| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2024-21000 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).... | | |
| CVE-2024-21001 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (co... | | |
| CVE-2024-21002 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co... | | |
| CVE-2024-21003 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co... | | |
| CVE-2024-21004 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co... | | |
| CVE-2024-21005 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co... | | |
| CVE-2024-21006 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... | | |
| CVE-2024-21007 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... | | |
| CVE-2024-21008 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21009 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21010 | Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (c... | | |
| CVE-2024-21011 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21012 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21013 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21014 | Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (c... | | |
| CVE-2024-21015 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi... | | |
| CVE-2024-21016 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21017 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21018 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21019 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21020 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21021 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21022 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21023 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21024 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21025 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21026 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21027 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21028 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21029 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21030 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21031 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21032 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21033 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21034 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21035 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21036 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21037 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21038 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21039 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21040 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21041 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21042 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21043 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21044 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21045 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21046 | Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business S... | | |
| CVE-2024-21047 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | | |
| CVE-2024-21048 | Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (... | | |
| CVE-2024-21049 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi... | | |
| CVE-2024-21050 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi... | | |
| CVE-2024-21051 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi... | | |
| CVE-2024-21052 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi... | | |
| CVE-2024-21053 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi... | | |
| CVE-2024-21054 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21055 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21056 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi... | | |
| CVE-2024-21057 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21058 | Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are... | | |
| CVE-2024-21059 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported ... | | |
| CVE-2024-21060 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Sup... | | |
| CVE-2024-21061 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Suppo... | | |
| CVE-2024-21062 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21063 | Vulnerability in the PeopleSoft Enterprise HCM Benefits Administration product of Oracle PeopleSoft ... | | |
| CVE-2024-21064 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (co... | | |
| CVE-2024-21065 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Work... | | |
| CVE-2024-21066 | Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affecte... | | |
| CVE-2024-21067 | Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (c... | | |
| CVE-2024-21068 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21069 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versi... | | |
| CVE-2024-21070 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Sear... | | |
| CVE-2024-21071 | Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Admin Screens an... | | |
| CVE-2024-21072 | Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Data Provi... | | |
| CVE-2024-21073 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Claim LO... | | |
| CVE-2024-21074 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Finance ... | | |
| CVE-2024-21075 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Claim Li... | | |
| CVE-2024-21076 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Offer LO... | | |
| CVE-2024-21077 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: GL Accou... | | |
| CVE-2024-21078 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Campaign LOV). ... | | |
| CVE-2024-21079 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Campaign LOV). ... | | |
| CVE-2024-21080 | Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: RE... | | |
| CVE-2024-21081 | Vulnerability in the Oracle Partner Management product of Oracle E-Business Suite (component: Attrib... | | |
| CVE-2024-21082 | Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Sup... | | |
| CVE-2024-21083 | Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Script Engine). Su... | | |
| CVE-2024-21084 | Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway). ... | | |
| CVE-2024-21085 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co... | | |
| CVE-2024-21086 | Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ... | | |
| CVE-2024-21087 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plug... | | |
| CVE-2024-21088 | Vulnerability in the Oracle Production Scheduling product of Oracle E-Business Suite (component: Imp... | | |
| CVE-2024-21089 | Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: Req... | | |
| CVE-2024-21090 | Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Suppor... | | |
| CVE-2024-21091 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply ... | | |
| CVE-2024-21092 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply ... | | |
| CVE-2024-21093 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affec... | | |
| CVE-2024-21094 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21095 | Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construc... | | |
| CVE-2024-21096 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported... | | |
| CVE-2024-21097 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Secu... | | |
| CVE-2024-21098 | Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Jav... | | |
| CVE-2024-21099 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (co... | | |
| CVE-2024-21100 | Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Platform). Sup... | | |
| CVE-2024-21101 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported... | | |
| CVE-2024-21102 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supp... | | |
| CVE-2024-21103 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21104 | Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). ... | | |
| CVE-2024-21105 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported ... | | |
| CVE-2024-21106 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21107 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21108 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21109 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21110 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21111 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21112 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21113 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21114 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21115 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21116 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21117 | Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Ou... | | |
| CVE-2024-21118 | Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Ou... | | |
| CVE-2024-21119 | Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Ou... | | |
| CVE-2024-21120 | Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Ou... | | |
| CVE-2024-21121 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21122 | Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft (compo... | | |
| CVE-2024-21123 | Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions t... | | |
| CVE-2024-21125 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versi... | | |
| CVE-2024-21126 | Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Supp... | | |
