Total
2676 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21428 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-15 | N/A | 8.8 HIGH |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | |||||
| CVE-2024-28942 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2022-48480 | 1 Huawei | 1 Emui | 2025-01-15 | N/A | 7.5 HIGH |
| Integer overflow vulnerability in some phones. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-43530 | 1 Qualcomm | 316 Aqt1000, Aqt1000 Firmware, Ar8035 and 313 more | 2025-01-15 | N/A | 5.9 MEDIUM |
| Memory corruption in HLOS while checking for the storage type. | |||||
| CVE-2024-28923 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-14 | N/A | 6.4 MEDIUM |
| Secure Boot Security Feature Bypass Vulnerability | |||||
| CVE-2024-28931 | 1 Microsoft | 5 Odbc Driver For Sql Server, Sql Server 2019, Sql Server 2022 and 2 more | 2025-01-14 | N/A | 8.8 HIGH |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-28936 | 1 Microsoft | 5 Odbc Driver For Sql Server, Sql Server 2019, Sql Server 2022 and 2 more | 2025-01-14 | N/A | 8.8 HIGH |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-28929 | 1 Microsoft | 5 Odbc Driver For Sql Server, Sql Server 2019, Sql Server 2022 and 2 more | 2025-01-14 | N/A | 8.8 HIGH |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-32307 | 2 Debian, Signalwire | 2 Debian Linux, Sofia-sip | 2025-01-14 | N/A | 7.5 HIGH |
| Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. The previous patch of [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54) fixed the vulnerability when attr_type did not match the enum value, but there are also vulnerabilities in the handling of other valid cases. The OOB read and integer-overflow made by attacker may lead to crash, high consumption of memory or even other more serious consequences. These issue have been addressed in version 1.13.15. Users are advised to upgrade. | |||||
| CVE-2024-49112 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-14 | N/A | 9.8 CRITICAL |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||
| CVE-2024-21454 | 1 Qualcomm | 6 Auto 4g Modem, Auto 4g Modem Firmware, Auto 5g Modem-rf and 3 more | 2025-01-13 | N/A | 7.5 HIGH |
| Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. | |||||
| CVE-2024-21470 | 1 Qualcomm | 66 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 63 more | 2025-01-13 | N/A | 8.4 HIGH |
| Memory corruption while allocating memory for graphics. | |||||
| CVE-2024-45555 | 1 Qualcomm | 82 Msm8996au, Msm8996au Firmware, Qam8255p and 79 more | 2025-01-13 | N/A | 8.4 HIGH |
| Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image. | |||||
| CVE-2024-56451 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 7.3 HIGH |
| Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-42384 | 1 Cesanta | 1 Mongoose | 2025-01-13 | N/A | 7.5 HIGH |
| Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. | |||||
| CVE-2023-43550 | 1 Qualcomm | 270 Ar8035, Ar8035 Firmware, Csra6620 and 267 more | 2025-01-10 | N/A | 7.8 HIGH |
| Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem. | |||||
| CVE-2024-10917 | 1 Eclipse | 1 Openj9 | 2025-01-09 | N/A | 3.7 LOW |
| In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters. | |||||
| CVE-2024-40765 | 2025-01-09 | N/A | 9.8 CRITICAL | ||
| An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload. | |||||
| CVE-2024-26171 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-08 | N/A | 6.7 MEDIUM |
| Secure Boot Security Feature Bypass Vulnerability | |||||
| CVE-2024-55656 | 2025-01-08 | N/A | 8.8 HIGH | ||
| RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker (a redis client which knows the password) to allocate memory in the heap lesser than the required memory due to wraparound. Then read and write can be performed beyond this allocated memory, leading to info leak and OOB write. The integer overflow is in CMS.INITBYDIM command, which initialize a Count-Min Sketch to dimensions specified by user. It accepts two values (width and depth) and uses them to allocate memory in NewCMSketch(). This vulnerability is fixed in 2.2.19, 2.4.12, 2.6.14, and 2.8.2. | |||||