Total
2516 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15690 | 1 Redhat | 2 Enterprise Linux, Rhel E4s | 2025-01-24 | 8.8 High |
| LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution. | ||||
| CVE-2023-30763 | 1 Intel | 3 Battery Life Diagnostic Tool, Oneapi Base Toolkit, Soc Watch | 2025-01-24 | 7.2 High |
| Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28269 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-23 | 6.2 Medium |
| Windows Boot Manager Security Feature Bypass Vulnerability | ||||
| CVE-2023-28262 | 1 Microsoft | 2 Visual Studio 2019, Visual Studio 2022 | 2025-01-23 | 7.8 High |
| Visual Studio Elevation of Privilege Vulnerability | ||||
| CVE-2023-28254 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 7.2 High |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28240 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 8.8 High |
| Windows Network Load Balancing Remote Code Execution Vulnerability | ||||
| CVE-2023-28231 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-01-23 | 8.8 High |
| DHCP Server Service Remote Code Execution Vulnerability | ||||
| CVE-2023-28227 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 7.5 High |
| Windows Bluetooth Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-28225 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-01-23 | 7.8 High |
| Windows NTLM Elevation of Privilege Vulnerability | ||||
| CVE-2023-28292 | 1 Microsoft | 5 Raw Image Extension, Windows 10 20h2, Windows 10 21h2 and 2 more | 2025-01-23 | 7.8 High |
| Raw Image Extension Remote Code Execution Vulnerability | ||||
| CVE-2023-28218 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 7 High |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | ||||
| CVE-2023-24912 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 7.8 High |
| Windows Graphics Component Elevation of Privilege Vulnerability | ||||
| CVE-2023-21727 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 9 more | 2025-01-23 | 8.8 High |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | ||||
| CVE-2023-23384 | 1 Microsoft | 1 Sql Server | 2025-01-23 | 7.3 High |
| Microsoft SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2023-31722 | 1 Nasm | 1 Netwide Assembler | 2025-01-22 | 7.8 High |
| There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). | ||||
| CVE-2023-50739 | 1 Lexmark | 1 Printer Firmware | 2025-01-22 | 8.8 High |
| A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. | ||||
| CVE-2020-12819 | 1 Fortinet | 1 Fortios | 2025-01-21 | 5.4 Medium |
| A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context | ||||
| CVE-2022-3160 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2025-01-16 | 7.8 High |
| The APDFL.dll contains an out-of-bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-23582 | 1 Snapav | 2 Wattbox Wb-300-ip-3, Wattbox Wb-300-ip-3 Firmware | 2025-01-16 | 5.3 Medium |
| Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code or crash the device remotely. | ||||
| CVE-2023-2804 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2025-01-16 | 6.5 Medium |
| A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash. | ||||