Total
12648 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0036 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-10-15 | 7.8 High |
| Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file. | ||||
| CVE-2016-9428 | 1 Tats | 1 W3m | 2024-10-15 | 8.8 High |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | ||||
| CVE-2016-6817 | 1 Apache | 1 Tomcat | 2024-10-15 | 7.5 High |
| The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible. | ||||
| CVE-2023-39976 | 2 Clusterlabs, Redhat | 3 Libqb, Enterprise Linux, Rhel Eus | 2024-10-15 | 9.8 Critical |
| log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered. | ||||
| CVE-2024-45467 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-10-15 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-45468 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-10-15 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-45473 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-10-15 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. | ||||
| CVE-2024-45474 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-10-15 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. | ||||
| CVE-2024-45472 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-10-15 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. An attacker could leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. | ||||
| CVE-2021-36978 | 1 Qpdf Project | 1 Qpdf | 2024-10-15 | 5.5 Medium |
| QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES_PDF::finish) when a certain downstream write fails. | ||||
| CVE-2022-41877 | 3 Fedoraproject, Freerdp, Redhat | 3 Fedora, Freerdp, Enterprise Linux | 2024-10-15 | 4.6 Medium |
| FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in `drive` channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the drive redirection channel - command line options `/drive`, `+drives` or `+home-drive`. | ||||
| CVE-2008-1083 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows Server 2008 and 2 more | 2024-10-15 | 8.1 High |
| Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, aka "GDI Heap Overflow Vulnerability." | ||||
| CVE-2024-47046 | 1 Siemens | 1 Simcenter Nastran | 2024-10-10 | 7.8 High |
| A vulnerability has been identified in Simcenter Nastran 2306 (All versions), Simcenter Nastran 2312 (All versions), Simcenter Nastran 2406 (All versions < V2406.5000). The affected application is vulnerable to memory corruption while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-3953 | 1 Schneider-electric | 1 Pro-face Gp-pro Ex | 2024-10-09 | 5.3 Medium |
| A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX. | ||||
| CVE-2020-36023 | 1 Freedesktop | 1 Poppler | 2024-10-09 | 6.5 Medium |
| An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function. | ||||
| CVE-2022-36372 | 1 Intel | 69 Bios, Nuc 8 Compute Element Cm8ccb4r, Nuc 8 Compute Element Cm8ccb4r Firmware and 66 more | 2024-10-09 | 7.5 High |
| Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-3261 | 2 Cyberpower, Dataprobe | 45 Powerpanel Server, Iboot-pdu4-c20, Iboot-pdu4-c20 Firmware and 42 more | 2024-10-09 | 7.5 High |
| The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier contains a buffer overflow vulnerability in the librta.so.0.0.0 library.Successful exploitation could cause denial of service or unexpected behavior with respect to all interactions relying on the targeted vulnerable binary, including the ability to log in via the web server. | ||||
| CVE-2023-21264 | 1 Google | 1 Android | 2024-10-09 | 6.7 Medium |
| In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2021-1713 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2024-10-08 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2024-38104 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-10-08 | 8.8 High |
| Windows Fax Service Remote Code Execution Vulnerability | ||||