| CVE-2024-21127 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versi... | | |
| CVE-2024-21128 | Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component... | | |
| CVE-2024-21129 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versi... | | |
| CVE-2024-21130 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21131 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21132 | Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite (component: Approvals). S... | | |
| CVE-2024-21133 | Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware (component: Servle... | | |
| CVE-2024-21134 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). ... | | |
| CVE-2024-21135 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21136 | Vulnerability in the Oracle Retail Xstore Office product of Oracle Retail Applications (component: S... | | |
| CVE-2024-21137 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21138 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21139 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (co... | | |
| CVE-2024-21140 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21141 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21142 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).... | | |
| CVE-2024-21143 | Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Management). ... | | |
| CVE-2024-21144 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co... | | |
| CVE-2024-21145 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21146 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: GL Accou... | | |
| CVE-2024-21147 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21148 | Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Pe... | | |
| CVE-2024-21149 | Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite (componen... | | |
| CVE-2024-21150 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run... | | |
| CVE-2024-21151 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The support... | | |
| CVE-2024-21152 | Vulnerability in the Oracle Process Manufacturing Financials product of Oracle E-Business Suite (com... | | |
| CVE-2024-21153 | Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business S... | | |
| CVE-2024-21154 | Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (compone... | | |
| CVE-2024-21155 | Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: User Int... | | |
| CVE-2024-21157 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | | |
| CVE-2024-21158 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Port... | | |
| CVE-2024-21159 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | | |
| CVE-2024-21160 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | | |
| CVE-2024-21161 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21162 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21163 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21164 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21165 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supp... | | |
| CVE-2024-21166 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | | |
| CVE-2024-21167 | Vulnerability in the Oracle Trading Community product of Oracle E-Business Suite (component: Party S... | | |
| CVE-2024-21168 | Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: ... | | |
| CVE-2024-21169 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Partners). Sup... | | |
| CVE-2024-21170 | Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Suppor... | | |
| CVE-2024-21171 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | | |
| CVE-2024-21172 | Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (componen... | | |
| CVE-2024-21173 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | | |
| CVE-2024-21174 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affec... | | |
| CVE-2024-21175 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... | | |
| CVE-2024-21176 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supp... | | |
| CVE-2024-21177 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | S | |
| CVE-2024-21178 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Port... | | |
| CVE-2024-21179 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | | |
| CVE-2024-21180 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Open... | | |
| CVE-2024-21181 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... | | |
| CVE-2024-21182 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... | | |
| CVE-2024-21183 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... | | |
| CVE-2024-21184 | Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported ... | | |
| CVE-2024-21185 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | | |
| CVE-2024-21188 | Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Fina... | | |
| CVE-2024-21190 | Vulnerability in the Oracle Global Lifecycle Management FMW Installer product of Oracle Fusion Middl... | | |
| CVE-2024-21191 | Vulnerability in the Oracle Enterprise Manager Fusion Middleware Control product of Oracle Fusion Mi... | | |
| CVE-2024-21192 | Vulnerability in the Oracle Enterprise Manager for Fusion Middleware product of Oracle Fusion Middle... | | |
| CVE-2024-21193 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versio... | | |
| CVE-2024-21194 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | S | |
| CVE-2024-21195 | Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Layout Templates). ... | | |
| CVE-2024-21196 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported ... | S | |
| CVE-2024-21197 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). ... | S | |
| CVE-2024-21198 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versi... | S | |
| CVE-2024-21199 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | S | |
| CVE-2024-21200 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | S | |
| CVE-2024-21201 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | S | |
| CVE-2024-21202 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA ... | | |
| CVE-2024-21203 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versi... | S | |
| CVE-2024-21204 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versio... | S | |
| CVE-2024-21205 | Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Fun... | | |
| CVE-2024-21206 | Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (... | | |
| CVE-2024-21207 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | S | |
| CVE-2024-21208 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21209 | Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported... | S | |
| CVE-2024-21210 | Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Orac... | | |
| CVE-2024-21211 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21212 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Health Monitor). Supp... | S | |
| CVE-2024-21213 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | S | |
| CVE-2024-21214 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Quer... | | |
| CVE-2024-21215 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... | | |
| CVE-2024-21216 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... | | |
| CVE-2024-21217 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21218 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | S | |
| CVE-2024-21219 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi... | S | |
| CVE-2024-21230 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | S | |
| CVE-2024-21231 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported v... | S | |
| CVE-2024-21232 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). ... | S | |
| CVE-2024-21233 | Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions t... | | |
| CVE-2024-21234 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... | | |
| CVE-2024-21235 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... | | |
| CVE-2024-21236 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | S | |
| CVE-2024-21237 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS)... | S | |
| CVE-2024-21238 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supp... | S | |
| CVE-2024-21239 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... | S | |
| CVE-2024-21241 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... | S | |
| CVE-2024-21242 | Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are ... | | |
| CVE-2024-21243 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported... | S | |
| CVE-2024-21244 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported... | S | |
| CVE-2024-21245 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Busines... | | |
| CVE-2024-21246 | Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Fun... | | |
| CVE-2024-21247 | Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported... | S | |
| CVE-2024-21248 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21249 | Vulnerability in the PeopleSoft Enterprise FIN Expenses product of Oracle PeopleSoft (component: Exp... | | |
| CVE-2024-21250 | Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business S... | | |
| CVE-2024-21251 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affec... | | |
| CVE-2024-21252 | Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite (component: Item Catalog)... | | |
| CVE-2024-21253 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21254 | Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Suppo... | | |
