Total
7200 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-37354 | 1 Kofax | 1 Power Pdf | 2024-08-02 | N/A |
| Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20458. | ||||
| CVE-2023-37347 | 2024-08-02 | N/A | ||
| Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20444. | ||||
| CVE-2023-37358 | 2024-08-02 | N/A | ||
| Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-20469. | ||||
| CVE-2023-37353 | 1 Kofax | 1 Power Pdf | 2024-08-02 | N/A |
| Kofax Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-20455. | ||||
| CVE-2023-37352 | 1 Kofax | 1 Power Pdf | 2024-08-02 | N/A |
| Kofax Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-20454. | ||||
| CVE-2023-37357 | 1 Kofax | 1 Power Pdf | 2024-08-02 | N/A |
| Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-20468. | ||||
| CVE-2023-37240 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-02 | 9.1 Critical |
| Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read. | ||||
| CVE-2023-37356 | 1 Kofax | 1 Power Pdf | 2024-08-02 | N/A |
| Kofax Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-20461. | ||||
| CVE-2023-37359 | 1 Kofax | 1 Power Pdf | 2024-08-02 | N/A |
| Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-20470. | ||||
| CVE-2023-36905 | 1 Microsoft | 14 Windows 10, Windows 10 1507, Windows 10 1607 and 11 more | 2024-08-02 | 5.5 Medium |
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | ||||
| CVE-2023-36803 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2024-08-02 | 5.5 Medium |
| Windows Kernel Information Disclosure Vulnerability | ||||
| CVE-2023-36766 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2024-08-02 | 7.8 High |
| Microsoft Excel Information Disclosure Vulnerability | ||||
| CVE-2023-36701 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2024-08-02 | 7.8 High |
| Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability | ||||
| CVE-2023-36728 | 1 Microsoft | 7 Odbc Driver 17 For Sql Server, Odbc Driver 18 For Sql Server, Odbc Driver For Sql Server and 4 more | 2024-08-02 | 5.5 Medium |
| Microsoft SQL Server Denial of Service Vulnerability | ||||
| CVE-2023-36696 | 1 Microsoft | 15 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 12 more | 2024-08-02 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-36629 | 1 St | 1 St54-android-packages-apps-nfc | 2024-08-02 | 5.5 Medium |
| The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read. | ||||
| CVE-2023-36428 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-08-02 | 5.5 Medium |
| Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | ||||
| CVE-2023-36356 | 1 Tp-link | 8 Tl-wr740n, Tl-wr740n Firmware, Tl-wr841n and 5 more | 2024-08-02 | 7.7 High |
| TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | ||||
| CVE-2023-36424 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-08-02 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-35862 | 1 Libcoap | 1 Libcoap | 2024-08-02 | 6.5 Medium |
| libcoap 4.3.1 contains a buffer over-read via the function coap_parse_oscore_conf_mem at coap_oscore.c. | ||||