Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-37845 | 1 Citadel | 1 Webcit | 2025-01-14 | N/A | 3.7 LOW |
| An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a violation of "The STARTTLS command is only valid in non-authenticated state." in RFC2595). This potentially allows an attacker to cause a victim's e-mail messages to be stored into an attacker's IMAP mailbox, but depends on details of the victim's client behavior. | |||||
| CVE-2019-19791 | 1 Lemonldap-ng | 1 Lemonldap\ | 2025-01-14 | N/A | 9.8 CRITICAL |
| In LemonLDAP::NG (aka lemonldap-ng) before 2.0.7, the default Apache HTTP Server configuration does not properly restrict access to SOAP/REST endpoints (when some LemonLDAP::NG setup options are used). For example, an attacker can insert index.fcgi/index.fcgi into a URL to bypass a Require directive. | |||||
| CVE-2023-28153 | 1 Kiddoware | 1 Kiddoware | 2025-01-14 | N/A | 6.4 MEDIUM |
| An issue was discovered in the Kiddoware Kids Place Parental Control application before 3.8.50 for Android. The child can remove all restrictions temporarily without the parents noticing by rebooting into Android Safe Mode and disabling the "Display over other apps" permission. | |||||
| CVE-2023-24604 | 1 Open-xchange | 1 Ox App Suite | 2025-01-14 | N/A | 4.3 MEDIUM |
| OX App Suite before backend 7.10.6-rev37 does not check HTTP header lengths when downloading, e.g., potentially allowing a crafted iCal feed to provide an unlimited amount of header data. | |||||
| CVE-2023-24603 | 1 Open-xchange | 1 Ox App Suite | 2025-01-14 | N/A | 6.5 MEDIUM |
| OX App Suite before backend 7.10.6-rev37 does not check size limits when downloading, e.g., potentially allowing a crafted iCal feed to provide an unlimited amount of data. | |||||
| CVE-2024-54119 | 1 Huawei | 1 Harmonyos | 2025-01-14 | N/A | 7.5 HIGH |
| Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2020-9082 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2025-01-14 | N/A | 4.6 MEDIUM |
| There is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the attacker should gain the permit to execute commands in ADB mode and then do a series of operation on the phone. Successful exploit could allow the attacker to gain certain information from certain apps locked by Applock. (Vulnerability ID: HWPSIRT-2019-07112) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9082. | |||||
| CVE-2024-49111 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-14 | N/A | N/A |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | |||||
| CVE-2024-49110 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-14 | N/A | N/A |
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-49112 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-14 | N/A | N/A |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||
| CVE-2024-49114 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-14 | N/A | N/A |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-49113 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-14 | N/A | N/A |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | |||||
| CVE-2024-49117 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2025-01-14 | N/A | N/A |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||
| CVE-2024-49121 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-14 | N/A | N/A |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | |||||
| CVE-2024-49125 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-01-14 | N/A | N/A |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | |||||
| CVE-2023-29738 | 1 Wavekeyboard | 1 Wave Animated Keyboard Emoji | 2025-01-14 | N/A | 7.8 HIGH |
| An issue found in Wave Animated Keyboard Emoji v.1.70.7 for Android allows a local attacker to cause code execution and escalation of Privileges via the database files. | |||||
| CVE-2022-47029 | 1 Actionlauncher | 1 Action Launcher | 2025-01-14 | N/A | 7.8 HIGH |
| An issue was found in Action Launcher v50.5 allows an attacker to escalate privilege via modification of the intent string to function update. | |||||
| CVE-2023-29741 | 1 Bestweather Project | 1 Bestweather | 2025-01-14 | N/A | 9.8 CRITICAL |
| An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause an escalation of privileges attack by manipulating the database. | |||||
| CVE-2023-29742 | 1 Bestweather Project | 1 Bestweather | 2025-01-14 | N/A | 7.8 HIGH |
| An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a code execution attack by manipulating the database. | |||||
| CVE-2023-29739 | 1 Amdroidapp | 1 Alarm Clock For Heavy Sleepers | 2025-01-14 | N/A | 9.8 CRITICAL |
| An issue found in Alarm Clock for Heavy Sleepers v.5.3.2 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the component. | |||||