Total
2646 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24014 | 1 Deltaww | 1 Cncsoft-b | 2025-01-06 | 7.8 High |
| Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to heap-based buffer overflow, which could allow an attacker to execute arbitrary code. | ||||
| CVE-2024-13051 | 1 Ashlar | 1 Graphite | 2025-01-03 | 7.8 High |
| Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24977. | ||||
| CVE-2024-13050 | 1 Ashlar | 1 Graphite | 2025-01-03 | 7.8 High |
| Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24976. | ||||
| CVE-2024-3758 | 1 Openatom | 1 Openharmony | 2025-01-02 | 6.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow. | ||||
| CVE-2024-8905 | 1 Google | 1 Chrome | 2025-01-02 | 8.8 High |
| Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-7018 | 1 Google | 1 Chrome | 2025-01-02 | 8.8 High |
| Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | ||||
| CVE-2023-35630 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-01 | 8.8 High |
| Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | ||||
| CVE-2023-35639 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-01 | 8.8 High |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-21740 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-01 | 7.8 High |
| Windows Media Remote Code Execution Vulnerability | ||||
| CVE-2023-38170 | 1 Microsoft | 1 Hevc Video Extensions | 2025-01-01 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2023-35374 | 1 Microsoft | 1 Paint 3d | 2025-01-01 | 7.8 High |
| Paint 3D Remote Code Execution Vulnerability | ||||
| CVE-2023-35305 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-35304 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-35363 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-35350 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-01 | 7.2 High |
| Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | ||||
| CVE-2023-35337 | 1 Microsoft | 5 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 2 more | 2025-01-01 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2023-32047 | 1 Microsoft | 1 Paint 3d | 2025-01-01 | 7.8 High |
| Paint 3D Remote Code Execution Vulnerability | ||||
| CVE-2023-32028 | 1 Microsoft | 2 Ole Db Driver For Sql Server, Sql Server | 2025-01-01 | 7.8 High |
| Microsoft SQL OLE DB Remote Code Execution Vulnerability | ||||
| CVE-2023-24897 | 1 Microsoft | 18 .net, .net Framework, Visual Studio and 15 more | 2025-01-01 | 7.8 High |
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2023-23415 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-01 | 9.8 Critical |
| Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability | ||||