Total
13243 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-46488 | 2 Asg017, Sqlite | 2 Sqlite-vec, Sqlite-vec | 2024-10-02 | 9.1 Critical |
| sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npy_token_next function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | ||||
| CVE-2024-47293 | 1 Huawei | 2 Emui, Harmonyos | 2024-10-01 | 4.7 Medium |
| Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-39433 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-09-30 | 6.2 Medium |
| In drm service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2024-39432 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-30 | 8.3 High |
| In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. | ||||
| CVE-2024-39431 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-30 | 8.3 High |
| In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. | ||||
| CVE-2024-31203 | 1 Proges | 1 Thermoscan Ip | 2024-09-30 | 3.3 Low |
| A “CWE-121: Stack-based Buffer Overflow” in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service (DoS) condition on the target component. | ||||
| CVE-2022-39068 | 1 Zte | 2 Mf296r, Mf296r Firmware | 2024-09-29 | 4.5 Medium |
| There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of service attack. | ||||
| CVE-2024-9043 | 1 Cellopoint | 1 Secure Email Gateway | 2024-09-25 | 9.8 Critical |
| Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Remote unauthenticated attackers can send crafted packets to crash the process, thereby bypassing authentication and obtaining system administrator privileges. | ||||
| CVE-2024-31570 | 1 Freeimage Project | 1 Freeimage | 2024-09-25 | 9.8 Critical |
| libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file. | ||||
| CVE-2024-8946 | 1 Micropython | 1 Micropython | 2024-09-24 | 7.3 High |
| A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mp_vfs_umount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 29943546343c92334e8518695a11fc0e2ceea68b. It is recommended to apply a patch to fix this issue. In the VFS unmount process, the comparison between the mounted path string and the unmount requested string is based solely on the length of the unmount string, which can lead to a heap buffer overflow read. | ||||
| CVE-2024-8948 | 1 Micropython | 1 Micropython | 2024-09-23 | 7.3 High |
| A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpz_as_bytes of the file py/objint.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 908ab1ceca15ee6fd0ef82ca4cba770a3ec41894. It is recommended to apply a patch to fix this issue. In micropython objint component, converting zero from int to bytes leads to heap buffer-overflow-write at mpz_as_bytes. | ||||
| CVE-2024-46047 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2024-09-20 | 6.5 Medium |
| Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function. | ||||
| CVE-2024-46046 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2024-09-20 | 6.5 Medium |
| Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function. | ||||
| CVE-2024-45181 | 2 Microsoft, Wibu | 2 Windows, Wibukey | 2024-09-18 | 8.8 High |
| An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption. | ||||
| CVE-2024-39378 | 3 Adobe, Apple, Microsoft | 3 Audition, Mac Os X, Windows | 2024-09-18 | 7.8 High |
| Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-0110 | 1 Nvidia | 1 Cuda Toolkit | 2024-09-18 | 4.4 Medium |
| NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service. | ||||
| CVE-2024-45108 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-18 | 7.8 High |
| Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-45109 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-18 | 7.8 High |
| Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-43760 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-18 | 7.8 High |
| Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-44093 | 1 Google | 1 Android | 2024-09-18 | 7.4 High |
| In ppmp_unprotect_buf of drm/code/drm_fw.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||