Total
132 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27342 | 2024-08-02 | N/A | ||
| PDF-XChange Editor EMF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18766. | ||||
| CVE-2023-25515 | 2 Microsoft, Nvidia | 10 Windows, Cloud Gaming, Geforce and 7 more | 2024-08-02 | 7.8 High |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure. | ||||
| CVE-2023-23394 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2024-08-02 | 5.5 Medium |
| Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability | ||||
| CVE-2023-21677 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-08-02 | 7.5 High |
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | ||||
| CVE-2023-21643 | 1 Qualcomm | 48 Apq8064au, Apq8064au Firmware, Apq8096au and 45 more | 2024-08-02 | 9.1 Critical |
| Memory corruption due to untrusted pointer dereference in automotive during system call. | ||||
| CVE-2023-1437 | 1 Advantech | 1 Webaccess\/scada | 2024-08-02 | 9.8 Critical |
| All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent could contain raw memory pointers for the server to use as-is. This could allow an attacker to gain access to the remote file system and the ability to execute commands and overwrite files. | ||||
| CVE-2023-0189 | 2 Linux, Nvidia | 2 Linux Kernel, Virtual Gpu | 2024-08-02 | 8.8 High |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2023-0184 | 1 Nvidia | 7 Geforce, Gpu Display Driver, Nvs and 4 more | 2024-08-02 | 8.8 High |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2024-40872 | 2024-08-02 | 8.4 High | ||
| There is an elevation of privilege vulnerability in server and client components of Absolute Secure Access prior to version 13.07. Attackers with local access and valid desktop user credentials can elevate their privilege to system level by passing invalid address data to the vulnerable component. This could be used to manipulate process tokens to elevate the privilege of a normal process to System. The scope is changed, the impact to system confidentiality and integrity is high, the impact to the availability of the effected component is none. | ||||
| CVE-2024-27353 | 2024-08-02 | 7.4 High | ||
| A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM. | ||||
| CVE-2024-25078 | 2024-08-01 | 7.4 High | ||
| A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, kernel 5.5: IB19130163 in 05.54.07, and kernel 5.6: IB19130163 in 05.61.07 could lead to escalating privileges in SMM. | ||||
| CVE-2024-23136 | 1 Autodesk | 3 Autocad, Autocad Advance Steel, Autocad Civil 3d | 2024-08-01 | 7.5 High |
| A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk AutoCAD can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. | ||||