Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-54110 | 1 Huawei | 1 Harmonyos | 2024-12-12 | N/A | 7.5 HIGH |
| Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2024-54111 | 1 Huawei | 1 Harmonyos | 2024-12-12 | N/A | 7.5 HIGH |
| Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2024-54108 | 1 Huawei | 1 Harmonyos | 2024-12-12 | N/A | 7.5 HIGH |
| Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2024-54107 | 1 Huawei | 1 Harmonyos | 2024-12-12 | N/A | 7.5 HIGH |
| Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2024-54109 | 1 Huawei | 1 Harmonyos | 2024-12-12 | N/A | 7.5 HIGH |
| Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2024-54104 | 1 Huawei | 1 Harmonyos | 2024-12-12 | N/A | 7.5 HIGH |
| Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2024-54103 | 1 Huawei | 1 Harmonyos | 2024-12-12 | N/A | 7.5 HIGH |
| Vulnerability of improper access control in the album module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2024-26301 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-12-12 | N/A | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager. | |||||
| CVE-2024-27869 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-12-12 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to record the screen without an indicator. | |||||
| CVE-2024-27874 | 1 Apple | 2 Ipados, Iphone Os | 2024-12-12 | N/A | 7.5 HIGH |
| This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A remote attacker may be able to cause a denial-of-service. | |||||
| CVE-2023-3441 | 1 Gitlab | 1 Gitlab | 2024-12-12 | N/A | 9.1 CRITICAL |
| An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4. The product did not sufficiently warn about security implications of granting merge rights to protected branches. | |||||
| CVE-2024-5005 | 1 Gitlab | 1 Gitlab | 2024-12-12 | N/A | 4.3 MEDIUM |
| An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 17.4.2 It was possible for guest users to disclose project templates using the API. | |||||
| CVE-2024-44216 | 1 Apple | 1 Macos | 2024-12-12 | N/A | 5.5 MEDIUM |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access user-sensitive data. | |||||
| CVE-2023-29711 | 1 Interlink | 2 Psg-5124, Psg-5124 Firmware | 2024-12-12 | N/A | 9.8 CRITICAL |
| An incorrect access control issue was discovered in Interlink PSG-5124 version 1.0.4, allows attackers to execute arbitrary code via crafted GET request. | |||||
| CVE-2024-44145 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-12-12 | N/A | 6.1 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen. | |||||
| CVE-2024-32049 | 1 F5 | 1 Big-ip Next Central Manager | 2024-12-12 | N/A | 7.4 HIGH |
| BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG-IP Next LTM/WAF instance credentials. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2024-44240 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-12 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory. | |||||
| CVE-2024-44256 | 1 Apple | 1 Macos | 2024-12-12 | N/A | 8.6 HIGH |
| The issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to break out of its sandbox. | |||||
| CVE-2024-44295 | 1 Apple | 1 Macos | 2024-12-12 | N/A | 5.5 MEDIUM |
| This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system. | |||||
| CVE-2024-44260 | 1 Apple | 1 Macos | 2024-12-12 | N/A | 4.4 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app with root privileges may be able to modify the contents of system files. | |||||