Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-29061 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-26 | N/A | 7.8 HIGH |
| Secure Boot Security Feature Bypass Vulnerability | |||||
| CVE-2023-32643 | 1 Gnome | 1 Glib | 2024-04-26 | N/A | 7.8 HIGH |
| A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665. | |||||
| CVE-2023-3812 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-04-25 | N/A | 7.8 HIGH |
| An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||
| CVE-2024-4141 | 2024-04-24 | N/A | 2.9 LOW | ||
| Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers. | |||||
| CVE-2024-21979 | 2024-04-24 | N/A | 5.3 MEDIUM | ||
| An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code execution. | |||||
| CVE-2024-21972 | 2024-04-24 | N/A | 5.3 MEDIUM | ||
| An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code execution. | |||||
| CVE-2023-26597 | 1 Honeywell | 2 C300, C300 Firmware | 2024-04-22 | N/A | 7.5 HIGH |
| Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller. See Honeywell Security Notification for recommendations on upgrading and versioning. See Honeywell Security Notification for recommendations on upgrading and versioning. | |||||
| CVE-2023-25078 | 1 Honeywell | 4 Direct Station, Engineering Station, Experion Server and 1 more | 2024-04-22 | N/A | 7.5 HIGH |
| Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. See Honeywell Security Notification for recommendations on upgrading and versioning. | |||||
| CVE-2023-24480 | 1 Honeywell | 2 C300, C300 Firmware | 2024-04-22 | N/A | 7.5 HIGH |
| Controller DoS due to stack overflow when decoding a message from the server. See Honeywell Security Notification for recommendations on upgrading and versioning. | |||||
| CVE-2023-23585 | 1 Honeywell | 4 Direct Station, Engineering Station, Experion Server and 1 more | 2024-04-22 | N/A | 7.5 HIGH |
| Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. See Honeywell Security Notification for recommendations on upgrading and versioning. | |||||
| CVE-2023-23456 | 2 Fedoraproject, Upx Project | 2 Fedora, Upx | 2024-04-19 | N/A | 5.5 MEDIUM |
| A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file. | |||||
| CVE-2023-0330 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-04-19 | N/A | 6.0 MEDIUM |
| A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free. | |||||
| CVE-2024-3900 | 2024-04-17 | N/A | 2.9 LOW | ||
| Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText. | |||||
| CVE-2021-26419 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-04-16 | 7.6 HIGH | 7.5 HIGH |
| Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2020-1570 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-04-16 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. | |||||
| CVE-2023-33074 | 1 Qualcomm | 120 Qam8255p, Qam8255p Firmware, Qam8295p and 117 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in Audio when SSR event is triggered after music playback is stopped. | |||||
| CVE-2023-33059 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 515 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in Audio while processing the VOC packet data from ADSP. | |||||
| CVE-2023-33055 | 1 Qualcomm | 304 Apq5053-aa, Apq5053-aa Firmware, Aqt1000 and 301 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory Corruption in Audio while invoking callback function in driver from ADSP. | |||||
| CVE-2023-33045 | 1 Qualcomm | 258 Ar8035, Ar8035 Firmware, Csr8811 and 255 more | 2024-04-12 | N/A | 9.8 CRITICAL |
| Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. | |||||
| CVE-2023-33034 | 1 Qualcomm | 128 Apq5053-aa, Apq5053-aa Firmware, Csra6620 and 125 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption while parsing the ADSP response command. | |||||