Search Results (21073 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-33124 1 Siemens 2 Jt2go, Teamcenter Visualization 2025-01-03 7.8 High
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
CVE-2023-35110 1 Jjson Project 1 Jjson 2025-01-02 7.5 High
An issue was discovered jjson thru 0.1.7 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
CVE-2023-2569 1 Schneider-electric 1 Ecostruxure Foxboro Dcs Control Core Services 2025-01-02 7.8 High
A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
CVE-2024-3758 1 Openatom 1 Openharmony 2025-01-02 6.5 Medium
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow.
CVE-2022-21926 1 Microsoft 1 Hevc Video Extensions 2025-01-02 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-21917 1 Microsoft 1 Hevc Video Extensions 2025-01-02 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2024-10487 1 Google 1 Chrome 2025-01-02 8.8 High
Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)
CVE-2024-7970 1 Google 1 Chrome 2025-01-02 8.8 High
Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-8905 1 Google 1 Chrome 2025-01-02 8.8 High
Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-7018 1 Google 1 Chrome 2025-01-02 8.8 High
Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
CVE-2024-7024 1 Google 1 Chrome 2025-01-02 9.3 Critical
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2024-9121 1 Google 1 Chrome 2025-01-02 8.8 High
Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2024-43496 1 Microsoft 1 Edge Chromium 2024-12-31 6.5 Medium
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2024-6773 2 Canonical, Google 2 Ubuntu Linux, Chrome 2024-12-26 8.8 High
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-6772 1 Google 1 Chrome 2024-12-26 8.8 High
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2023-32538 1 Fujielectric 2 Tellus, Tellus Lite 2024-12-23 7.8 High
Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32273 and CVE-2023-32201.
CVE-2023-32276 1 Fujielectric 2 Tellus, Tellus Lite 2024-12-23 7.8 High
Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.
CVE-2023-32273 1 Fujielectric 2 Tellus, Tellus Lite 2024-12-23 7.8 High
Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32538 and CVE-2023-32201.
CVE-2023-32201 1 Fujielectric 2 Tellus, Tellus Lite 2024-12-23 7.8 High
Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32538 and CVE-2023-32273.
CVE-2024-8806 1 Cohesive 1 Vns3 2024-12-20 9.8 Critical
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cohesive Networks VNS3. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 8000 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24160.