36997 matches found
CVE-2024-47291
Permission vulnerability in the ActivityManagerService AMS module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-47294
Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-45446
Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-45445
Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-45441
Input verification vulnerability in the system service module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-45442
Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-21170
Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successfu...
CVE-2024-31997
XWiki Platform is a generic wiki platform. Prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, parameters of UI extensions are always interpreted as Velocity code and executed with programming rights. Any user with edit right on any document like the user's own profile can create UI extensions. Th...
CVE-2024-30415
Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-22277
VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...
CVE-2024-37351
There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. Attackers with system administrator permissions can interfere with other system administrator’s use of the management UI when the second administrator later edits the same manageme...
CVE-2024-37348
There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. Attackers with system administrator permissions can interfere with another system administrator’s use of the management UI when the second administrator later edits the same...
CVE-2024-5465
Function vulnerabilities in the Calendar module Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-30413
Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-30416
Use After Free UAF vulnerability in the underlying driver module. Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-30418
Vulnerability of insufficient permission verification in the app management module. Impact: Successful exploitation of this vulnerability will affect availability...
CVE-2024-35197
gitoxide is a pure Rust implementation of Git. On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the...
CVE-2024-37176
SAP BW/4HANA Transformation and Data Transfer Process DTP allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. This results in escalation of privileges. It has no impact on the confidentiality of data but may have low...
CVE-2024-33004
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on...
CVE-2024-32990
Permission verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect availability...