Total
7187 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49028 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2024-11-14 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2024-43449 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2024-11-14 | 6.8 Medium |
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-43644 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2024-11-14 | 7.8 High |
| Windows Client-Side Caching Elevation of Privilege Vulnerability | ||||
| CVE-2024-43643 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2024-11-14 | 6.8 Medium |
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-43638 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2024-11-14 | 6.8 Medium |
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-43637 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2024-11-14 | N/A |
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-43634 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2024-11-14 | 6.8 Medium |
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2022-21877 | 1 Microsoft | 12 Windows 10, Windows 10 1809, Windows 10 1909 and 9 more | 2024-11-14 | 5.5 Medium |
| Storage Spaces Controller Information Disclosure Vulnerability | ||||
| CVE-2022-21876 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2024-11-14 | 5.5 Medium |
| Win32k Information Disclosure Vulnerability | ||||
| CVE-2024-25431 | 1 Bytecodealliance | 1 Webassembly Micro Runtime | 2024-11-14 | 8.8 High |
| An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and fixed in commit 06df58f allows a remote attacker to escalate privileges via a crafted file to the check_was_abi_compatibility function. | ||||
| CVE-2024-46956 | 3 Artifex, Debian, Suse | 5 Ghostscript, Debian Linux, Linux Enterprise High Performance Computing and 2 more | 2024-11-14 | 7.8 High |
| An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution. | ||||
| CVE-2024-27230 | 2024-11-14 | 5.1 Medium | ||
| In ProtocolPsKeepAliveStatusAdapter::getCode() of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | ||||
| CVE-2024-28051 | 2024-11-14 | 2.2 Low | ||
| Out-of-bounds read in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2024-32667 | 2024-11-14 | 3.9 Low | ||
| Out-of-bounds read for some OpenCL(TM) software may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-4458 | 1 Redhat | 1 Enterprise Linux | 2024-11-14 | 4 Medium |
| A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE. | ||||
| CVE-2023-32880 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2024-11-14 | 4.4 Medium |
| In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076. | ||||
| CVE-2023-26157 | 1 Gnu | 1 Libredwg | 2024-11-14 | 5.5 Medium |
| Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. | ||||
| CVE-2024-47445 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-14 | 5.5 Medium |
| After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-47444 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-14 | 5.5 Medium |
| After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-47446 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-14 | 5.5 Medium |
| After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||