Total
31253 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46841 | 1 Apple | 1 Music | 2025-03-11 | 5.9 Medium |
| This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity. | ||||
| CVE-2024-1725 | 1 Redhat | 6 Openshift, Openshift Container Platform, Openshift Container Platform For Arm64 and 3 more | 2025-03-11 | 8.1 High |
| A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node. | ||||
| CVE-2024-32131 | 1 Wpdownloadmanager | 1 Download Manager | 2025-03-11 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc. Download Manager allows Functionality Bypass.This issue affects Download Manager: from n/a through 3.2.82. | ||||
| CVE-2023-2941 | 1 Google | 1 Chrome | 2025-03-11 | 4.3 Medium |
| Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. (Chromium security severity: Low) | ||||
| CVE-2023-23531 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-11 | 8.6 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | ||||
| CVE-2022-32855 | 1 Apple | 2 Ipados, Iphone Os | 2025-03-11 | 5.5 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6. A user may be able to view restricted content from the lock screen. | ||||
| CVE-2022-32836 | 1 Apple | 1 Music | 2025-03-11 | 7.5 High |
| This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data. | ||||
| CVE-2022-32824 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2025-03-11 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. | ||||
| CVE-2022-32784 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2025-03-11 | 6.5 Medium |
| The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data. | ||||
| CVE-2023-42661 | 1 Jfrog | 1 Artifactory | 2025-03-11 | 7.2 High |
| JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts. | ||||
| CVE-2024-1442 | 2 Grafana, Redhat | 3 Grafana, Acm, Ceph Storage | 2025-03-11 | 6 Medium |
| A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization. | ||||
| CVE-2023-46169 | 1 Ibm | 2 Ds8900f, Ds8900f Firmware | 2025-03-11 | 6.5 Medium |
| IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily delete a file. IBM X-Force ID: 269406. | ||||
| CVE-2023-46170 | 1 Ibm | 2 Ds8900f, Ds8900f Firmware | 2025-03-11 | 6.5 Medium |
| IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily read files after enumerating file names. | ||||
| CVE-2023-46172 | 1 Ibm | 2 Ds8900f, Ds8900f Firmware | 2025-03-11 | 5.6 Medium |
| IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow a remote attacker to bypass authentication restrictions for authorized user. IBM X-Force ID: 269409. | ||||
| CVE-2024-2265 | 1 Keerti1924 | 1 Php Mysql User Signup Login System | 2025-03-11 | 5.3 Medium |
| A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. This affects an unknown part of the file login.sql. The manipulation leads to inclusion of sensitive information in source code. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256035. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2267 | 1 Keerti1924 | 1 Online Bookstore Website | 2025-03-11 | 4.3 Medium |
| A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0 and classified as problematic. This issue affects some unknown processing of the file /shop.php. The manipulation of the argument product_price leads to business logic errors. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256037 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-1088 | 1 Rajkakadiya | 1 Password Protected Store For Woocommerce | 2025-03-11 | 5.3 Medium |
| The Password Protected Store for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9 via the REST API. This makes it possible for unauthenticated attackers to extract sensitive data including post titles and content. | ||||
| CVE-2024-49109 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-03-11 | 6.6 Medium |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | ||||
| CVE-2024-49041 | 1 Microsoft | 1 Edge Chromium | 2025-03-11 | 4.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2024-49138 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-11 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||