Total
11299 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-0935 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2024-09-17 | N/A |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0893, and CVE-2018-0925. | ||||
| CVE-2021-28602 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-09-17 | 7.8 High |
| Adobe After Effects version 18.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-30660 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-09-17 | N/A |
| Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2018-13872 | 1 Hdfgroup | 1 Hdf5 | 2024-09-17 | N/A |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5G_ent_decode in H5Gent.c. | ||||
| CVE-2018-3846 | 2 Fedoraproject, Nasa | 2 Fedora, Cfitsio | 2024-09-17 | 8.8 High |
| In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution. | ||||
| CVE-2021-43028 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-09-17 | 7.8 High |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | ||||
| CVE-2018-7517 | 1 Omron | 1 Cx-supervisor | 2024-09-17 | N/A |
| In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. | ||||
| CVE-2021-28604 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-09-17 | 7.8 High |
| Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2017-15715 | 5 Apache, Canonical, Debian and 2 more | 10 Http Server, Ubuntu Linux, Debian Linux and 7 more | 2024-09-17 | N/A |
| In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename. | ||||
| CVE-2022-30658 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-09-17 | N/A |
| Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2017-4924 | 1 Vmware | 3 Esxi, Fusion, Workstation Pro | 2024-09-17 | 8.8 High |
| VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host. | ||||
| CVE-2021-34344 | 1 Qnap | 3 Qts, Qusbcam2, Quts Hero | 2024-09-17 | 9.8 Critical |
| A stack buffer overflow vulnerability has been reported to affect QNAP device running QUSBCam2. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QUSBCam2: QTS 4.5.4: QUSBCam2 1.1.4 ( 2021/07/30 ) and later QTS 5.0: QUSBCam2 2.0.1 ( 2021/08/03 ) and later QTS 4.3.6: QUSBCam2 1.1.4 ( 2021/07/30 ) and later QTS 4.3.3: QUSBCam2 1.1.4 ( 2021/08/06 ) and later QuTS hero 4.5.3: QUSBCam2 1.1.4 ( 2021/07/30 ) and later | ||||
| CVE-2017-2894 | 1 Cesanta | 1 Mongoose | 2024-09-17 | 9.8 Critical |
| An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability. | ||||
| CVE-2018-3851 | 1 Hyland | 1 Perceptive Document Filters | 2024-09-17 | 8.8 High |
| In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, an exploitable stack-based buffer overflow exists in the DOC-to-HTML conversion functionality of the Hyland Perceptive Document Filters version 11.4.0.2647. A crafted .doc document can lead to a stack-based buffer, resulting in direct code execution. | ||||
| CVE-2018-17929 | 1 Deltaww | 1 Tpeditor | 2024-09-17 | 7.8 High |
| In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2021-38684 | 1 Qnap | 1 Multimedia Console | 2024-09-17 | 8.1 High |
| A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Multimedia Console: Multimedia Console 1.4.3 ( 2021/10/05 ) and later Multimedia Console 1.5.3 ( 2021/10/05 ) and later | ||||
| CVE-2018-20460 | 1 Radare | 1 Radare2 | 2024-09-17 | N/A |
| In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file. | ||||
| CVE-2022-41992 | 1 Poweriso | 1 Poweriso | 2024-09-17 | 7.8 High |
| A memory corruption vulnerability exists in the VHD File Format parsing CXSPARSE record functionality of PowerISO PowerISO 8.3. A specially-crafted file can lead to an out-of-bounds write. A victim needs to open a malicious file to trigger this vulnerability. | ||||
| CVE-2018-14823 | 1 Fujielectric | 2 V-server, V-server Firmware | 2024-09-17 | 9.8 Critical |
| Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. | ||||
| CVE-2017-2803 | 1 Corel | 1 Coreldraw Photo Paint X8 | 2024-09-17 | N/A |
| A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability. This vulnerability only exists in the 64-bit version. | ||||