Total
3311 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-51737 | 2025-01-08 | 7 High | ||
| RediSearch is a Redis module that provides querying, secondary indexing, and full-text search for Redis. An authenticated redis user executing FT.SEARCH or FT.AGGREGATE with a specially crafted LIMIT command argument, or FT.SEARCH with a specially crafted KNN command argument, can trigger an integer overflow, leading to heap overflow and potential remote code execution. This vulnerability is fixed in 2.6.24, 2.8.21, and 2.10.10. Avoid setting value of -1 or large values for configuration parameters MAXSEARCHRESULTS and MAXAGGREGATERESULTS, to avoid exploiting large LIMIT arguments. | ||||
| CVE-2024-51480 | 2025-01-08 | 7 High | ||
| RedisTimeSeries is a time-series database (TSDB) module for Redis, by Redis. Executing one of these commands TS.QUERYINDEX, TS.MGET, TS.MRAGE, TS.MREVRANGE by an authenticated user, using specially crafted command arguments may cause an integer overflow, a subsequent heap overflow, and potentially lead to remote code execution. This vulnerability is fixed in 1.6.20, 1.8.15, 1.10.15, and 1.12.3. | ||||
| CVE-2024-3757 | 1 Openatom | 1 Openharmony | 2025-01-02 | 3.3 Low |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow. | ||||
| CVE-2024-7025 | 1 Google | 1 Chrome | 2025-01-02 | 8.8 High |
| Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-9123 | 1 Google | 1 Chrome | 2025-01-02 | 7.1 High |
| Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-35644 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2025-01-01 | 7.8 High |
| Windows Sysmain Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-35632 | 1 Microsoft | 9 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 6 more | 2025-01-01 | 7.8 High |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | ||||
| CVE-2023-35381 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-01 | 8.8 High |
| Windows Fax Service Remote Code Execution Vulnerability | ||||
| CVE-2023-36900 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-01 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-35364 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2025-01-01 | 8.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-35315 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2025-01-01 | 8.8 High |
| Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-32051 | 1 Microsoft | 5 Raw Image Extension, Windows 10 21h2, Windows 10 22h2 and 2 more | 2025-01-01 | 7.8 High |
| Raw Image Extension Remote Code Execution Vulnerability | ||||
| CVE-2023-29369 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2025-01-01 | 6.5 Medium |
| Remote Procedure Call Runtime Denial of Service Vulnerability | ||||
| CVE-2023-24871 | 1 Microsoft | 6 Windows 10 20h2, Windows 10 21h2, Windows 10 22h2 and 3 more | 2025-01-01 | 8.8 High |
| Windows Bluetooth Service Remote Code Execution Vulnerability | ||||
| CVE-2023-24869 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-01 | 8.1 High |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | ||||
| CVE-2023-24908 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-01 | 8.1 High |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | ||||
| CVE-2023-23417 | 1 Microsoft | 10 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 7 more | 2025-01-01 | 7.8 High |
| Windows Partition Management Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-23410 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-01 | 7.8 High |
| Windows HTTP.sys Elevation of Privilege Vulnerability | ||||
| CVE-2023-23405 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-01 | 8.1 High |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | ||||
| CVE-2023-23385 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-01 | 7 High |
| Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability | ||||