Total
12074 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0699 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value. | |||||
| CVE-2010-3843 | 1 Ettercap-project | 1 Ettercap | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings file to overflow a statically-sized buffer on the stack. | |||||
| CVE-2007-0899 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| There is a possible heap overflow in libclamav/fsg.c before 0.100.0. | |||||
| CVE-2007-0158 | 1 Acme | 1 Thttpd | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| thttpd 2007 has buffer underflow. | |||||
| CVE-2018-9409 | 2024-11-20 | N/A | 7.8 HIGH | ||
| In HWCSession::SetColorModeById of hwc_session.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-23715 | 1 Google | 1 Android | 2024-11-20 | N/A | 7.8 HIGH |
| In PMRWritePMPageList of pmr.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-11237 | 1 Tp-link | 2 Vn020-f3v\(t\), Vn020-f3v\(t\) Firmware | 2024-11-19 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-50203 | 1 Linux | 1 Linux Kernel | 2024-11-19 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPF_TRAMP_F_CALL_ORIG is enabled, the address of a bpf_tramp_image struct on the stack is passed during the size calculation pass and an address on the heap is passed during code generation. This may cause a heap buffer overflow if the heap address is tagged because emit_a64_mov_i64() will emit longer code than it did during the size calculation pass. The same problem could occur without tag-based KASAN if one of the 16-bit words of the stack address happened to be all-ones during the size calculation pass. Fix the problem by assuming the worst case (4 instructions) when calculating the size of the bpf_tramp_image address emission. | |||||
| CVE-2024-49528 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-11-18 | N/A | 7.8 HIGH |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-47909 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2024-11-18 | N/A | 4.9 MEDIUM |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service. | |||||
| CVE-2024-47907 | 1 Ivanti | 1 Connect Secure | 2024-11-18 | N/A | 7.5 HIGH |
| A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service. | |||||
| CVE-2024-47905 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2024-11-18 | N/A | 4.9 MEDIUM |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service. | |||||
| CVE-2024-49509 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-16 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-49508 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-16 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-49507 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-16 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-38665 | 2024-11-15 | N/A | 8.4 HIGH | ||
| Out-of-bounds write in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-34776 | 2024-11-15 | N/A | 4.5 MEDIUM | ||
| Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-47443 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-14 | N/A | 7.8 HIGH |
| After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-47442 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-14 | N/A | 7.8 HIGH |
| After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-47441 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-14 | N/A | 7.8 HIGH |
| After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||