Total
13156 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-44073 | 1 Rust-bitcoin | 1 Miniscript | 2024-09-13 | 7.5 High |
| The Miniscript (aka rust-miniscript) library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth. | ||||
| CVE-2024-23497 | 1 Intel | 2 Ethernet 800 Series Controllers Driver, Ethernet Complete Driver Pack | 2024-09-12 | 8.8 High |
| Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-8389 | 1 Mozilla | 1 Firefox | 2024-09-06 | 9.8 Critical |
| Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130. | ||||
| CVE-2024-8387 | 2 Mozilla, Redhat | 9 Firefox, Firefox Esr, Thunderbird and 6 more | 2024-09-06 | 9.8 Critical |
| Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. | ||||
| CVE-2024-41879 | 2 Adobe, Microsoft | 2 Acrobat Reader, Edge | 2024-09-05 | 7.8 High |
| Acrobat Reader versions 127.0.2651.105 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-8408 | 1 Linksys | 2 Wrt54g, Wrt54g Firmware | 2024-09-05 | 6.3 Medium |
| A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validate_services_port of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument services_array leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-20087 | 2 Google, Mediatek | 13 Android, Mt6765, Mt6768 and 10 more | 2024-09-05 | 7.8 High |
| In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1550. | ||||
| CVE-2024-20086 | 2 Google, Mediatek | 13 Android, Mt6765, Mt6768 and 10 more | 2024-09-05 | 7.8 High |
| In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551. | ||||
| CVE-2024-34657 | 1 Samsung | 1 Notes | 2024-09-05 | 8.6 High |
| Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code. | ||||
| CVE-2024-34660 | 1 Samsung | 1 Notes | 2024-09-05 | 7.3 High |
| Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. | ||||
| CVE-2024-8193 | 1 Google | 1 Chrome | 2024-09-05 | 8.8 High |
| Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-42437 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2024-09-04 | 6.5 Medium |
| Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2024-42436 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2024-09-04 | 6.5 Medium |
| Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2024-39825 | 1 Zoom | 6 Rooms, Vdi Windows Meeting Client, Workplace and 3 more | 2024-09-04 | 8.5 High |
| Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2024-38386 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-04 | 8.4 High |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | ||||
| CVE-2024-45508 | 2 Htmldoc, Htmldoc Project | 2 Htmldoc, Htmldoc | 2024-09-04 | 9.8 Critical |
| HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node. | ||||
| CVE-2024-39816 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-04 | 8.4 High |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | ||||
| CVE-2024-42941 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-09-03 | 7.5 High |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the wanmode parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-42940 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-09-03 | 5.7 Medium |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2024-42948 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-09-03 | 7.5 High |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||