Total
2446 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37336 | 2024-07-09 | N/A | 8.8 HIGH | ||
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | |||||
| CVE-2024-37323 | 2024-07-09 | N/A | 8.8 HIGH | ||
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | |||||
| CVE-2024-21428 | 2024-07-09 | N/A | 8.8 HIGH | ||
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | |||||
| CVE-2020-19909 | 1 Haxx | 1 Curl | 2024-07-08 | N/A | 3.3 LOW |
| Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated systems or networks if, for example, --retry-delay is misinterpreted as a value much smaller than what was intended. This is not especially plausible because the overflow only happens if the user was trying to specify that curl should wait weeks (or longer) before trying to recover from a transient error. | |||||
| CVE-2024-3859 | 2024-07-03 | N/A | 5.9 MEDIUM | ||
| On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. | |||||
| CVE-2024-34403 | 2024-07-03 | N/A | 5.9 MEDIUM | ||
| An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string. | |||||
| CVE-2024-34402 | 2024-07-03 | N/A | 8.6 HIGH | ||
| An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow. | |||||
| CVE-2024-31031 | 2024-07-03 | N/A | 7.5 HIGH | ||
| An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow. | |||||
| CVE-2024-27833 | 1 Apple | 5 Ipados, Iphone Os, Safari and 2 more | 2024-07-03 | N/A | 8.8 HIGH |
| An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2024-23531 | 2024-07-03 | N/A | 7.5 HIGH | ||
| An Integer Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to perform denial of service attacks. In certain rare conditions this could also lead to reading content from memory. | |||||
| CVE-2024-22396 | 2024-07-03 | N/A | 5.3 MEDIUM | ||
| An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload. | |||||
| CVE-2024-20046 | 2024-07-03 | N/A | 6.6 MEDIUM | ||
| In battery, there is a possible escalation of privilege due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08485622; Issue ID: ALPS08485622. | |||||
| CVE-2024-20016 | 2 Google, Mediatek | 35 Android, Mt6735, Mt6737 and 32 more | 2024-07-03 | N/A | 4.4 MEDIUM |
| In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation Patch ID: ALPS07835901; Issue ID: ALPS07835901. | |||||
| CVE-2021-41345 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2024-07-03 | 7.2 HIGH | 7.8 HIGH |
| Storage Spaces Controller Elevation of Privilege Vulnerability | |||||
| CVE-2024-23372 | 1 Qualcomm | 222 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 219 more | 2024-07-02 | N/A | 7.8 HIGH |
| Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size. | |||||
| CVE-2024-30064 | 1 Microsoft | 2 Windows Server 2022, Windows Server 2022 23h2 | 2024-07-02 | N/A | 8.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2024-30067 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-07-02 | N/A | 5.5 MEDIUM |
| Winlogon Elevation of Privilege Vulnerability | |||||
| CVE-2015-8651 | 9 Adobe, Apple, Google and 6 more | 22 Air, Air Sdk, Air Sdk \& Compiler and 19 more | 2024-07-01 | 9.3 HIGH | 8.8 HIGH |
| Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2018-6065 | 4 Debian, Google, Mi and 1 more | 6 Debian Linux, Chrome, Mi6 Browser and 3 more | 2024-06-28 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2012-5054 | 1 Adobe | 1 Flash Player | 2024-06-28 | 9.3 HIGH | 8.8 HIGH |
| Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments. | |||||