| CVE-2024-21255 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XMLP... | | |
| CVE-2024-21257 | Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization... | | |
| CVE-2024-21258 | Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Inter... | | |
| CVE-2024-21259 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21260 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... | | |
| CVE-2024-21261 | Vulnerability in Oracle Application Express (component: General). Supported versions that are affec... | | |
| CVE-2024-21262 | Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supporte... | | |
| CVE-2024-21263 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21264 | Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSof... | | |
| CVE-2024-21265 | Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (component: Site Hierarchy F... | | |
| CVE-2024-21266 | Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite (component: Price Li... | | |
| CVE-2024-21267 | Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Plan... | | |
| CVE-2024-21268 | Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Diag... | | |
| CVE-2024-21269 | Vulnerability in the Oracle Incentive Compensation product of Oracle E-Business Suite (component: Co... | | |
| CVE-2024-21270 | Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (compone... | | |
| CVE-2024-21271 | Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Field Servi... | | |
| CVE-2024-21272 | Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Suppor... | | |
| CVE-2024-21273 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo... | | |
| CVE-2024-21274 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console)... | | |
| CVE-2024-21275 | Vulnerability in the Oracle Quoting product of Oracle E-Business Suite (component: User Interface). ... | | |
| CVE-2024-21276 | Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component: Messages)... | | |
| CVE-2024-21277 | Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (compon... | | |
| CVE-2024-21278 | Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E-Busi... | | |
| CVE-2024-21279 | Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions). Supp... | | |
| CVE-2024-21280 | Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite (component: Authori... | | |
| CVE-2024-21281 | Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applic... | | |
| CVE-2024-21282 | Vulnerability in the Oracle Financials product of Oracle E-Business Suite (component: Common Compone... | | |
| CVE-2024-21283 | Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft (com... | | |
| CVE-2024-21284 | Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applic... | | |
| CVE-2024-21285 | Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applic... | | |
| CVE-2024-21286 | Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Management product of Oracle Peop... | | |
| CVE-2024-21287 | Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software ... | KEV | |
| CVE-2024-21302 | Windows Secure Kernel Mode Elevation of Privilege Vulnerability | S | |
| CVE-2024-21303 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | S | |
| CVE-2024-21304 | Trusted Compute Base Elevation of Privilege Vulnerability | S | |
| CVE-2024-21305 | Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability | S | |
| CVE-2024-21306 | Microsoft Bluetooth Driver Spoofing Vulnerability | S | |
| CVE-2024-21307 | Remote Desktop Client Remote Code Execution Vulnerability | S | |
| CVE-2024-21308 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21309 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | S | |
| CVE-2024-21310 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | S | |
| CVE-2024-21311 | Windows Cryptographic Services Information Disclosure Vulnerability | S | |
| CVE-2024-21312 | .NET Framework Denial of Service Vulnerability | S | |
| CVE-2024-21313 | Windows TCP/IP Information Disclosure Vulnerability | S | |
| CVE-2024-21314 | Microsoft Message Queuing Information Disclosure Vulnerability | S | |
| CVE-2024-21315 | Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability | S | |
| CVE-2024-21316 | Windows Server Key Distribution Service Security Feature Bypass | S | |
| CVE-2024-21317 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21318 | Microsoft SharePoint Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21319 | Microsoft Identity Denial of service vulnerability | S | |
| CVE-2024-21320 | Windows Themes Spoofing Vulnerability | S | |
| CVE-2024-21322 | Microsoft Defender for IoT Remote Code Execution Vulnerability | | |
| CVE-2024-21323 | Microsoft Defender for IoT Remote Code Execution Vulnerability | | |
| CVE-2024-21324 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | | |
| CVE-2024-21325 | Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability | S | |
| CVE-2024-21326 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | S | |
| CVE-2024-21327 | Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | S | |
| CVE-2024-21328 | Dynamics 365 Sales Spoofing Vulnerability | S | |
| CVE-2024-21329 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | S | |
| CVE-2024-21330 | Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | | |
| CVE-2024-21331 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21332 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21333 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21334 | Open Management Infrastructure (OMI) Remote Code Execution Vulnerability | S | |
| CVE-2024-21335 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21336 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | S | |
| CVE-2024-21337 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | S | |
| CVE-2024-21338 | Windows Kernel Elevation of Privilege Vulnerability | KEV E S | |
| CVE-2024-21339 | Windows USB Generic Parent Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-21340 | Windows Kernel Information Disclosure Vulnerability | S | |
| CVE-2024-21341 | Windows Kernel Remote Code Execution Vulnerability | S | |
| CVE-2024-21342 | Windows DNS Client Denial of Service Vulnerability | S | |
| CVE-2024-21343 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | S | |
| CVE-2024-21344 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | S | |
| CVE-2024-21345 | Windows Kernel Elevation of Privilege Vulnerability | S | |
| CVE-2024-21346 | Win32k Elevation of Privilege Vulnerability | S | |
| CVE-2024-21347 | Microsoft ODBC Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-21348 | Internet Connection Sharing (ICS) Denial of Service Vulnerability | S | |
| CVE-2024-21349 | Microsoft ActiveX Data Objects Remote Code Execution Vulnerability | S | |
| CVE-2024-21350 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21351 | Windows SmartScreen Security Feature Bypass Vulnerability | KEV S | |
| CVE-2024-21352 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21353 | Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-21354 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | S | |
| CVE-2024-21355 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | S | |
| CVE-2024-21356 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | S | |
| CVE-2024-21357 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | S | |
| CVE-2024-21358 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21359 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21360 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21361 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21362 | Windows Kernel Security Feature Bypass Vulnerability | S | |
| CVE-2024-21363 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | S | |
| CVE-2024-21364 | Microsoft Azure Site Recovery Elevation of Privilege Vulnerability | S | |
| CVE-2024-21365 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21366 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21367 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21368 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21369 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21370 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21371 | Windows Kernel Elevation of Privilege Vulnerability | S | |
| CVE-2024-21372 | Windows OLE Remote Code Execution Vulnerability | S | |
| CVE-2024-21373 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21374 | Microsoft Teams for Android Information Disclosure Vulnerability | S | |
| CVE-2024-21375 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21376 | Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability | S | |
| CVE-2024-21377 | Windows DNS Information Disclosure Vulnerability | S | |
| CVE-2024-21378 | Microsoft Outlook Remote Code Execution Vulnerability | S | |
| CVE-2024-21379 | Microsoft Word Remote Code Execution Vulnerability | S | |
| CVE-2024-21380 | Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability | S | |
| CVE-2024-21381 | Microsoft Azure Active Directory B2C Spoofing Vulnerability | S | |
| CVE-2024-21382 | Microsoft Edge for Android Information Disclosure Vulnerability | S | |
| CVE-2024-21383 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | S | |
| CVE-2024-21384 | Microsoft Office OneNote Remote Code Execution Vulnerability | S | |
| CVE-2024-21385 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | S | |
| CVE-2024-21386 | .NET Denial of Service Vulnerability | S | |
| CVE-2024-21387 | Microsoft Edge for Android Spoofing Vulnerability | S | |
