Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows
Subscriptions
Total
7453 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45112 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-09-19 | 7.8 High |
| Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context of the current user. This issue occurs when a resource is accessed using a type that is not compatible with the actual object type, leading to a logic error that an attacker could exploit. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-45247 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2024-09-19 | 7.1 High |
| Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36497. | ||||
| CVE-2022-48182 | 3 Lenovo, Linux, Microsoft | 6 Thinkpad T14s Gen 3, Thinkpad T14s Gen 3 Firmware, Thinkpad X13 Gen 3 and 3 more | 2024-09-19 | 6.1 Medium |
| A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access. | ||||
| CVE-2022-48183 | 3 Lenovo, Linux, Microsoft | 6 Thinkpad T14s Gen 3, Thinkpad T14s Gen 3 Firmware, Thinkpad X13 Gen 3 and 3 more | 2024-09-19 | 6.1 Medium |
| A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access. | ||||
| CVE-2024-45103 | 4 Emc, Lenovo, Microsoft and 1 more | 4 Vmware, Xclarity Administrator, Windows and 1 more | 2024-09-19 | 4.3 Medium |
| A valid, authenticated LXCA user may be able to unmanage an LXCA managed device in through the LXCA web interface without sufficient privileges. | ||||
| CVE-2024-45104 | 4 Emc, Lenovo, Microsoft and 1 more | 4 Vmware, Xclarity Administrator, Windows and 1 more | 2024-09-19 | 6.3 Medium |
| A valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call. | ||||
| CVE-2024-45181 | 2 Microsoft, Wibu | 2 Windows, Wibukey | 2024-09-18 | 8.8 High |
| An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption. | ||||
| CVE-2024-45182 | 2 Microsoft, Wibu | 2 Windows, Wibukey | 2024-09-18 | 5.5 Medium |
| An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulting in Denial of Service. | ||||
| CVE-2024-39378 | 3 Adobe, Apple, Microsoft | 3 Audition, Mac Os X, Windows | 2024-09-18 | 7.8 High |
| Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-41868 | 3 Adobe, Apple, Microsoft | 3 Audition, Mac Os X, Windows | 2024-09-18 | 5.5 Medium |
| Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-34117 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-18 | 7.8 High |
| Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-45108 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-18 | 7.8 High |
| Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-43756 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-18 | 7.8 High |
| Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-45109 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-18 | 7.8 High |
| Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-43760 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-18 | 7.8 High |
| Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-41747 | 2 Acronis, Microsoft | 2 Cloud Manager, Windows | 2024-09-18 | 6.5 Medium |
| Sensitive information disclosure due to unauthenticated path traversal. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203. | ||||
| CVE-2024-0107 | 2 Microsoft, Nvidia | 8 Windows, Cloud Gaming, Geforce and 5 more | 2024-09-17 | 7.8 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2021-28561 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-09-17 | 8.8 High |
| Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-28549 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-17 | 7.8 High |
| Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2017-12545 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2024-09-17 | N/A |
| A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||||