Total
5495 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-30328 | 1 Foxit | 1 Pdf Reader | 2024-08-02 | N/A |
| Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22633. | ||||
| CVE-2024-30062 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 2 more | 2024-08-02 | 7.8 High |
| Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability | ||||
| CVE-2024-30080 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-08-02 | 9.8 Critical |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | ||||
| CVE-2024-30035 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-08-02 | 7.8 High |
| Windows DWM Core Library Elevation of Privilege Vulnerability | ||||
| CVE-2024-30082 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-08-02 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2024-30101 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-08-02 | 7.5 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2024-30086 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-08-02 | 7.8 High |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | ||||
| CVE-2024-30031 | 1 Microsoft | 18 Windows, Windows 10 1507, Windows 10 1607 and 15 more | 2024-08-02 | 7.8 High |
| Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | ||||
| CVE-2024-30102 | 1 Microsoft | 1 365 Apps | 2024-08-02 | 7.3 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2024-30032 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-08-02 | 7.8 High |
| Windows DWM Core Library Elevation of Privilege Vulnerability | ||||
| CVE-2024-30006 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2024-08-02 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-30049 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2024-08-02 | 7.8 High |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | ||||
| CVE-2024-30028 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2024-08-02 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2024-29787 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
| In lwis_process_transactions_in_queue of lwis_transaction.c, there is a possible use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-28951 | 2024-08-02 | 5.5 Medium | ||
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | ||||
| CVE-2024-27975 | 1 Ivanti | 1 Avalanche | 2024-08-02 | N/A |
| An Use-after-free vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. | ||||
| CVE-2024-27929 | 2024-08-02 | 7.1 High | ||
| ImageSharp is a managed, cross-platform, 2D graphics library. A heap-use-after-free flaw was found in ImageSharp's InitializeImage() function of PngDecoderCore.cs file. This vulnerability is triggered when an attacker passes a specially crafted PNG image file to ImageSharp for conversion, potentially leading to information disclosure. This issue has been patched in versions 3.1.3 and 2.1.7. | ||||
| CVE-2024-27217 | 2024-08-02 | 6.5 Medium | ||
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. | ||||
| CVE-2024-27213 | 2024-08-02 | 8.4 High | ||
| In BroadcastSystemMessage of servicemgr.cpp, there is a possible Remote Code Execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-25938 | 2024-08-01 | 8.8 High | ||
| A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | ||||