| CVE-2024-21388 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | S | |
| CVE-2024-21389 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | S | |
| CVE-2024-21390 | Microsoft Authenticator Elevation of Privilege Vulnerability | S | |
| CVE-2024-21391 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21392 | .NET and Visual Studio Denial of Service Vulnerability | S | |
| CVE-2024-21393 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | S | |
| CVE-2024-21394 | Dynamics 365 Field Service Spoofing Vulnerability | S | |
| CVE-2024-21395 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | S | |
| CVE-2024-21396 | Dynamics 365 Sales Spoofing Vulnerability | S | |
| CVE-2024-21397 | Microsoft Azure File Sync Elevation of Privilege Vulnerability | S | |
| CVE-2024-21398 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21399 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | S | |
| CVE-2024-21400 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | S | |
| CVE-2024-21401 | Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability | S | |
| CVE-2024-21402 | Microsoft Outlook Elevation of Privilege Vulnerability | S | |
| CVE-2024-21403 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | S | |
| CVE-2024-21404 | .NET Denial of Service Vulnerability | S | |
| CVE-2024-21405 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability | S | |
| CVE-2024-21406 | Windows Printing Service Spoofing Vulnerability | S | |
| CVE-2024-21407 | Windows Hyper-V Remote Code Execution Vulnerability | S | |
| CVE-2024-21408 | Windows Hyper-V Denial of Service Vulnerability | S | |
| CVE-2024-21409 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | | |
| CVE-2024-21410 | Microsoft Exchange Server Elevation of Privilege Vulnerability | KEV S | |
| CVE-2024-21411 | Skype for Consumer Remote Code Execution Vulnerability | | |
| CVE-2024-21412 | Internet Shortcut Files Security Feature Bypass Vulnerability | KEV S | |
| CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability | KEV E S | |
| CVE-2024-21414 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21415 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21416 | Windows TCP/IP Remote Code Execution Vulnerability | S | |
| CVE-2024-21417 | Windows Text Services Framework Elevation of Privilege Vulnerability | | |
| CVE-2024-21418 | Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability | | |
| CVE-2024-21419 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | S | |
| CVE-2024-21420 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21421 | Azure SDK Spoofing Vulnerability | | |
| CVE-2024-21423 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | S | |
| CVE-2024-21424 | Azure Compute Gallery Elevation of Privilege Vulnerability | | |
| CVE-2024-21425 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21426 | Microsoft SharePoint Server Remote Code Execution Vulnerability | S | |
| CVE-2024-21427 | Windows Kerberos Security Feature Bypass Vulnerability | S | |
| CVE-2024-21428 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | | |
| CVE-2024-21429 | Windows USB Hub Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-21430 | Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability | S | |
| CVE-2024-21431 | Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability | S | |
| CVE-2024-21432 | Windows Update Stack Elevation of Privilege Vulnerability | S | |
| CVE-2024-21433 | Windows Print Spooler Elevation of Privilege Vulnerability | S | |
| CVE-2024-21434 | Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability | | |
| CVE-2024-21435 | Windows OLE Remote Code Execution Vulnerability | | |
| CVE-2024-21436 | Windows Installer Elevation of Privilege Vulnerability | | |
| CVE-2024-21437 | Windows Graphics Component Elevation of Privilege Vulnerability | | |
| CVE-2024-21438 | Microsoft AllJoyn API Denial of Service Vulnerability | | |
| CVE-2024-21439 | Windows Telephony Server Elevation of Privilege Vulnerability | | |
| CVE-2024-21440 | Microsoft ODBC Driver Remote Code Execution Vulnerability | | |
| CVE-2024-21441 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | | |
| CVE-2024-21442 | Windows USB Print Driver Elevation of Privilege Vulnerability | | |
| CVE-2024-21443 | Windows Kernel Elevation of Privilege Vulnerability | | |
| CVE-2024-21444 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | | |
| CVE-2024-21445 | Windows USB Print Driver Elevation of Privilege Vulnerability | | |
| CVE-2024-21446 | NTFS Elevation of Privilege Vulnerability | | |
| CVE-2024-21447 | Windows Authentication Elevation of Privilege Vulnerability | | |
| CVE-2024-21448 | Microsoft Teams for Android Information Disclosure Vulnerability | | |
| CVE-2024-21449 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | S | |
| CVE-2024-21450 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | | |
| CVE-2024-21451 | Microsoft ODBC Driver Remote Code Execution Vulnerability | | |
| CVE-2024-21452 | Improper Input Validation in Automotive Telematics | | |
| CVE-2024-21453 | Improper Input Validation in Automotive Telematics | | |
| CVE-2024-21454 | Integer Overflow to Buffer Overflow in Automotive Telematics | | |
| CVE-2024-21455 | Untrusted Pointer Dereference in DSP Service | | |
| CVE-2024-21456 | Buffer Over-read in WLAN HOST | S | |
| CVE-2024-21457 | Buffer Over-read in WLAN Host Communication | S | |
| CVE-2024-21458 | Buffer Over-read in WLAN HOST | S | |
| CVE-2024-21459 | Buffer Over-read in WLAN HOST | | |
| CVE-2024-21460 | Use of Insufficiently Random Values in Core | | |
| CVE-2024-21461 | Double Free in HLOS | | |
| CVE-2024-21462 | Buffer Over-read in TZ Secure OS | | |
| CVE-2024-21463 | Buffer Copy Without Checking Size of Input in Audio | | |
| CVE-2024-21464 | Buffer Copy Without Checking Size of Input in Data Network Stack & Connectivity | S | |
| CVE-2024-21465 | Buffer Over-read in Trusted Execution Environment | | |
| CVE-2024-21466 | Integer Underflow (Wrap or Wraparound) in WLAN Host Communication | S | |
| CVE-2024-21467 | Buffer Over-read in WLAN Host Communication | | |
| CVE-2024-21468 | Use After Free in Kernel | S | |
| CVE-2024-21469 | Permissions, Privileges, and Access Control issues in TZ Secure OS | | |
| CVE-2024-21470 | Integer Overflow to Buffer Overflow in Graphics Windows | | |
| CVE-2024-21471 | Use After Free in Graphics Linux | S | |
| CVE-2024-21472 | Use After Free in Kernel | S | |
| CVE-2024-21473 | Improper Input Validation in WIN SON | | |
| CVE-2024-21474 | Stack-based Buffer Overflow in PMIC | | |
| CVE-2024-21475 | Use of Out-of-range Pointer Offset in Video | S | |
| CVE-2024-21476 | Improper Input Validation in Secure Processor | | |
| CVE-2024-21477 | Buffer Over-read in WLAN Firmware | | |
| CVE-2024-21478 | NULL Pointer Dereference in Graphics | S | |
| CVE-2024-21479 | Buffer Over-read in Audio | | |
| CVE-2024-21480 | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio | | |
| CVE-2024-21481 | Improper Restriction of Operations within the Bounds of a Memory Buffer in Hypervisor | | |
| CVE-2024-21482 | Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux Boot Loader | S | |
| CVE-2024-21483 | A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (All versions ... | | |
| CVE-2024-21484 | Versions of the package jsrsasign before 11.0.0 are vulnerable to Observable Discrepancy via the RSA... | E S | |
| CVE-2024-21485 | Versions of the package dash-core-components before 2.13.0; versions of the package dash-core-compon... | E S | |
| CVE-2024-21488 | Versions of the package network before 0.7.0 are vulnerable to Arbitrary Command Injection due to us... | E S | |
| CVE-2024-21489 | Versions of the package uplot before 1.6.31 are vulnerable to Prototype Pollution via the uplot.assi... | | |
| CVE-2024-21490 | This affects versions of the package angular from 1.3.0. A regular expression used to split the valu... | E | |
| CVE-2024-21491 | Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue i... | S | |
| CVE-2024-21492 | All versions of the package github.com/greenpau/caddy-security are vulnerable to Insufficient Sessio... | | |
| CVE-2024-21493 | All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation... | | |
| CVE-2024-21494 | All versions of the package github.com/greenpau/caddy-security are vulnerable to Authentication Bypa... | | |
| CVE-2024-21495 | Versions of the package github.com/greenpau/caddy-security before 1.0.42 are vulnerable to Insecure ... | S | |
| CVE-2024-21496 | All versions of the package github.com/greenpau/caddy-security are vulnerable to Cross-site Scriptin... | | |
| CVE-2024-21497 | All versions of the package github.com/greenpau/caddy-security are vulnerable to Open Redirect via t... | M | |
| CVE-2024-21498 | All versions of the package github.com/greenpau/caddy-security are vulnerable to Server-side Request... | | |
| CVE-2024-21499 | All versions of the package github.com/greenpau/caddy-security are vulnerable to HTTP Header Injecti... | | |
| CVE-2024-21500 | All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Restrictio... | E | |
| CVE-2024-21501 | Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used... | E S | |
| CVE-2024-21502 | Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on th... | E S | |
| CVE-2024-21503 | Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (... | | |
