Total
4358 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20657 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-05-03 | 7 High |
| Windows Group Policy Elevation of Privilege Vulnerability | ||||
| CVE-2024-21364 | 1 Microsoft | 1 Azure Site Recovery | 2025-05-03 | 9.3 Critical |
| Microsoft Azure Site Recovery Elevation of Privilege Vulnerability | ||||
| CVE-2024-20695 | 1 Microsoft | 1 Skype For Business Server | 2025-05-03 | 5.7 Medium |
| Skype for Business Information Disclosure Vulnerability | ||||
| CVE-2024-21401 | 1 Microsoft | 1 Entra Jira Sso Plugin | 2025-05-03 | 9.8 Critical |
| Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability | ||||
| CVE-2024-21436 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 7.8 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2024-21418 | 1 Linuxfoundation | 1 Software For Open Networking In The Cloud | 2025-05-03 | 7.8 High |
| Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability | ||||
| CVE-2024-26203 | 1 Microsoft | 1 Azure Data Studio | 2025-05-03 | 7.3 High |
| Azure Data Studio Elevation of Privilege Vulnerability | ||||
| CVE-2024-26201 | 1 Microsoft | 1 Intune Company Portal | 2025-05-03 | 6.6 Medium |
| Microsoft Intune Linux Agent Elevation of Privilege Vulnerability | ||||
| CVE-2024-29993 | 1 Microsoft | 1 Azure Cyclecloud | 2025-05-03 | 8.8 High |
| Azure CycleCloud Elevation of Privilege Vulnerability | ||||
| CVE-2024-29054 | 1 Microsoft | 1 Defender For Iot | 2025-05-03 | 7.2 High |
| Microsoft Defender for IoT Elevation of Privilege Vulnerability | ||||
| CVE-2024-29055 | 1 Microsoft | 1 Defender For Iot | 2025-05-03 | 7.2 High |
| Microsoft Defender for IoT Elevation of Privilege Vulnerability | ||||
| CVE-2024-28917 | 1 Microsoft | 7 Azure Arc Extension Microsoft.azstackhci.operator, Azure Arc Extension Microsoft.azure.hybridnetwork, Azure Arc Extension Microsoft.azurekeyvaultsecretsprovider and 4 more | 2025-05-03 | 6.2 Medium |
| Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability | ||||
| CVE-2024-26234 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-03 | 6.7 Medium |
| Proxy Driver Spoofing Vulnerability | ||||
| CVE-2024-29990 | 1 Microsoft | 1 Azure Kubernetes Service Confidential Containers | 2025-05-03 | 9 Critical |
| Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | ||||
| CVE-2024-28922 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-05-03 | 4.1 Medium |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-21424 | 1 Microsoft | 1 Azure Compute Gallery | 2025-05-03 | 6.5 Medium |
| Azure Compute Gallery Elevation of Privilege Vulnerability | ||||
| CVE-2024-30059 | 1 Microsoft | 1 Intune Mobile Application Management | 2025-05-03 | 6.1 Medium |
| Microsoft Intune for Android Mobile Application Management Tampering Vulnerability | ||||
| CVE-2022-42707 | 1 Mahara | 1 Mahara | 2025-05-02 | 7.5 High |
| In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0, embedded images are accessible without a sufficient permission check under certain conditions. | ||||
| CVE-2024-13102 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | 5.3 Medium |
| A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-13103 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2025-05-02 | 5.3 Medium |
| A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||