0.0
CVE-2024-53254 -
This CVE is a duplicate of another CVE.
6.5
CVE-2024-45422 - Zoom Apps - Improper Input Validation
Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access.
4.3
CVE-2024-52359 - IBM Concert Software improper access controls
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to perform unauthorized actions that should be reserved to administrator used due to improper access controls.
4.3
CVE-2024-45420 - Zoom Apps - Uncontrolled Resource Consumption
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access.
7.6
CVE-2024-52360 - IBM Concert Software SQL injection
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
8.1
CVE-2024-45419 - Zoom Apps - Improper Input Validation
Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.
7.8
CVE-2018-9409 -
In HWCSession::SetColorModeById of hwc_session.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
4.3
CVE-2024-37070 - IBM Concert Software information disclosure
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.
7.8
CVE-2018-9372 -
In cmd_flash_mmc_sparse_img of dl_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to a local escalation of privilege in the bootloader with no additional execution privileges needed. User interaction is not needed for exploitation.
7.8
CVE-2018-9371 -
In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional executโฆ