| CVE-2024-21504 | Versions of the package livewire/livewire from 3.3.5 and before 3.4.9 are vulnerable to Cross-site S... | | |
| CVE-2024-21505 | Versions of the package web3-utils before 4.2.1 are vulnerable to Prototype Pollution via the utilit... | | |
| CVE-2024-21506 | Rejected reason: Duplicate of CVE-2024-5629.... | R | |
| CVE-2024-21507 | Versions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the ... | E S | |
| CVE-2024-21508 | Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the re... | | |
| CVE-2024-21509 | Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure re... | E S | |
| CVE-2024-21510 | Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Secur... | | |
| CVE-2024-21511 | Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improp... | | |
| CVE-2024-21512 | Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper us... | | |
| CVE-2024-21513 | Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbit... | S | |
| CVE-2024-21514 | This affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identi... | E S | |
| CVE-2024-21515 | This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was ident... | E S | |
| CVE-2024-21516 | This affects versions of the package opencart/opencart from 4.0.0.0 and before 4.1.0.0. A reflected ... | E S | |
| CVE-2024-21517 | This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was ident... | E S | |
| CVE-2024-21518 | This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified... | E S | |
| CVE-2024-21519 | This affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation issu... | E | |
| CVE-2024-21520 | Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XS... | | |
| CVE-2024-21521 | All versions of the package @discordjs/opus are vulnerable to Denial of Service (DoS) due to providi... | | |
| CVE-2024-21522 | All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSi... | | |
| CVE-2024-21523 | All versions of the package images are vulnerable to Denial of Service (DoS) due to providing unexpe... | | |
| CVE-2024-21524 | All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect... | E | |
| CVE-2024-21525 | All versions of the package node-twain are vulnerable to Improper Check or Handling of Exceptional C... | | |
| CVE-2024-21526 | All versions of the package speaker are vulnerable to Denial of Service (DoS) when providing unexpec... | | |
| CVE-2024-21527 | Versions of the package github.com/gotenberg/gotenberg/v8/pkg/gotenberg before 8.1.0; versions of th... | | |
| CVE-2024-21528 | All versions of the package node-gettext are vulnerable to Prototype Pollution via the addTranslatio... | | |
| CVE-2024-21529 | Versions of the package dset before 3.1.4 are vulnerable to Prototype Pollution via the dset functio... | | |
| CVE-2024-21530 | Versions of the package cocoon before 0.4.0 are vulnerable to Reusing a Nonce, Key Pair in Encryptio... | | |
| CVE-2024-21531 | All versions of the package git-shallow-clone are vulnerable to Command injection due to missing san... | | |
| CVE-2024-21532 | All versions of the package ggit are vulnerable to Command Injection via the fetchTags(branch) API, ... | | |
| CVE-2024-21533 | All versions of the package ggit are vulnerable to Arbitrary Argument Injection via the clone() API,... | | |
| CVE-2024-21534 | All versions of the package jsonpath-plus are vulnerable to Remote Code Execution (RCE) due to impro... | | |
| CVE-2024-21535 | Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) vi... | S | |
| CVE-2024-21536 | Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerab... | E S | |
| CVE-2024-21537 | Versions of the package lilconfig from 3.1.0 and before 3.1.1 are vulnerable to Arbitrary Code Execu... | | |
| CVE-2024-21538 | Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regu... | | |
| CVE-2024-21539 | Versions of the package @eslint/plugin-kit before 0.2.3 are vulnerable to Regular Expression Denial ... | | |
| CVE-2024-21540 | Rejected reason: This issue is not a vulnerability because no real attack scenario can happen.... | R | |
| CVE-2024-21541 | Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to ... | E | |
| CVE-2024-21542 | Versions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extrac... | | |
| CVE-2024-21543 | Versions of the package djoser before 2.3.0 are vulnerable to Authentication Bypass when the authent... | | |
| CVE-2024-21544 | Versions of the package spatie/browsershot before 5.0.1 are vulnerable to Improper Input Validation ... | | |
| CVE-2024-21545 | Proxmox Virtual Environment is an open-source server management platform for enterprise virtualizati... | | |
| CVE-2024-21546 | Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Exec... | | |
| CVE-2024-21547 | Versions of the package spatie/browsershot before 5.0.2 are vulnerable to Directory Traversal due to... | | |
| CVE-2024-21548 | Versions of the package bun before 1.1.30 are vulnerable to Prototype Pollution due to improper inpu... | | |
| CVE-2024-21549 | Versions of the package spatie/browsershot before 5.0.3 are vulnerable to Improper Input Validation ... | | |
| CVE-2024-21550 | SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicl... | S | |
| CVE-2024-21552 | All versions of `SuperAGI` are vulnerable to Arbitrary Code Execution due to unsafe use of the ‘eval... | | |
| CVE-2024-21571 | Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent. The v... | | |
| CVE-2024-21574 | The issue stems from a missing validation of the pip field in a POST request sent to the /customnode... | | |
| CVE-2024-21575 | ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of the ... | | |
| CVE-2024-21576 | ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in the ... | | |
| CVE-2024-21577 | ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval() in... | | |
| CVE-2024-21583 | Versions of the package github.com/gitpod-io/gitpod/components/server/go/pkg/lib before main-gha.271... | | |
| CVE-2024-21584 | Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. If an attacker tricks... | | |
| CVE-2024-21585 | Junos OS and Junos OS Evolved: BGP session flaps on NSR-enabled devices can cause rpd crash | S | |
| CVE-2024-21586 | Junos OS: SRX Series and NFX Series: Specific valid traffic leads to a PFE crash | S | |
| CVE-2024-21587 | Junos OS: MX Series: Memory leak in bbe-smgd process if BFD liveness detection for DHCP subscribers is enabled | S | |
| CVE-2024-21589 | Paragon Active Assurance Control Center: Information disclosure vulnerability | S | |
| CVE-2024-21590 | Junos OS Evolved: Packets which are not destined to the device can reach the RE | S | |
| CVE-2024-21591 | Junos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remote Code Execution | E S | |
| CVE-2024-21593 | Junos OS: MX Series with MPC10, MPC11, LC9600, and MX304: A specific MPLS packet will cause a PFE crash | S | |
| CVE-2024-21594 | Junos OS: SRX 5000 Series: Repeated execution of a specific CLI command causes a flowd crash | S | |
| CVE-2024-21595 | Junos OS: EX4100, EX4400, EX4600, QFX5000 Series: A high rate of specific ICMP traffic will cause the PFE to hang | S | |
| CVE-2024-21596 | Junos OS and Junos OS Evolved: A specific BGP UPDATE message will cause a crash in the backup Routing Engine in NSR-enabled devices | S | |
| CVE-2024-21597 | Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters | S | |
| CVE-2024-21598 | Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash | S | |
| CVE-2024-21599 | Junos OS: MX Series: MPC3E memory leak with PTP configuration | S | |
| CVE-2024-21600 | Junos OS: PTX Series: In an FTI scenario MPLS packets hitting reject next-hop will cause a host path wedge condition | S | |
| CVE-2024-21601 | Junos OS: SRX Series: Due to an error in processing TCP events flowd will crash | S | |
| CVE-2024-21602 | Junos OS Evolved: ACX7024, ACX7100-32C and ACX7100-48L: Traffic stops when a specific IPv4 UDP packet is received by the RE | S | |
| CVE-2024-21603 | Junos OS: MX Series: Gathering statistics in a scaled SCU/DCU configuration will lead to a device crash | S | |
| CVE-2024-21604 | Junos OS Evolved: A high rate of specific traffic will cause a complete system outage | S | |
| CVE-2024-21605 | Junos OS: SRX 300 Series: Specific link local traffic causes a control plane overload | S | |
| CVE-2024-21606 | Junos OS: SRX Series: When "tcp-encap" is configured and specific packets are received flowd will crash | S | |
| CVE-2024-21607 | Junos OS: MX Series and EX9200 Series: If the "tcp-reset" option used in an IPv6 filter, matched packets are accepted instead of rejected | S | |
| CVE-2024-21609 | Junos OS: MX Series with SPC3, and SRX Series: If specific IPsec parameters are negotiated iked will crash due to a memory leak | S | |
| CVE-2024-21610 | Junos OS: If in a scaled CoS scenario information on CoS state is gathered mgd processes get stuck | S | |
| CVE-2024-21611 | Junos OS and Junos OS Evolved: In a jflow scenario continuous route churn will cause a memory leak and eventually an rpd crash | S | |
| CVE-2024-21612 | Junos OS Evolved: Specific TCP traffic causes OFP core and restart of RE | S | |
| CVE-2024-21613 | Junos OS and Junos OS Evolved: A link flap causes patroot memory leak which leads to rpd crash | S | |
| CVE-2024-21614 | Junos OS and Junos OS Evolved: A specific query via DREND causes rpd crash | S | |
| CVE-2024-21615 | Junos OS and Junos OS Evolved: A low-privileged user can access confidential information | S | |
| CVE-2024-21616 | Junos OS: MX Series and SRX Series: Processing of a specific SIP packet causes NAT IP allocation to fail | S | |
