| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. |
| A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing. |
| Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are
vulnerable to heap-based buffer overflow, which could allow an attacker
to execute arbitrary code.
|
| Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24977. |
| Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24976. |
| Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to 0.5.0. |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow. |
| Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium) |
| Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) |
| Internet Connection Sharing (ICS) Remote Code Execution Vulnerability |
| Microsoft ODBC Driver Remote Code Execution Vulnerability |
| Windows Media Remote Code Execution Vulnerability |
| HEVC Video Extensions Remote Code Execution Vulnerability |
| Paint 3D Remote Code Execution Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability |
| Win32k Elevation of Privilege Vulnerability |
| Paint 3D Remote Code Execution Vulnerability |
