Skip to main content
CVE-2024-34118 MEDIUM This Month

Illustrator versions 28.5, 27.9.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to an application denial-of-service condition. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Illustrator
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-20790 MEDIUM This Month

Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Dimension
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-41863 MEDIUM This Month

Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Substance 3d Sampler
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-41862 MEDIUM This Month

Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Substance 3d Sampler
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-41861 MEDIUM This Month

Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Substance 3d Sampler
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-41860 MEDIUM This Month

Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Substance 3d Sampler
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-29015 MEDIUM This Month

Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Oneapi Base Toolkit Vtune Profiler
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-28953 MEDIUM This Month

Uncontrolled search path in some EMON software before version 11.44 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-28887 MEDIUM This Month

Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Integrated Performance Primitives Oneapi Base Toolkit
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-28876 MEDIUM This Month

Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Mpi Library Oneapi Hpc Toolkit
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-28172 MEDIUM This Month

Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Oneapi Hpc Toolkit Trace Analyzer And Collector
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-28046 MEDIUM This Month

Uncontrolled search path in some Intel(R) GPA software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Graphics Performance Analyzers
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-26027 MEDIUM This Month

Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Simics Package Manager
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-26025 MEDIUM This Month

Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Advisor Oneapi Base Toolkit
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-25561 MEDIUM This Month

Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Hid Event Filter Driver Nuc M15 Laptop Kit Lapbc510 Firmware Nuc M15 Laptop Kit Lapbc710 Firmware +7
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-24977 MEDIUM This Month

Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel License Manager For Flexim
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-23974 MEDIUM This Month

Incorrect default permissions in some Intel(R) ISH software installers may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-23909 MEDIUM This Month

Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Field Programmable Gate Array Software Development Kit For Opencl
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-23908 MEDIUM This Month

Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Flexlm License Daemons For Intel Fpga
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-23907 MEDIUM This Month

Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel High Level Synthesis Compiler Oneapi Dpc C Compiler Quartus Prime
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-23495 MEDIUM This Month

Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Distribution For Gdb Oneapi Base Toolkit
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-23491 MEDIUM This Month

Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Distribution For Gdb Oneapi Base Toolkit
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-23489 MEDIUM This Month

Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Virtual Raid On Cpu
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-22378 MEDIUM This Month

Incorrect default permissions in some Intel Unite(R) Client Extended Display Plugin software installers before version 1.1.352.157 may allow an authenticated user to potentially enable escalation of. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-22376 MEDIUM This Month

Uncontrolled search path element in some installation software for Intel(R) Ethernet Adapter Driver Pack before version 28.3 may allow an authenticated user to potentially enable escalation of. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-22184 MEDIUM PATCH This Month

Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 5.4).

Privilege Escalation Intel Quartus Prime
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-21857 MEDIUM This Month

Uncontrolled search path for some Intel(R) oneAPI Compiler software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-21784 MEDIUM This Month

Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Integrated Performance Primitives Cryptography Oneapi Base Toolkit
NVD
CVSS 4.0
5.4
EPSS
0.1%
CVE-2024-21769 MEDIUM This Month

Uncontrolled search path in some Intel(R) Ethernet Connection I219-LM install software may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-21766 MEDIUM This Month

Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.2%
CVE-2024-39418 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Magento
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-40620 MEDIUM This Month

CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption of sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Pavilion8
NVD
CVSS 4.0
5.3
EPSS
0.2%
CVE-2024-41723 MEDIUM This Month

Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Advanced Web Application Firewall Big Ip Analytics +17
NVD
CVSS 4.0
5.3
EPSS
0.3%
CVE-2024-21844 MEDIUM This Month

Integer overflow in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Intel Denial Of Service
NVD
CVSS 4.0
5.3
EPSS
0.3%
CVE-2024-5915 MEDIUM This Month

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft Globalprotect
NVD
CVSS 4.0
5.2
EPSS
0.2%
CVE-2024-41719 MEDIUM This Month

When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM), F5 iHealth credentials will be logged in the BIG-IP Central Manager logs. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Big Ip Next Central Manager
NVD
CVSS 4.0
5.1
EPSS
0.2%
CVE-2024-28050 MEDIUM This Month

Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Intel Denial Of Service Arc A Graphics Iris Xe Graphics
NVD
CVSS 4.0
5.1
EPSS
0.1%
CVE-2024-42435 MEDIUM This Month

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Meeting Software Development Kit Rooms Rooms Controller Workplace +2
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2024-42434 MEDIUM This Month

Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Meeting Software Development Kit Rooms Rooms Controller +3
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2024-39824 MEDIUM This Month

Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Meeting Software Development Kit Rooms Rooms Controller +3
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2024-39823 MEDIUM This Month

Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Meeting Software Development Kit Rooms Rooms Controller +3
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2024-27461 MEDIUM This Month

Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Denial Of Service Memory And Storage Tool Gui
NVD
CVSS 4.0
4.3
EPSS
0.1%
CVE-2024-39419 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Magento
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-39417 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Magento
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-39416 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Magento
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-39415 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Magento
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-39414 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Magento
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-39413 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Magento
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-39412 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Magento
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-39411 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Magento
NVD
CVSS 3.1
4.3
EPSS
0.4%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy