Total
2073 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33146 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-08-02 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2023-32643 | 1 Gnome | 1 Glib | 2024-08-02 | 5.3 Medium |
| A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665. | ||||
| CVE-2024-6873 | 2024-08-02 | 8.1 High | ||
| It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time of execution, and no known remote code execution (RCE) code has been produced or exploited. Fixes have been merged to all currently supported version of ClickHouse. If you are maintaining your own forked version of ClickHouse or using an older version and cannot upgrade, the fix for this vulnerability can be found in this commit https://github.com/ClickHouse/ClickHouse/pull/64024 . | ||||
| CVE-2023-32324 | 3 Debian, Openprinting, Redhat | 4 Debian Linux, Cups, Enterprise Linux and 1 more | 2024-08-02 | 7.5 High |
| OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. | ||||
| CVE-2023-32307 | 2 Debian, Signalwire | 2 Debian Linux, Sofia-sip | 2024-08-02 | 7.5 High |
| Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. The previous patch of [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54) fixed the vulnerability when attr_type did not match the enum value, but there are also vulnerabilities in the handling of other valid cases. The OOB read and integer-overflow made by attacker may lead to crash, high consumption of memory or even other more serious consequences. These issue have been addressed in version 1.13.15. Users are advised to upgrade. | ||||
| CVE-2023-32083 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2024-08-02 | 6.5 Medium |
| Microsoft Failover Cluster Information Disclosure Vulnerability | ||||
| CVE-2023-32028 | 1 Microsoft | 7 Ole Db Driver 18 For Sql Server, Ole Db Driver 19 For Sql Server, Ole Db Driver For Sql Server and 4 more | 2024-08-02 | 7.8 High |
| Microsoft SQL OLE DB Remote Code Execution Vulnerability | ||||
| CVE-2023-32047 | 1 Microsoft | 1 Paint 3d | 2024-08-02 | 7.8 High |
| Paint 3D Remote Code Execution Vulnerability | ||||
| CVE-2023-32025 | 1 Microsoft | 7 Odbc Driver 17 For Sql Server, Odbc Driver 18 For Sql Server, Odbc Driver For Sql Server and 4 more | 2024-08-02 | 7.8 High |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2023-32027 | 1 Microsoft | 7 Odbc Driver 17 For Sql Server, Odbc Driver 18 For Sql Server, Odbc Driver For Sql Server and 4 more | 2024-08-02 | 7.8 High |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2023-32026 | 1 Microsoft | 7 Odbc Driver 17 For Sql Server, Odbc Driver 18 For Sql Server, Odbc Driver For Sql Server and 4 more | 2024-08-02 | 7.8 High |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2023-31722 | 1 Nasm | 1 Netwide Assembler | 2024-08-02 | 7.8 High |
| There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). | ||||
| CVE-2023-31031 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-08-02 | 4.2 Medium |
| NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2023-30763 | 1 Intel | 3 Battery Life Diagnostic Tool, Oneapi Base Toolkit, Soc Watch | 2024-08-02 | 7.2 High |
| Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-29344 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-08-02 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2023-29372 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2024-08-02 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2023-29362 | 1 Microsoft | 19 Remote Desktop, Windows 10 1507, Windows 10 1607 and 16 more | 2024-08-02 | 8.8 High |
| Remote Desktop Client Remote Code Execution Vulnerability | ||||
| CVE-2023-29370 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-08-02 | 7.8 High |
| Windows Media Remote Code Execution Vulnerability | ||||
| CVE-2023-29283 | 1 Adobe | 1 Substance 3d Painter | 2024-08-02 | 7.8 High |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-29073 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-08-02 | 9.8 Critical |
| A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||