|
CVE-2023-45727
|
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and... |
North Grid Corporation |
Proself Enterprise/Standard Edition, Proself Gateway Edition, Proself Mail Sanitize Edition |
2024-12-03 00:00:00 UTC |
CISA |
|
CVE-2024-11680
|
ProjectSend Unauthenticated Configuration Modification |
ProjectSend |
ProjectSend |
2024-12-03 00:00:00 UTC |
CISA |
|
CVE-2023-28461
|
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN... |
n/a |
n/a |
2024-11-25 00:00:00 UTC |
CISA |
|
CVE-2024-44308
|
The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1... |
Apple |
Safari, macOS, iOS and iPadOS, visionOS |
2024-11-21 00:00:00 UTC |
CISA |
|
CVE-2024-44309
|
A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS... |
Apple |
Safari, macOS, iOS and iPadOS, visionOS |
2024-11-21 00:00:00 UTC |
CISA |
|
CVE-2024-21287
|
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The... |
Oracle Corporation |
Oracle Agile PLM Framework |
2024-11-21 00:00:00 UTC |
CISA |
|
CVE-2024-38813
|
Privilege escalation vulnerability |
n/a |
VMware vCenter Server, VMware Cloud Foundation |
2024-11-20 00:00:00 UTC |
CISA |
|
CVE-2024-38812
|
Heap-overflow vulnerability |
n/a |
VMware vCenter Server, VMware Cloud Foundation |
2024-11-20 00:00:00 UTC |
CISA |
|
CVE-2024-9474
|
PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface |
Palo Alto Networks |
Cloud NGFW, PAN-OS, Prisma Access |
2024-11-18 00:00:00 UTC |
CISA |
|
CVE-2024-0012
|
PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) |
Palo Alto Networks |
Cloud NGFW, PAN-OS, Prisma Access |
2024-11-18 00:00:00 UTC |
CISA |
|
CVE-2024-1212
|
LoadMaster Pre-Authenticated OS Command Injection |
Progress Software |
LoadMaster |
2024-11-18 00:00:00 UTC |
CISA |
|
CVE-2024-9463
|
Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure |
Palo Alto Networks |
Expedition |
2024-11-14 00:00:00 UTC |
CISA |
|
CVE-2024-9465
|
Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure |
Palo Alto Networks |
Expedition |
2024-11-14 00:00:00 UTC |
CISA |
|
CVE-2021-26086
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in... |
Atlassian |
Jira Server, Jira Data Center |
2024-11-12 00:00:00 UTC |
CISA |
|
CVE-2024-49039
|
Windows Task Scheduler Elevation of Privilege Vulnerability |
Microsoft |
Windows Server 2025, Windows Server 2025 (Server Core installation), Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation) |
2024-11-12 00:00:00 UTC |
CISA |
|
CVE-2021-41277
|
GeoJSON URL validation can expose server files and environment variables to unauthorized users |
metabase |
metabase |
2024-11-12 00:00:00 UTC |
CISA |
|
CVE-2014-2120
|
Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to... |
n/a |
n/a |
2024-11-12 00:00:00 UTC |
CISA |
|
CVE-2024-43451
|
NTLM Hash Disclosure Spoofing Vulnerability |
Microsoft |
Windows Server 2025, Windows Server 2025 (Server Core installation), Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation) |
2024-11-12 00:00:00 UTC |
CISA |
|
CVE-2024-5910
|
Expedition: Missing Authentication Leads to Admin Account Takeover |
Palo Alto Networks |
Expedition |
2024-11-07 00:00:00 UTC |
CISA |
|
CVE-2024-43093
|
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive... |
Google |
Android |
2024-11-07 00:00:00 UTC |
CISA |
|
CVE-2024-51567
|
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and... |
n/a |
n/a |
2024-11-07 00:00:00 UTC |
CISA |
|
CVE-2019-16278
|
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted... |
n/a |
n/a |
2024-11-07 00:00:00 UTC |
CISA |
|
CVE-2024-8957
|
PTZOptics NDI and SDI Cameras Command Injection via NTP Address Configuration |
PTZOptics |
PT30X-SDI, PT30X-NDI |
2024-11-04 00:00:00 UTC |
CISA |
|
CVE-2024-8956
|
PTZOptics NDI and SDI Cameras /cgi-bin/param.cgi Insufficient Authentication |
PTZOptics |
PT30X-SDI, PT30X-NDI |
2024-11-04 00:00:00 UTC |
CISA |
|
CVE-2024-37383
|
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes. |
n/a |
n/a |
2024-10-24 00:00:00 UTC |
CISA |