| CVE-2024-21617 | Junos OS: BGP flap on NSR-enabled devices causes memory leak | S | |
| CVE-2024-21618 | Junos OS and Junos OS Evolved: When LLDP is enabled and a malformed LLDP packet is received, l2cpd crashes | S | |
| CVE-2024-21619 | Junos OS: SRX Series and EX Series: J-Web - unauthenticated access to temporary files containing sensitive information | S | |
| CVE-2024-21620 | Junos OS: SRX Series and EX Series: J-Web doesn't sufficiently sanitize input to prevent XSS | S | |
| CVE-2024-21622 | Craft CMS Privilege Escalation | S | |
| CVE-2024-21623 | Arbitrary Expression Injection in github workflow leads to Command execution & leaking secrets | E S | |
| CVE-2024-21624 | Potential Information Leak in User-Constructed Message Templates in nonebot2 | S | |
| CVE-2024-21625 | One-click remote code execution via malicious deep link | | |
| CVE-2024-21626 | runc container breakout through process.cwd trickery and leaked fds | E S | |
| CVE-2024-21627 | Some attribute not escaped in Validate::isCleanHTML method | S | |
| CVE-2024-21628 | XSS can be stored in DB from "add a message form" in order detail page (FO) | S | |
| CVE-2024-21629 | Erroneous handling of `record_external_operation` error return | S | |
| CVE-2024-21630 | Zulip non-admins can invite new users to streams they would not otherwise be able to add existing users to | S | |
| CVE-2024-21631 | Integer overflow in URI leading to potential host spoofing | S | |
| CVE-2024-21632 | omniauth-microsoft_graph vulnerable to account takeover (nOAuth) | E S | |
| CVE-2024-21633 | Arbitrary file write on Decoding | E S | |
| CVE-2024-21634 | Ion Java StackOverflow vulnerability | | |
| CVE-2024-21636 | view_component Cross-site Scripting vulnerability | E S | |
| CVE-2024-21637 | XSS in Authentik via JavaScript-URI as Redirect URI and form_post Response Mode | S | |
| CVE-2024-21638 | Azure IPAM solution Elevation of Privilege Vulnerability | S | |
| CVE-2024-21639 | OOB Access in CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory | E S | |
| CVE-2024-21640 | OOB Access in CefVideoConsumerOSR::OnFrameCaptured | E S | |
| CVE-2024-21641 | Flarum's Logout Route allows open redirects | S | |
| CVE-2024-21642 | D-Tale server-side request forgery through Web uploads | S | |
| CVE-2024-21643 | Microsoft.IdentityModel.Protocols.SignedHttpRequest remote code execution vulnerability | M | |
| CVE-2024-21644 | pyLoad unauthenticated flask configuration leakage | E S | |
| CVE-2024-21645 | pyLoad Log Injection | E S | |
| CVE-2024-21646 | Azure IoT Platform Device SDK Remote Code Execution Vulnerability | S | |
| CVE-2024-21647 | HTTP Request/Response Smuggling in puma | S | |
| CVE-2024-21648 | XWiki has no right protection on rollback action | S | |
| CVE-2024-21649 | Remote code execution | S | |
| CVE-2024-21650 | XWiki Remote Code Execution vulnerability via user registration | E S | |
| CVE-2024-21651 | XWiki Denial of Service attack through attachments | | |
| CVE-2024-21652 | Argo CD vulnerable to Bypassing of Brute Force Protection via Application Crash and In-Memory Data Loss | | |
| CVE-2024-21653 | vantage6 insecure SSH configuration for node and server containers | S | |
| CVE-2024-21654 | rubygems.org MFA Bypass through password reset function could allow account takeover | S | |
| CVE-2024-21655 | Insufficient control of custom field value sizes | | |
| CVE-2024-21658 | Insufficient control of region value length in discourse-calendar | | |
| CVE-2024-21661 | Argo CD Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment | E S | |
| CVE-2024-21662 | Argo CD vulnerable to Bypassing of Rate Limit and Brute Force Protection Using Cache Overflow | E S | |
| CVE-2024-21663 | Remote code execution on ReconServer due to improper input sanitization on the prips command | E S | |
| CVE-2024-21664 | Parsing JSON serialized payload without protected field can lead to segfault | E S | |
| CVE-2024-21665 | Pimcore Ecommerce Framework Bundle Improper Access Control allows unprivileged user to access back-office orders list | E S | |
| CVE-2024-21666 | Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access customers duplicates list | E S | |
| CVE-2024-21667 | Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access GDPR extracts | E S | |
| CVE-2024-21668 | Insertion of Sensitive Information into Log File in react-native-mmkv | S | |
| CVE-2024-21669 | Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC | E S | |
| CVE-2024-21670 | CL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credential | | |
| CVE-2024-21671 | vantage6 username timing attack | S | |
| CVE-2024-21672 | This High severity Remote Code Execution (RCE) vulnerability was introduced in version 2.1.0 of Conf... | | |
| CVE-2024-21673 | This High severity Remote Code Execution (RCE) vulnerability was introduced in versions 7.13.0 of Co... | | |
| CVE-2024-21674 | This High severity Remote Code Execution (RCE) vulnerability was introduced in version 7.13.0 of Con... | | |
| CVE-2024-21675 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21676 | Rejected reason: This CVE's publication may have been a false positive or a mistake. As a result, we... | R | |
| CVE-2024-21677 | This High severity Path Traversal vulnerability was introduced in version 6.13.0 of Confluence Data ... | | |
| CVE-2024-21678 | This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Cente... | | |
| CVE-2024-21679 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21682 | This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 (all versi... | | |
| CVE-2024-21683 | This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Conflu... | | |
| CVE-2024-21684 | There is a low severity open redirect vulnerability within affected versions of Bitbucket Data Cente... | | |
| CVE-2024-21685 | This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, an... | | |
| CVE-2024-21686 | This High severity Stored XSS vulnerability was introduced in versions 7.13 of Confluence Data Cente... | | |
| CVE-2024-21687 | This High severity File Inclusion vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.... | | |
| CVE-2024-21688 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21689 | This High severity RCE (Remote Code Execution) vulnerability CVE-2024-21689 was introduced in versi... | | |
| CVE-2024-21690 | This High severity Reflected XSS and CSRF (Cross-Site Request Forgery) vulnerability was introduced ... | | |
| CVE-2024-21691 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21692 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21693 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21694 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21695 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21696 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21697 | This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sou... | | |
| CVE-2024-21701 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21702 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21703 | This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of Conf... | | |
| CVE-2024-21704 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21705 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21708 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21709 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21710 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21711 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21712 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21713 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21714 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21715 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21716 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21717 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21718 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21719 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21720 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21721 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it ... | R | |
| CVE-2024-21722 | [20240201] - Core - Insufficient session expiration in MFA management views | | |
| CVE-2024-21723 | [20240202] - Core - Open redirect in installation application | | |
| CVE-2024-21724 | [20240203] - Core - XSS in media selection fields | | |
| CVE-2024-21725 | [20240204] - Core - XSS in mail address outputs | | |
| CVE-2024-21726 | [20240205] - Core - Inadequate content filtering within the filter code | E | |
| CVE-2024-21727 | Extension - digtal-peak.com - XSS vulnerability in DP Calendar component for Joomla 8.0.0-8.0.14 | | |
| CVE-2024-21728 | Extension - smartcalc.es - Open redirect vulnerability in osTicky component for Joomla <= 2.2.8 | | |
| CVE-2024-21729 | [20240701] - Core - XSS in accessible media selection field | | |
| CVE-2024-21730 | [20240702] - Core - Self-XSS in fancyselect list field layout | | |
| CVE-2024-21731 | [20240703] - Core - XSS in StringHelper::truncate method | | |
| CVE-2024-21732 | FlyCms through abbaa5a allows XSS via the permission management feature.... | E | |
| CVE-2024-21733 | Apache Tomcat: Leaking of unrelated request bodies in default error page | S | |
| CVE-2024-21734 | URL Redirection vulnerability in SAP Marketing (Contacts App) | | |
| CVE-2024-21735 | Improper Authorization check in SAP LT Replication Server | | |
