Total
33 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49018 | 1 Microsoft | 4 Sql Server, Sql Server 2016, Sql Server 2017 and 1 more | 2024-11-15 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-43639 | 1 Microsoft | 7 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 4 more | 2024-11-14 | 9.8 Critical |
| Windows KDC Proxy Remote Code Execution Vulnerability | ||||
| CVE-2024-43519 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2024-11-12 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2022-42475 | 1 Fortinet | 23 Fim-7901e, Fim-7904e, Fim-7910e and 20 more | 2024-10-23 | 9.3 Critical |
| A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. | ||||
| CVE-2024-38125 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2024-10-16 | 7.8 High |
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-21391 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-10-09 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-21377 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-10-09 | 5.5 Medium |
| Windows DNS Information Disclosure Vulnerability | ||||
| CVE-2024-21352 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-10-09 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-28944 | 1 Microsoft | 3 Ole Db Driver 18 For Sql Server, Ole Db Driver 19 For Sql Server, Sql Server | 2024-10-09 | 8.8 High |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-29050 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2024-10-09 | 8.4 High |
| Windows Cryptographic Services Remote Code Execution Vulnerability | ||||
| CVE-2024-37337 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-10-09 | 7.1 High |
| Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | ||||
| CVE-2024-38044 | 1 Microsoft | 9 Windows Server 2008 R2, Windows Server 2008 Sp2, Windows Server 2012 and 6 more | 2024-10-08 | 7.2 High |
| DHCP Server Service Remote Code Execution Vulnerability | ||||
| CVE-2024-38086 | 1 Microsoft | 2 Azure Kinect Sdk, Azure Kinect Software Development Kit | 2024-10-08 | 6.4 Medium |
| Azure Kinect SDK Remote Code Execution Vulnerability | ||||
| CVE-2024-21310 | 1 Microsoft | 15 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 12 more | 2024-10-08 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-32143 | 1 Dlink | 1 Dap-1360 | 2024-09-18 | N/A |
| D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18423. | ||||
| CVE-2023-36641 | 1 Fortinet | 2 Fortios, Fortiproxy | 2024-08-30 | 6.2 Medium |
| A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests. | ||||
| CVE-2024-21451 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2024-08-09 | 8.8 High |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | ||||
| CVE-2020-15202 | 2 Google, Opensuse | 2 Tensorflow, Leap | 2024-08-04 | 9 Critical |
| In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However, there are several places in TensorFlow where a lambda taking `int` or `int32` arguments is being used. In these cases, if the amount of work to be parallelized is large enough, integer truncation occurs. Depending on how the two arguments of the lambda are used, this can result in segfaults, read/write outside of heap allocated arrays, stack overflows, or data corruption. The issue is patched in commits 27b417360cbd671ef55915e4bb6bb06af8b8a832 and ca8c013b5e97b1373b3bb1c97ea655e69f31a575, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1. | ||||
| CVE-2022-34680 | 6 Citrix, Debian, Linux and 3 more | 13 Hypervisor, Debian Linux, Linux Kernel and 10 more | 2024-08-03 | 5.5 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service. | ||||
| CVE-2022-34676 | 5 Citrix, Linux, Nvidia and 2 more | 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more | 2024-08-03 | 7.1 High |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read may lead to denial of service, information disclosure, or data tampering. | ||||