| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-35248 | Hig | 0.48 | 7.3 | 0.01 | Jun 11, 2024 | Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability | ||
| CVE-2024-30104 | Hig | 0.51 | 7.8 | 0.02 | Jun 11, 2024 | Microsoft Office Remote Code Execution Vulnerability | ||
| CVE-2024-30103 | Hig | 0.57 | 8.8 | 0.03 | Jun 11, 2024 | Microsoft Outlook Remote Code Execution Vulnerability | ||
| CVE-2024-30102 | Hig | 0.48 | 7.3 | 0.01 | Jun 11, 2024 | Microsoft Office Remote Code Execution Vulnerability | ||
| CVE-2024-30101 | Hig | 0.49 | 7.5 | 0.02 | Jun 11, 2024 | Microsoft Office Remote Code Execution Vulnerability | ||
| CVE-2024-30100 | Hig | 0.51 | 7.8 | 0.01 | Jun 11, 2024 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2024-30099 | Hig | 0.46 | 7.0 | 0.01 | Jun 11, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2024-30097 | Hig | 0.57 | 8.8 | 0.02 | Jun 11, 2024 | Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | ||
| CVE-2024-30095 | Hig | 0.51 | 7.8 | 0.01 | Jun 11, 2024 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||
| CVE-2024-30094 | Hig | 0.51 | 7.8 | 0.01 | Jun 11, 2024 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||
| CVE-2024-30093 | Hig | 0.48 | 7.3 | 0.01 | Jun 11, 2024 | Windows Storage Elevation of Privilege Vulnerability | ||
| CVE-2024-30091 | Hig | 0.51 | 7.8 | 0.04 | Jun 11, 2024 | Win32k Elevation of Privilege Vulnerability | ||
| CVE-2024-30090 | Hig | 0.46 | 7.0 | 0.02 | Jun 11, 2024 | Microsoft Streaming Service Elevation of Privilege Vulnerability | ||
| CVE-2024-30089 | Hig | 0.51 | 7.8 | 0.08 | Jun 11, 2024 | Microsoft Streaming Service Elevation of Privilege Vulnerability | ||
| CVE-2024-30088 | Hig | 0.69 | 7.0 | 0.68 | KEV | Jun 11, 2024 | Windows Kernel Elevation of Privilege Vulnerability | |
| CVE-2024-30087 | Hig | 0.51 | 7.8 | 0.10 | Jun 11, 2024 | Win32k Elevation of Privilege Vulnerability | ||
| CVE-2024-30086 | Hig | 0.51 | 7.8 | 0.01 | Jun 11, 2024 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | ||
| CVE-2024-30085 | Hig | 0.55 | 7.8 | 0.15 | Jun 11, 2024 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||
| CVE-2024-30084 | Hig | 0.46 | 7.0 | 0.06 | Jun 11, 2024 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||
| CVE-2024-30083 | Hig | 0.49 | 7.5 | 0.03 | Jun 11, 2024 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | ||
| CVE-2024-30082 | Hig | 0.51 | 7.8 | 0.01 | Jun 11, 2024 | Win32k Elevation of Privilege Vulnerability | ||
| CVE-2024-30078 | Hig | 0.58 | 8.8 | 0.05 | Jun 11, 2024 | Windows Wi-Fi Driver Remote Code Execution Vulnerability | ||
| CVE-2024-30077 | Hig | 0.52 | 8.0 | 0.02 | Jun 11, 2024 | Windows OLE Remote Code Execution Vulnerability | ||
| CVE-2024-30075 | Hig | 0.52 | 8.0 | 0.01 | Jun 11, 2024 | Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | ||
| CVE-2024-30074 | Hig | 0.52 | 8.0 | 0.01 | Jun 11, 2024 | Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | ||
| CVE-2024-30072 | Hig | 0.51 | 7.8 | 0.01 | Jun 11, 2024 | Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | ||
| CVE-2024-30070 | Hig | 0.49 | 7.5 | 0.02 | Jun 11, 2024 | DHCP Server Service Denial of Service Vulnerability | ||
| CVE-2024-30068 | Hig | 0.57 | 8.8 | 0.01 | Jun 11, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2024-30064 | Hig | 0.57 | 8.8 | 0.01 | Jun 11, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2024-30062 | Hig | 0.51 | 7.8 | 0.01 | Jun 11, 2024 | Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability | ||
| CVE-2024-36650 | Hig | 0.49 | 7.5 | 0.01 | Jun 11, 2024 | TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing… | ||
| CVE-2023-52233 | Hig | 0.56 | 8.6 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in Post SMTP Post SMTP Mailer/Email Log.This issue affects Post SMTP Mailer/Email Log: from n/a through 2.8.6. | ||
| CVE-2024-37295 | Hig | 0.40 | 7.2 | 0.01 | Jun 11, 2024 | Aimeos is an Open Source e-commerce framework for online shops. Starting in version 2024.01.1 and prior to version 2024.04.5, a user with administrative privileges can upload files that look like images but contain PHP code which can then be executed in the context of the web… | ||
| CVE-2024-26010 | Hig | 0.49 | 7.5 | 0.01 | Jun 11, 2024 | A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through… | ||
| CVE-2024-24703 | Hig | 0.49 | 8.6 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in MultiVendorX WC Marketplace.This issue affects WC Marketplace: from n/a through 4.0.25. | ||
| CVE-2024-23110 | Hig | 0.51 | 7.8 | 0.00 | Jun 11, 2024 | A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands | ||
| CVE-2024-2011 | Hig | 0.56 | 8.6 | 0.00 | Jun 11, 2024 | A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy | ||
| CVE-2024-28021 | Hig | 0.48 | 7.4 | 0.00 | Jun 11, 2024 | A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate validation. If exploited an attacker could spoof a trusted entity causing a loss of confidentiality and integrity. | ||
| CVE-2024-5702 | Hig | 0.49 | 7.5 | 0.01 | Jun 11, 2024 | Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12. | ||
| CVE-2024-5700 | Hig | 0.46 | 7.0 | 0.00 | Jun 11, 2024 | Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox… | ||
| CVE-2024-5696 | Hig | 0.56 | 8.6 | 0.01 | Jun 11, 2024 | By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. | ||
| CVE-2024-5694 | Hig | 0.49 | 7.5 | 0.00 | Jun 11, 2024 | An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox < 127. | ||
| CVE-2024-5688 | Hig | 0.53 | 8.1 | 0.01 | Jun 11, 2024 | If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. | ||
