5.5 MEDIUM |
| Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files. | |||||
| CVE-2024-20876 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 7.8 HIGH |
| Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption. | |||||
| CVE-2024-20874 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 7.8 HIGH |
| Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2024-20866 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 6.6 MEDIUM |
| Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step. | |||||
| CVE-2024-20865 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 6.8 MEDIUM |
| Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical attackers to flash arbitrary images. | |||||
| CVE-2024-20859 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without privilege. | |||||
| CVE-2023-1710 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 5.3 MEDIUM |
| A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue. | |||||
| CVE-2023-1787 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 5.3 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description. | |||||
| CVE-2023-1733 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 7.5 HIGH |
| A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1. | |||||
| CVE-2023-0838 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 3.8 LOW |
| An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplete fix for CVE-2022-4342. | |||||
| CVE-2023-1098 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 4.9 MEDIUM |
| An information disclosure vulnerability has been discovered in GitLab EE/CE affecting all versions starting from 11.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 will allow an admin to leak password from repository mirror configuration. | |||||
| CVE-2023-28368 | 1 Tp-link | 2 T2600g-28sq, T2600g-28sq Firmware | 2025-02-10 | N/A | 5.7 MEDIUM |
| TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQ(UN)_V1_1.0.6 Build 20230227' uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential information for the affected device may be obtained. | |||||
| CVE-2024-20857 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in startListening of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application. | |||||