Search Results (21072 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-49551 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2024-12-18 7.8 High
Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-49552 1 Adobe 1 Media Encoder 2024-12-18 7.8 High
Media Encoder versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-49553 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2024-12-18 7.8 High
Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2017-13313 1 Google 1 Android 2024-12-18 7.5 High
In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-52994 1 Adobe 1 Substance 3d Sampler 2024-12-18 7.8 High
Substance3D - Sampler versions 4.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-52995 1 Adobe 1 Substance 3d Sampler 2024-12-18 7.8 High
Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-52996 1 Adobe 1 Substance 3d Sampler 2024-12-18 7.8 High
Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-29224 2 Gocast, Mayuresh82 2 Gocast, Gocast 2024-12-17 9.8 Critical
An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
CVE-2023-3291 1 Gpac 1 Gpac 2024-12-17 3.3 Low
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.
CVE-2024-43091 1 Google 1 Android 2024-12-17 9.8 Critical
In filterMask of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-38922 1 Openrobotics 1 Robot Operating System 2024-12-17 8.8 High
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a heap overflow in the nav2_amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose.
CVE-2024-31336 2 Google, Imaginationtech 2 Android, Ddk 2024-12-17 8.4 High
In PVRSRVBridgeRGXKickTA3D2 of server_rgxta3d_bridge.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-40658 1 Google 1 Android 2024-12-17 7.8 High
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-31326 1 Google 1 Android 2024-12-17 7.8 High
In multiple locations, there is a possible way in which policy migration code will never be executed due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-31335 1 Google 1 Android 2024-12-17 7.8 High
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-34720 1 Google 1 Android 2024-12-17 7.8 High
In com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly of com_android_internal_os_ZygoteCommandBuffer.cpp, there is a possible method to perform arbitrary code execution in any app zygote processes due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-34723 1 Google 1 Android 2024-12-17 7.8 High
In onTransact of ParcelableListBinder.java , there is a possible way to steal mAllowlistToken to launch an app from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-34726 1 Google 1 Android 2024-12-17 7.8 High
In PVRSRV_MMap of pvr_bridge_k.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-34741 1 Google 1 Android 2024-12-17 7.8 High
In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-31311 1 Google 1 Android 2024-12-17 7.8 High
In increment_annotation_count of stats_event.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.