Security Vulnerabilities - CVEs Published In 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-12-20
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. A user may be able to view sensitive user information.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-12-20
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. An app may be able to access information about a user's contacts.
CVSS Score
3.3
EPSS Score
0.0
Published
2024-12-20
There is an improper input verification vulnerability in Huawei printer product. Successful exploitation of this vulnerability may cause service abnormal. (Vulnerability ID: HWPSIRT-2022-87185)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32204.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-12-20
Huawei printers have an input verification vulnerability. Successful exploitation of this vulnerability may cause device service exceptions. (Vulnerability ID: HWPSIRT-2022-80078)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-34159.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-12-20
There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32203.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-12-20
There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. (Vulnerability ID: HWPSIRT-2019-12302)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9250.
CVSS Score
3.3
EPSS Score
0.0
Published
2024-12-20
There is an insufficient input verification vulnerability in Huawei product. Successful exploitation of this vulnerability may lead to service abnormal. (Vulnerability ID: HWPSIRT-2022-76192)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32144.
CVSS Score
8.6
EPSS Score
0.0
Published
2024-12-20
Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the implementation of the custom_handler method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the www-data user. Was ZDI-CAN-24019.
CVSS Score
8.1
EPSS Score
0.018
Published
2024-12-20
Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the uvm_login module. The issue results from incorrect authorization. An attacker can leverage this to escalate privileges to resources normally protected from the user. Was ZDI-CAN-24324.
CVSS Score
6.6
EPSS Score
0.0
Published
2024-12-20