CVE Database

4425+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2024-25991
3.3 LOW

In acpm_tmu_ipc_handler of tmu_plugin.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure …

Mar 11, 2024
CVE-2024-0053
3.3 LOW

In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information …

Mar 11, 2024
CVE-2024-0052
3.3 LOW

In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check. This could lead to local …

Mar 11, 2024
CVE-2024-2365
1.6 LOW

A vulnerability classified as problematic was found in Musicshelf 1.0/1.1 on Android. Affected by this vulnerability is an unknown functionality of the file io\fabric\sdk\android\services\network\PinningTrustManager.java of …

Mar 11, 2024
CVE-2024-2364
1.8 LOW

A vulnerability classified as problematic has been found in Musicshelf 1.0/1.1 on Android. Affected is an unknown function of the file androidmanifest.xml of the component …

Mar 10, 2024
CVE-2024-2314
2.8 LOW

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force …

Mar 10, 2024
CVE-2024-2313
2.8 LOW

If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force …

Mar 10, 2024
CVE-2024-2355
3.7 LOW

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /secret_coder.sql. …

Mar 10, 2024
CVE-2024-2317
3.8 LOW

A vulnerability was found in Bdtask Hospital AutoManager up to 20240227 and classified as problematic. This issue affects some unknown processing of the file /prescription/prescription/delete/ …

Mar 8, 2024
CVE-2024-2285
3.5 LOW

A vulnerability, which was classified as problematic, has been found in boyiddha Automated-Mess-Management-System 1.0. Affected by this issue is some unknown functionality of the file …

Mar 8, 2024
CVE-2024-2284
3.5 LOW

A vulnerability classified as problematic was found in boyiddha Automated-Mess-Management-System 1.0. Affected by this vulnerability is an unknown functionality of the file /member/chat.php of the …

Mar 8, 2024
CVE-2024-23292
3.3 LOW

This issue was addressed with improved data protection. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An app may be …

Mar 8, 2024
CVE-2024-23291
3.3 LOW

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma …

Mar 8, 2024
CVE-2024-23289
3.3 LOW

A lock screen issue was addressed with improved state management. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, …

Mar 8, 2024
CVE-2024-23262
3.3 LOW

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, visionOS 1.1. …

Mar 8, 2024
CVE-2024-23257
3.3 LOW

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS …

Mar 8, 2024
CVE-2024-23255
2.4 LOW

An authentication issue was addressed with improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Photos in the …

Mar 8, 2024
CVE-2024-23253
3.3 LOW

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to access a user's …

Mar 8, 2024
CVE-2024-23245
3.3 LOW

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura …

Mar 8, 2024
CVE-2024-23242
3.3 LOW

A privacy issue was addressed by not logging contents of text fields. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. …

Mar 8, 2024
CVE-2024-23240
2.4 LOW

The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4. Shake-to-undo may allow a deleted photo to be …

Mar 8, 2024
CVE-2024-23238
3.3 LOW

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to edit NVRAM …

Mar 8, 2024
CVE-2024-23232
3.3 LOW

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.4. An app may be able to …

Mar 8, 2024
CVE-2024-23227
3.3 LOW

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An …

Mar 8, 2024
CVE-2024-2276
2.4 LOW

A vulnerability has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0 and classified as problematic. Affected by this vulnerability is an unknown …

Mar 8, 2024
CVE-2024-2275
2.4 LOW

A vulnerability, which was classified as problematic, was found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. Affected is an unknown function of the …

Mar 8, 2024
CVE-2024-2274
2.4 LOW

A vulnerability, which was classified as problematic, has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. This issue affects some unknown processing …

Mar 8, 2024
CVE-2024-2266
3.5 LOW

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file /login.php of the component …

Mar 7, 2024
CVE-2022-46498
2.7 LOW

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the doc_number parameter at his_admin_view_single_employee.php.

Mar 7, 2024
CVE-2024-28214
2.7 LOW

nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial of Service by remote attacker.

Mar 7, 2024
CVE-2023-52584
3.8 LOW

In the Linux kernel, the following vulnerability has been resolved: spmi: mediatek: Fix UAF on device remove The pmif driver data that contains the clocks …

Mar 6, 2024
CVE-2024-2179
2.2 LOW

Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type since there is insufficient validation of …

Mar 5, 2024
CVE-2024-25616
3.7 LOW

Aruba has identified certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKE_AUTH negotiation process. The scenarios in which …

Mar 5, 2024
CVE-2024-23256
3.3 LOW

A logic issue was addressed with improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4. A user's locked tabs may be …

Mar 5, 2024
CVE-2024-23243
3.3 LOW

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4. An app …

Mar 5, 2024
CVE-2023-42419
3.8 LOW

Maintenance Server, in Cybellum's QCOW air-gapped distribution (China Edition), versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key. An attacker with administrative …

Mar 5, 2024
CVE-2024-20836
3.3 LOW

Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory.

Mar 5, 2024
CVE-2024-20834
3.3 LOW

The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.

Mar 5, 2024
CVE-2023-6068
3.1 LOW

On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the …

Mar 4, 2024
CVE-2021-47089
3.3 LOW

In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced …

Mar 4, 2024
CVE-2024-24901
3.0 LOW

Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit …

Mar 4, 2024
CVE-2023-49602
2.9 LOW

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion.

Mar 4, 2024
CVE-2023-25176
2.9 LOW

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause information leak through out-of-bounds Read.

Mar 4, 2024
CVE-2024-20038
3.4 LOW

In pq, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System …

Mar 4, 2024
CVE-2024-2146
3.5 LOW

A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality …

Mar 3, 2024
CVE-2024-2145
3.5 LOW

A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. It has been classified as problematic. Affected is an unknown function of the file …

Mar 3, 2024
CVE-2024-2135
2.4 LOW

A vulnerability was found in Bdtask Hospita AutoManager up to 20240223 and classified as problematic. This issue affects some unknown processing of the file /hospital_activities/birth/form …

Mar 3, 2024
CVE-2024-2133
2.4 LOW

A vulnerability, which was classified as problematic, was found in Bdtask Isshue Multi Store eCommerce Shopping Cart Solution 4.0. This affects an unknown part of …

Mar 3, 2024
CVE-2024-2075
3.5 LOW

A vulnerability was found in SourceCodester Daily Habit Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of …

Mar 1, 2024
CVE-2024-2072
3.5 LOW

A vulnerability, which was classified as problematic, was found in SourceCodester Flashcard Quiz App 1.0. This affects an unknown part of the file /endpoint/update-flashcard.php. The …

Mar 1, 2024

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.