Total
32088 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-23209 | 1 Apple | 1 Macos | 2025-05-30 | N/A | 8.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3. Processing web content may lead to arbitrary code execution. | |||||
CVE-2024-23204 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-05-30 | N/A | 7.5 HIGH |
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user. | |||||
CVE-2024-23203 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-05-30 | N/A | 7.5 HIGH |
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user. | |||||
CVE-2024-22638 | 1 Livesite | 1 Livesite | 2025-05-30 | N/A | 9.8 CRITICAL |
liveSite v2019.1 was discovered to contain a remote code execution (RCE) vulenrabiity via the component /livesite/edit_designer_region.php or /livesite/add_email_campaign.php. | |||||
CVE-2024-22636 | 1 Pluxml | 1 Pluxml | 2025-05-30 | N/A | 8.8 HIGH |
PluXml Blog v5.8.9 was discovered to contain a remote code execution (RCE) vulnerability in the Static Pages feature. This vulnerability is exploited via injecting a crafted payload into the Content field. | |||||
CVE-2024-0812 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-30 | N/A | 8.8 HIGH |
Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2024-0742 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2025-05-30 | N/A | 4.3 MEDIUM |
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. | |||||
CVE-2023-51926 | 1 Yonyou | 1 Yonbip | 2025-05-30 | N/A | 7.5 HIGH |
YonBIP v3_23.05 was discovered to contain an arbitrary file read vulnerability via the nc.bs.framework.comn.serv.CommonServletDispatcher component. | |||||
CVE-2023-51892 | 1 Weaver | 1 E-cology | 2025-05-30 | N/A | 9.8 CRITICAL |
An issue in weaver e-cology v.10.0.2310.01 allows a remote attacker to execute arbitrary code via a crafted script to the FrameworkShellController component. | |||||
CVE-2023-50693 | 1 Jester Project | 1 Jester | 2025-05-30 | N/A | 9.8 CRITICAL |
An issue in Jester v.0.6.0 and before allows a remote attacker to send a malicious crafted request. | |||||
CVE-2023-44001 | 1 Linecorp | 1 Line | 2025-05-30 | N/A | 5.4 MEDIUM |
An issue in Ailand clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||||
CVE-2023-43991 | 1 Linecorp | 1 Line | 2025-05-30 | N/A | 5.4 MEDIUM |
An issue in PRIMA CLINIC mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||||
CVE-2023-43990 | 1 Linecorp | 1 Line | 2025-05-30 | N/A | 5.4 MEDIUM |
An issue in cherub-hair mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||||
CVE-2023-35835 | 1 Solax | 2 Pocket Wifi 3, Pocket Wifi 3 Firmware | 2025-05-30 | N/A | 9.8 CRITICAL |
An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. The device provides a WiFi access point for initial configuration. The WiFi network provided has no network authentication (such as an encryption key) and persists permanently, including after enrollment and setup is complete. The WiFi network serves a web-based configuration utility, as well as an unauthenticated ModBus protocol interface. | |||||
CVE-2023-31654 | 1 Redis | 1 Redisraft | 2025-05-30 | N/A | 9.8 CRITICAL |
Redis raft master-1b8bd86 to master-7b46079 was discovered to contain an ODR violation via the component hiredisAllocFns at /opt/fs/redisraft/deps/hiredis/alloc.c. | |||||
CVE-2025-33136 | 2 Ibm, Linux | 2 Aspera Faspex, Linux Kernel | 2025-05-30 | N/A | 7.1 HIGH |
IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to improper protection of assumed immutable data. | |||||
CVE-2022-34715 | 1 Microsoft | 1 Windows Server 2022 | 2025-05-29 | N/A | 9.8 CRITICAL |
Windows Network File System Remote Code Execution Vulnerability | |||||
CVE-2022-34714 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-05-29 | N/A | 8.1 HIGH |
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | |||||
CVE-2022-34712 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2016 and 1 more | 2025-05-29 | N/A | 5.5 MEDIUM |
Windows Defender Credential Guard Information Disclosure Vulnerability | |||||
CVE-2022-34710 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-05-29 | N/A | 5.5 MEDIUM |
Windows Defender Credential Guard Information Disclosure Vulnerability |