Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
34,799 matching · page 372/696Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2024-21417(opens NVD record) | High | 8.8 | Windows Text Services Framework Elevation of Privilege Vulnerability | Jul 10, 2024 |
| CVE-2024-22477(opens NVD record) | Low | 1.8 | A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only. | Jul 9, 2024 |
| CVE-2024-22377(opens NVD record) | Medium | 5.3 | The deploy directory in PingFederate runtime nodes is reachable to unauthorized users. | Jul 9, 2024 |
| CVE-2024-35154(opens NVD record) | High | 7.2 | IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. Using specially crafted input, the attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 292641. | Jul 9, 2024 |
| CVE-2024-21993(opens NVD record) | Medium | 5.7 | SnapCenter versions prior to 5.0p1 are susceptible to a vulnerability which could allow an authenticated attacker to discover plaintext credentials. | Jul 9, 2024 |
| CVE-2024-20785(opens NVD record) | High | 7.8 | InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jul 9, 2024 |
| CVE-2024-20783(opens NVD record) | High | 7.8 | InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jul 9, 2024 |
| CVE-2024-20782(opens NVD record) | High | 7.8 | InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jul 9, 2024 |
| CVE-2024-20781(opens NVD record) | High | 7.8 | InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Jul 9, 2024 |
| CVE-2024-34123(opens NVD record) | High | 7.0 | Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the legitimate file. This could occur when the application uses a search path to locate executables or libraries. Exploitation of this issue requires user interaction, attack complexity is high. | Jul 9, 2024 |
| CVE-2024-6222(opens NVD record) | High | 7.0 | In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages. Docker Desktop v4.29.0 https://docs.docker.com/desktop/release-notes/#4290 fixes the issue on MacOS, Linux and Windows with Hyper-V backend. As exploitation requires "Allow only extensions distributed through the Docker Marketplace" to be disabled, Docker Desktop v4.31.0 https://docs.docker.com/desktop/release-notes/#4310 additionally changes the default configuration to enable this setting by default. | Jul 9, 2024 |
| CVE-2023-48194(opens NVD record) | Critical | 9.8 | Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained. | Jul 9, 2024 |
| CVE-2024-6237(opens NVD record) | Medium | 6.5 | A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service. | Jul 9, 2024 |
| CVE-2024-39171(opens NVD record) | Critical | 9.8 | Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix. | Jul 9, 2024 |
| CVE-2024-38112(opens NVD record) | High | 7.5 | Windows MSHTML Platform Spoofing Vulnerability | Jul 9, 2024 |
| CVE-2024-38105(opens NVD record) | Medium | 6.5 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38104(opens NVD record) | High | 8.8 | Windows Fax Service Remote Code Execution Vulnerability | Jul 9, 2024 |
| CVE-2024-38102(opens NVD record) | Medium | 6.5 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38101(opens NVD record) | Medium | 6.5 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38100(opens NVD record) | High | 7.8 | Windows File Explorer Elevation of Privilege Vulnerability | Jul 9, 2024 |
| CVE-2024-38099(opens NVD record) | Medium | 5.9 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38095(opens NVD record) | High | 7.5 | .NET and Visual Studio Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38094(opens NVD record) | High | 7.2 | Microsoft SharePoint Remote Code Execution Vulnerability | Jul 9, 2024 |
| CVE-2024-38092(opens NVD record) | High | 8.8 | Azure CycleCloud Elevation of Privilege Vulnerability | Jul 9, 2024 |
| CVE-2024-38091(opens NVD record) | High | 7.5 | Microsoft WS-Discovery Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38089(opens NVD record) | Critical | 9.1 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Jul 9, 2024 |
| CVE-2024-38088(opens NVD record) | High | 8.8 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Jul 9, 2024 |
| CVE-2024-38087(opens NVD record) | High | 8.8 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Jul 9, 2024 |
| CVE-2024-38086(opens NVD record) | Medium | 6.4 | Azure Kinect SDK Remote Code Execution Vulnerability | Jul 9, 2024 |
| CVE-2024-38085(opens NVD record) | High | 7.8 | Windows Graphics Component Elevation of Privilege Vulnerability | Jul 9, 2024 |
| CVE-2024-38081(opens NVD record) | High | 7.3 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | Jul 9, 2024 |
| CVE-2024-38080(opens NVD record) | High | 7.8 | Windows Hyper-V Elevation of Privilege Vulnerability | Jul 9, 2024 |
| CVE-2024-38079(opens NVD record) | High | 7.8 | Windows Graphics Component Elevation of Privilege Vulnerability | Jul 9, 2024 |
| CVE-2024-38078(opens NVD record) | High | 7.5 | Xbox Wireless Adapter Remote Code Execution Vulnerability | Jul 9, 2024 |
| CVE-2024-38077(opens NVD record) | Critical | 9.8 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Jul 9, 2024 |
| CVE-2024-38076(opens NVD record) | Critical | 9.8 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Jul 9, 2024 |
| CVE-2024-38074(opens NVD record) | Critical | 9.8 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | Jul 9, 2024 |
| CVE-2024-38073(opens NVD record) | High | 7.5 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38072(opens NVD record) | High | 7.5 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38071(opens NVD record) | High | 7.5 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38070(opens NVD record) | High | 7.8 | Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability | Jul 9, 2024 |
| CVE-2024-38069(opens NVD record) | High | 7.0 | Windows Enroll Engine Security Feature Bypass Vulnerability | Jul 9, 2024 |
| CVE-2024-38068(opens NVD record) | High | 7.5 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38067(opens NVD record) | High | 7.5 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | Jul 9, 2024 |
| CVE-2024-38066(opens NVD record) | High | 7.8 | Windows Win32k Elevation of Privilege Vulnerability | Jul 9, 2024 |
| CVE-2024-38065(opens NVD record) | Medium | 6.8 | Secure Boot Security Feature Bypass Vulnerability | Jul 9, 2024 |
| CVE-2024-38064(opens NVD record) | High | 7.5 | Windows TCP/IP Information Disclosure Vulnerability | Jul 9, 2024 |
| CVE-2024-38062(opens NVD record) | High | 7.8 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Jul 9, 2024 |
| CVE-2024-38061(opens NVD record) | High | 7.5 | DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability | Jul 9, 2024 |
| CVE-2024-38060(opens NVD record) | High | 8.8 | Windows Imaging Component Remote Code Execution Vulnerability | Jul 9, 2024 |