| CVE-2024-21736 | Missing Authorization check in SAP S/4HANA Finance (Advanced Payment Management) | | |
| CVE-2024-21737 | Code Injection vulnerability in SAP Application Interface Framework (File Adapter) | | |
| CVE-2024-21738 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Application Server and ABAP Platform | | |
| CVE-2024-21739 | Geehy APM32F103CCT6, APM32F103RCT6, APM32F103RCT7, and APM32F103VCT6 devices have Incorrect Access C... | | |
| CVE-2024-21740 | Artery AT32F415CBT7 and AT32F421C8T7 devices have Incorrect Access Control.... | | |
| CVE-2024-21741 | GigaDevice GD32E103C8T6 devices have Incorrect Access Control.... | | |
| CVE-2024-21742 | Apache James Mime4J: Mime4J DOM header injection | | |
| CVE-2024-21743 | WordPress Houzez Login Register plugin <= 3.2.5 - Privilege Escalation vulnerability | S | |
| CVE-2024-21744 | WordPress Mapster WP Maps Plugin <= 1.2.38 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2024-21745 | WordPress Laybuy Payment Extension for WooCommerce Plugin <= 5.3.9 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2024-21746 | WordPress Wp Ultimate Review plugin <= 2.3.2 - IP limit Bypass vulnerability | | |
| CVE-2024-21747 | WordPress WP ERP Plugin <= 1.12.8 is vulnerable to SQL Injection | S | |
| CVE-2024-21748 | WordPress Icegram Engage plugin <= 3.1.21 - Broken Access Control vulnerability | S | |
| CVE-2024-21749 | WordPress 1 click disable all Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2024-21750 | WordPress Shortcodes Finder Plugin <= 1.5.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2024-21751 | WordPress RabbitLoader plugin <= 2.19.13 - Broken Access Control vulnerability | S | |
| CVE-2024-21752 | WordPress Ajax Search Lite Plugin <= 4.11.4 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2024-21753 | A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiCl... | S | |
| CVE-2024-21754 | A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting Fort... | S | |
| CVE-2024-21755 | A improper neutralization of special elements used in an os command ('os command injection') in Fort... | S | |
| CVE-2024-21756 | A improper neutralization of special elements used in an os command ('os command injection') in Fort... | S | |
| CVE-2024-21757 | A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 ... | S | |
| CVE-2024-21758 | A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7... | S | |
| CVE-2024-21759 | An authorization bypass through user-controlled key in Fortinet FortiPortal version 7.2.0, and versi... | S | |
| CVE-2024-21760 | An improper control of generation of code ('Code Injection') vulnerability [CWE-94] in FortiSOAR Con... | S | |
| CVE-2024-21761 | An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0.6 a... | S | |
| CVE-2024-21762 | A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 t... | KEV S | |
| CVE-2024-21763 | BIG-IP AFM vulnerability | | |
| CVE-2024-21764 | Use of Hard-Coded Credentials in Rapid SCADA | M | |
| CVE-2024-21765 | Electronic Delivery Check System (Doboku) Ver.18.1.0 and earlier, Electronic Delivery Check System (... | | |
| CVE-2024-21766 | Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software before version 2024.1... | | |
| CVE-2024-21767 | Commend WS203VICM Improper Access Control | S | |
| CVE-2024-21769 | Uncontrolled search path in some Intel(R) Ethernet Connection I219-LM install software may allow an ... | | |
| CVE-2024-21771 | F5 AFM Signature Matching Vulnerability | | |
| CVE-2024-21772 | Uncontrolled search path in some Intel(R) Advisor software before version 2024.0 may allow an authen... | | |
| CVE-2024-21773 | Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the produ... | | |
| CVE-2024-21774 | Uncontrolled search path in some Intel(R) Processor Identification Utility software before versions ... | | |
| CVE-2024-21775 | SQL Injection | | |
| CVE-2024-21777 | Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro Edition Design software before versio... | S | |
| CVE-2024-21778 | A heap-based buffer overflow vulnerability exists in the configuration file mib_init_value_array fun... | | |
| CVE-2024-21780 | Stack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a s... | | |
| CVE-2024-21781 | Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user ... | | |
| CVE-2024-21782 | BIG-IP and BIG-IQ secure copy vulnerability | | |
| CVE-2024-21783 | Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated use... | | |
| CVE-2024-21784 | Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allo... | | |
| CVE-2024-21785 | A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of Autom... | E | |
| CVE-2024-21786 | An OS command injection vulnerability exists in the web interface configuration upload functionality... | E | |
| CVE-2024-21787 | Inadequate encryption strength for some BMRA software before version 22.08 may allow an authenticate... | | |
| CVE-2024-21788 | Uncontrolled search path in some Intel(R) GPA software before version 2023.4 may allow an authentica... | | |
| CVE-2024-21789 | BIG-IP ASM and Advanced WAF vulnerability | | |
| CVE-2024-21791 | SQL Injection in ADAudit Plus | | |
| CVE-2024-21792 | Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0... | | |
| CVE-2024-21793 | BIG-IP Central Manager OData Injection Vulnerability | | |
| CVE-2024-21794 | Open Redirect in Rapid SCADA | M | |
| CVE-2024-21795 | A heap-based buffer overflow vulnerability exists in the .egi parsing functionality of The Biosig Pr... | E | |
| CVE-2024-21796 | Electronic Deliverables Creation Support Tool (Construction Edition) prior to Ver1.0.4 and Electroni... | | |
| CVE-2024-21797 | A command execution vulnerability exists in the adm.cgi set_TR069() functionality of Wavlink AC3000 ... | E | |
| CVE-2024-21798 | ELECOM wireless LAN routers contain a cross-site scripting vulnerability. Assume that a malicious ad... | | |
| CVE-2024-21799 | Path traversal for some Intel(R) Extension for Transformers software before version 1.5 may allow an... | | |
| CVE-2024-21801 | Insufficient control flow management in some Intel(R) TDX module software before version 1.5.05.46.6... | | |
| CVE-2024-21802 | A heap-based buffer overflow vulnerability exists in the GGUF library info->ne functionality of l... | E | |
| CVE-2024-21803 | Possible UAF in bt_accept_poll in Linux kernel | | |
| CVE-2024-21805 | Improper access control vulnerability exists in the specific folder of SKYSEA Client View versions f... | | |
| CVE-2024-21806 | Improper conditions check in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers... | | |
| CVE-2024-21807 | Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network Controlle... | | |
| CVE-2024-21808 | Improper buffer restrictions in some Intel(R) VPL software before version 24.1.4 may allow an authen... | | |
| CVE-2024-21809 | Improper conditions check for some Intel(R) Quartus(R) Prime Lite Edition Design software before ver... | S | |
| CVE-2024-21810 | Improper input validation in the Linux kernel mode driver for some Intel(R) Ethernet Network Control... | | |
| CVE-2024-21812 | An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project... | E | |
| CVE-2024-21813 | Exposure of resource to wrong sphere in some Intel(R) DTT software installers may allow an authentic... | | |
| CVE-2024-21814 | Uncontrolled search path for some Intel(R) Chipset Device Software before version 10.1.19444.8378 ma... | | |
| CVE-2024-21815 | Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command Cent... | | |
| CVE-2024-21816 | Background task manager has an improper preservation of permissions vulnerability | S | |
| CVE-2024-21818 | Uncontrolled search path in some Intel(R) PCM software before version 202311 may allow an authentica... | | |
| CVE-2024-21820 | Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations wh... | | |
| CVE-2024-21821 | Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product... | | |
| CVE-2024-21823 | Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4... | | |
| CVE-2024-21824 | Improper authentication vulnerability in exists in multiple printers and scanners which implement We... | | |
| CVE-2024-21825 | A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRI... | E | |
| CVE-2024-21826 | Huks has an insecure storage of sensitive information vulnerability | S | |
| CVE-2024-21827 | A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 O... | | |
| CVE-2024-21828 | Improper access control in some Intel(R) Ethernet Controller Administrative Tools software before ve... | | |
| CVE-2024-21829 | Improper input validation in UEFI firmware error handler for some Intel(R) Processors may allow a pr... | | |
| CVE-2024-21830 | Uncontrolled search path in some Intel(R) VPL software before version 2023.4.0 may allow an authenti... | | |
| CVE-2024-21831 | Uncontrolled search path in some Intel(R) Processor Diagnostic Tool software before version 4.1.9.41... | | |
| CVE-2024-21832 | PingFederate REST API Data Store Injection | M | |
| CVE-2024-21833 | Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the produ... | | |
| CVE-2024-21834 | Arkui has a type confusion vulnerability | | |
| CVE-2024-21835 | Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an a... | | |
| CVE-2024-21836 | A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality... | E | |
| CVE-2024-21837 | Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before versi... | S | |
