Total
5500 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-22317 | 1 Omron | 1 Cx-programmer | 2024-10-17 | 7.8 High |
| Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22314. | ||||
| CVE-2023-22314 | 1 Omron | 1 Cx-programmer | 2024-10-17 | 7.8 High |
| Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22317. | ||||
| CVE-2023-22277 | 1 Omron | 1 Cx-programmer | 2024-10-17 | 7.8 High |
| Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22317 and CVE-2023-22314. | ||||
| CVE-2024-9961 | 1 Google | 1 Chrome | 2024-10-16 | 8.8 High |
| Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-9960 | 1 Google | 1 Chrome | 2024-10-16 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-9959 | 1 Google | 1 Chrome | 2024-10-16 | 8.8 High |
| Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) | ||||
| CVE-2024-9957 | 1 Google | 1 Chrome | 2024-10-16 | 8.8 High |
| Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-9955 | 1 Google | 1 Chrome | 2024-10-16 | 8.8 High |
| Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-23370 | 1 Qualcomm | 22 Qca6584au, Qca6584au Firmware, Qca6698aq and 19 more | 2024-10-16 | 6.7 Medium |
| Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same. | ||||
| CVE-2024-23376 | 1 Qualcomm | 42 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 39 more | 2024-10-16 | 6.7 Medium |
| Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call. | ||||
| CVE-2024-33069 | 1 Qualcomm | 88 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 85 more | 2024-10-16 | 7.5 High |
| Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host. | ||||
| CVE-2024-38399 | 1 Qualcomm | 80 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 77 more | 2024-10-16 | 8.4 High |
| Memory corruption while processing user packets to generate page faults. | ||||
| CVE-2024-8422 | 1 Schneider-electric | 1 Zelio Soft 2 | 2024-10-16 | 7.8 High |
| CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file. | ||||
| CVE-2024-39831 | 1 Openatom | 1 Openharmony | 2024-10-16 | 4.4 Medium |
| in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free. | ||||
| CVE-2024-9680 | 2 Mozilla, Redhat | 9 Firefox, Firefox Esr, Thunderbird and 6 more | 2024-10-16 | 9.8 Critical |
| An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0. | ||||
| CVE-2024-43472 | 1 Microsoft | 1 Edge Chromium | 2024-10-16 | 5.8 Medium |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2024-38171 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-10-16 | 7.8 High |
| Microsoft PowerPoint Remote Code Execution Vulnerability | ||||
| CVE-2024-38158 | 1 Microsoft | 2 Azure Iot Hub Device Client Sdk, C Sdk For Azure Iot | 2024-10-16 | 7 High |
| Azure IoT SDK Remote Code Execution Vulnerability | ||||
| CVE-2024-38150 | 1 Microsoft | 15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more | 2024-10-16 | 7.8 High |
| Windows DWM Core Library Elevation of Privilege Vulnerability | ||||
| CVE-2024-38147 | 1 Microsoft | 15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more | 2024-10-16 | 7.8 High |
| Microsoft DWM Core Library Elevation of Privilege Vulnerability | ||||