CWE-276 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (1509 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-27461	1 Intel	1 Memory And Storage Tool Gui	2024-09-06	5.6 Medium
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-34648	1 Samsung	1 Android	2024-09-05	5.1 Medium
Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data.
CVE-2024-34661	1 Samsung	1 Assistant	2024-09-05	4.3 Medium
Improper handling of insufficient permissions in Samsung Assistant prior to version 9.1.00.7 allows remote attackers to access location data. User interaction is required for triggering this vulnerability.
CVE-2024-23495	1 Intel	3 Distribution For Gdb, Distribution For Gdb Software, Oneapi Base Toolkit	2024-08-31	6.7 Medium
Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-6974	1 Catonetworks	2 Cato Client, Sdp Client	2024-08-27	8.8 High
Cato Networks Windows SDP Client Local Privilege Escalation via self-upgradeThis issue affects SDP Client: before 5.10.34.
CVE-2024-42681	1 Xuxueli	1 Xxl-job	2024-08-19	8.8 High
Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component.
CVE-2024-34617	1 Samsung	1 Android	2024-08-12	4 Medium
Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.
CVE-2024-34616	1 Samsung	1 Android	2024-08-12	5.1 Medium
Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive data.
CVE-2024-7525	2 Mozilla, Redhat	9 Firefox, Firefox Esr, Thunderbird and 6 more	2024-08-12	9.1 Critical
It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.

« first previous Page 76 of 76.