| CVE-2024-21838 | Improper neutralization of special elements in output (CWE-74) used by the email generation feature... | | |
| CVE-2024-21840 | Directory and File Permission Vulnerability in Hitachi Storage Plug-in for VMware vCenter | | |
| CVE-2024-21841 | Uncontrolled search path for some Intel(R) Distribution for GDB software before version 2024.0 may a... | | |
| CVE-2024-21843 | Uncontrolled search path for some Intel(R) Computing Improvement Program software before version 2.4... | | |
| CVE-2024-21844 | Integer overflow in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially... | | |
| CVE-2024-21845 | Dsoftbus has an integer overflow vulnerability | | |
| CVE-2024-21846 | Electrolink FM/DAB/TV Transmitter Missing Authentication for Critical Function | M | |
| CVE-2024-21848 | Users maintain access to active call after being removed from a channel | S | |
| CVE-2024-21849 | BIG-IP Websockets vulnerability | | |
| CVE-2024-21850 | Sensitive information in resource not removed before reuse in some Intel(R) TDX Seamldr module softw... | | |
| CVE-2024-21851 | Dsoftbus has an integer overflow vulnerability | | |
| CVE-2024-21852 | Rapid SCADA Path Traversal | M | |
| CVE-2024-21853 | Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) ... | | |
| CVE-2024-21855 | A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A speci... | | |
| CVE-2024-21856 | Rejected reason: This candidate was in a CNA pool that was not assigned to any issues during 2024.... | R | |
| CVE-2024-21857 | Uncontrolled search path for some Intel(R) oneAPI Compiler software before version 2024.1 may allow ... | | |
| CVE-2024-21859 | Improper buffer restrictions in the UEFI firmware for some Intel(R) Processors may allow a privilege... | | |
| CVE-2024-21860 | Dsoftbus has a use after free vulnerability | | |
| CVE-2024-21861 | Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.4 may allow an ... | | |
| CVE-2024-21862 | Uncontrolled search path in some Intel(R) Quartus(R) Prime Standard Edition Design software before v... | S | |
| CVE-2024-21863 | Dsoftbus has an improper input validation vulnerability | | |
| CVE-2024-21864 | Improper neutralization in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.... | | |
| CVE-2024-21865 | HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacen... | | |
| CVE-2024-21866 | Generation of Error Message Containing Sensitive Information in Rapid SCADA | M | |
| CVE-2024-21869 | Plaintext Storage of a Password in Rapid SCADA | M | |
| CVE-2024-21870 | A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automat... | E | |
| CVE-2024-21871 | Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user ... | | |
| CVE-2024-21872 | Electrolink FM/DAB/TV Transmitter Reliance on Cookies without Validation and Integrity Checking | M | |
| CVE-2024-21875 | DoS attack when broadcasting billboard messages | E S | |
| CVE-2024-21876 | Unauthenticated Path Traversal via URL Parameter in Enphase IQ Gateway version < 8.2.4225 | S | |
| CVE-2024-21877 | Insecure File Generation Based on User Input in Enphase IQ Gateway version 4.x to 8.x and < 8.2.4225 | S | |
| CVE-2024-21878 | Command Injection through Unsafe File Name Evaluation in internal script in Enphase IQ Gateway v4.x to and including 8.x | S | |
| CVE-2024-21879 | URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway v4.x to v8.x and < v8.2.4225 | S | |
| CVE-2024-21880 | URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway version 4.x <= 7.x | S | |
| CVE-2024-21881 | Upload of encrypted packages allows authenticated command execution in Enphase IQ Gateway v4.x and v5.x | S | |
| CVE-2024-21885 | Xorg-x11-server: heap buffer overflow in xisenddevicehierarchyevent | M | |
| CVE-2024-21886 | Xorg-x11-server: heap buffer overflow in disabledevice | M | |
| CVE-2024-21887 | A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti ... | KEV E | |
| CVE-2024-21888 | A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivant... | | |
| CVE-2024-21890 | The Node.js Permission Model does not clarify in the documentation that wildcards should be only use... | | |
| CVE-2024-21891 | Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functi... | | |
| CVE-2024-21892 | On Linux, Node.js ignores certain environment variables if those may have been set by an unprivilege... | | |
| CVE-2024-21893 | A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.... | KEV | |
| CVE-2024-21894 | A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Pol... | | |
| CVE-2024-21896 | The permission model protects itself against path traversal attacks by calling path.resolve() on any... | | |
| CVE-2024-21897 | QTS, QuTS hero | S | |
| CVE-2024-21898 | QTS, QuTS hero | S | |
| CVE-2024-21899 | QTS, QuTS hero, QuTScloud | S | |
| CVE-2024-21900 | QTS, QuTS hero, QuTScloud | S | |
| CVE-2024-21901 | myQNAPcloud | S | |
| CVE-2024-21902 | QTS, QuTS hero | S | |
| CVE-2024-21903 | QTS, QuTS hero | S | |
| CVE-2024-21904 | QTS, QuTS hero | S | |
| CVE-2024-21905 | QTS, QuTS hero, QuTScloud | S | |
| CVE-2024-21906 | QTS, QuTS hero | S | |
| CVE-2024-21907 | Improper Handling of Exceptional Conditions in Newtonsoft.Json | E S | |
| CVE-2024-21908 | Cross-site scripting vulnerability in TinyMCE | E | |
| CVE-2024-21909 | Denial of service in CBOR library | S | |
| CVE-2024-21910 | Cross-site scripting vulnerability in TinyMCE plugins | E | |
| CVE-2024-21911 | Cross-site scripting vulnerability in TinyMCE | E | |
| CVE-2024-21912 | Rockwell Automation Arena Simulation vulnerable to out of bounds write | S | |
| CVE-2024-21913 | Rockwell Automation Arena Simulation Vulnerable To Memory Corruption | S | |
| CVE-2024-21914 | Rockwell Automation - FactoryTalk® View ME on PanelView™ Plus 7 Boot Terminal lack Security Protections | S | |
| CVE-2024-21915 | Rockwell Automation FactoryTalk® Service Platform Elevated Privileges Vulnerability Through Web Service Functionality | S | |
| CVE-2024-21916 | Rockwell Automation Denial-of-service Vulnerability in ICE1 Controller | S | |
| CVE-2024-21917 | Rockwell Automation FactoryTalk® Service Platform Service Token Vulnerability | S | |
| CVE-2024-21918 | Rockwell Automation Arena Simulation Vulnerable To Memory Corruption | S | |
| CVE-2024-21919 | Rockwell Automation Arena Simulation Vulnerable To Uninitialized Pointer | S | |
| CVE-2024-21920 | Rockwell Automation Arena Simulation Vulnerable To Buffer Overflow | M | |
| CVE-2024-21924 | SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to mo... | | |
| CVE-2024-21925 | Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overw... | | |
| CVE-2024-21937 | Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to a... | | |
| CVE-2024-21938 | Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center Configur... | | |
| CVE-2024-21939 | Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation di... | | |
| CVE-2024-21945 | Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory could ... | | |
| CVE-2024-21946 | Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could allow a... | | |
| CVE-2024-21949 | Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with... | | |
| CVE-2024-21957 | Incorrect default permissions in the AMD Management Console installation directory could allow an at... | | |
| CVE-2024-21958 | Incorrect default permissions in the AMD Provisioning Console installation directory could allow an ... | | |
| CVE-2024-21960 | Incorrect default permissions in the AMD Optimizing CPU Libraries (AOCL) installation directory coul... | | |
| CVE-2024-21966 | A DLL hijacking vulnerability in the AMD Ryzen™ Master Utility could allow an attacker to achieve p... | | |
| CVE-2024-21971 | Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® syst... | | |
| CVE-2024-21972 | An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allo... | | |
| CVE-2024-21974 | Improper input validation in the NPU driver could allow an attacker to supply a specially crafted po... | | |
| CVE-2024-21975 | Improper input validation in the NPU driver could allow an attacker to supply a specially crafted po... | | |
| CVE-2024-21976 | Improper input validation in the NPU driver could allow an attacker to supply a specially crafted po... | | |
| CVE-2024-21978 | Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest m... | | |
| CVE-2024-21979 | An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allo... | | |
| CVE-2024-21980 | Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to poten... | | |
| CVE-2024-21981 | Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who... | | |
| CVE-2024-21982 | CVE-2024-21982 Information Disclosure Vulnerability in ONTAP 9 | M | |
| CVE-2024-21983 | Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) | S | |
| CVE-2024-21984 | Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale) | S | |
| CVE-2024-21985 | Privilege Escalation Vulnerability in ONTAP 9 | | |
| CVE-2024-21987 | Improper Authorization Vulnerability in SnapCenter | | |
| CVE-2024-21988 | CVE-2024-21988 SSH Cryptographic Implementation Vulnerability in StorageGRID (formerly StorageGRID Webscale) | S | |
| CVE-2024-21989 | Privilege Escalation Vulnerability in ONTAP Select Deploy administration utility | | |
| CVE-2024-21990 | Default Privileged Account Credentials Vulnerability in ONTAP Select Deploy administration utility | | |
| CVE-2024-21993 | Information Disclosure Vulnerability in SnapCenter | | |
| CVE-2024-21994 | CVE-2024-21994 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) | |