| CVE-2024-35303 | Hig | 0.51 | 7.8 | 0.00 | Jun 11, 2024 | A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0012), Tecnomatix Plant Simulation V2404 (All versions < V2404.0001). The affected applications contain a type confusion vulnerability while parsing specially crafted MODEL files. This… | ||
| CVE-2024-35292 | Hig | 0.53 | 8.2 | 0.00 | Jun 11, 2024 | A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20… | ||
| CVE-2024-35207 | Hig | 0.51 | 7.8 | 0.00 | Jun 11, 2024 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an… | ||
| CVE-2024-35206 | Hig | 0.50 | 7.7 | 0.00 | Jun 11, 2024 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application does not expire the session. This could allow an attacker to get unauthorized access. | ||
| CVE-2023-25799 | Hig | 0.54 | 8.3 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.1.8. | ||
| CVE-2023-7264 | Hig | 0.53 | 8.1 | 0.01 | Jun 11, 2024 | The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.22. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit… | ||
| CVE-2024-34688 | Hig | 0.49 | 7.5 | 0.01 | Jun 11, 2024 | Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks on the application, which may prevent legitimate users from accessing it. This can result in no impact on confidentiality and integrity but a high impact… |
- risk 0.48cvss 7.3epss 0.01
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.02
Microsoft Office Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.03
Microsoft Outlook Remote Code Execution Vulnerability
- risk 0.48cvss 7.3epss 0.01
Microsoft Office Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.02
Microsoft Office Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.57cvss 8.8epss 0.02
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- risk 0.48cvss 7.3epss 0.01
Windows Storage Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.04
Win32k Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.02
Microsoft Streaming Service Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.08
Microsoft Streaming Service Elevation of Privilege Vulnerability
- risk 0.69cvss 7.0epss 0.68
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.10
Win32k Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
- risk 0.55cvss 7.8epss 0.15
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.06
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
- risk 0.49cvss 7.5epss 0.03
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
- risk 0.51cvss 7.8epss 0.01
Win32k Elevation of Privilege Vulnerability
- risk 0.58cvss 8.8epss 0.05
Windows Wi-Fi Driver Remote Code Execution Vulnerability
- risk 0.52cvss 8.0epss 0.02
Windows OLE Remote Code Execution Vulnerability
- risk 0.52cvss 8.0epss 0.01
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
- risk 0.52cvss 8.0epss 0.01
Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.02
DHCP Server Service Denial of Service Vulnerability
- risk 0.57cvss 8.8epss 0.01
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.57cvss 8.8epss 0.01
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.01
TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing…
- risk 0.56cvss 8.6epss 0.00
Missing Authorization vulnerability in Post SMTP Post SMTP Mailer/Email Log.This issue affects Post SMTP Mailer/Email Log: from n/a through 2.8.6.
- risk 0.40cvss 7.2epss 0.01
Aimeos is an Open Source e-commerce framework for online shops. Starting in version 2024.01.1 and prior to version 2024.04.5, a user with administrative privileges can upload files that look like images but contain PHP code which can then be executed in the context of the web…
- risk 0.49cvss 7.5epss 0.01
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through…
- risk 0.49cvss 8.6epss 0.00
Missing Authorization vulnerability in MultiVendorX WC Marketplace.This issue affects WC Marketplace: from n/a through 4.0.25.
- risk 0.51cvss 7.8epss 0.00
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands
- risk 0.56cvss 8.6epss 0.00
A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy
- risk 0.48cvss 7.4epss 0.00
A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate validation. If exploited an attacker could spoof a trusted entity causing a loss of confidentiality and integrity.
- risk 0.49cvss 7.5epss 0.01
Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12.
- risk 0.46cvss 7.0epss 0.00
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox…
- risk 0.56cvss 8.6epss 0.01
By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- risk 0.49cvss 7.5epss 0.00
An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox < 127.
- risk 0.53cvss 8.1epss 0.01
If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- risk 0.51cvss 7.8epss 0.00
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0012), Tecnomatix Plant Simulation V2404 (All versions < V2404.0001). The affected applications contain a type confusion vulnerability while parsing specially crafted MODEL files. This…
- risk 0.53cvss 8.2epss 0.00
A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20…
- risk 0.51cvss 7.8epss 0.00
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an…
- risk 0.50cvss 7.7epss 0.00
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application does not expire the session. This could allow an attacker to get unauthorized access.
- risk 0.54cvss 8.3epss 0.00
Missing Authorization vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.1.8.
- risk 0.53cvss 8.1epss 0.01
The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.22. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit…
- risk 0.49cvss 7.5epss 0.01
Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks on the application, which may prevent legitimate users from accessing it. This can result in no impact on confidentiality and integrity but a high impact…