Total
3102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-41217 | 2024-11-15 | N/A | 6.5 MEDIUM | ||
| A heap-based buffer overflow in tsMuxer version nightly-2024-05-10-02-00-45 allows attackers to cause Denial of Service (DoS) via a crafted MKV video file. | |||||
| CVE-2024-41209 | 2024-11-15 | N/A | 8.8 HIGH | ||
| A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Denial of Service (DoS) and Code Execution via a crafted MOV video file. | |||||
| CVE-2024-41206 | 2024-11-15 | N/A | 6.5 MEDIUM | ||
| A stack-based buffer over-read in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Information Disclosure via a crafted TS video file. | |||||
| CVE-2024-49778 | 2024-11-15 | N/A | 8.8 HIGH | ||
| A heap-based buffer overflow in tsMuxer version nightly-2024-05-12-02-01-18 allows attackers to cause Denial of Service (DoS) and Code Execution via a crafted MOV video file. | |||||
| CVE-2024-49777 | 2024-11-15 | N/A | 8.8 HIGH | ||
| A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Denial of Service (DoS), Information Disclosure and Code Execution via a crafted MKV video file. | |||||
| CVE-2024-50305 | 2024-11-15 | N/A | 7.5 HIGH | ||
| Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue. | |||||
| CVE-2024-8882 | 1 Zyxel | 20 Gs1900-10hp, Gs1900-10hp Firmware, Gs1900-16 and 17 more | 2024-11-14 | N/A | 4.5 MEDIUM |
| A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlierĀ could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service (DoS) conditions via a crafted URL. | |||||
| CVE-2024-46952 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2024-11-14 | N/A | 7.8 HIGH |
| An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values). | |||||
| CVE-2024-35419 | 2024-11-12 | N/A | 5.5 MEDIUM | ||
| wac commit 385e1 was discovered to contain a heap overflow via the load_module function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. | |||||
| CVE-2024-50131 | 1 Linux | 1 Linux Kernel | 2024-11-08 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL terminating character. This commit checks this condition and returns failure for it. | |||||
| CVE-2024-33030 | 1 Qualcomm | 44 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 41 more | 2024-11-07 | N/A | 6.7 MEDIUM |
| Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size. | |||||
| CVE-2024-38423 | 1 Qualcomm | 412 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 409 more | 2024-11-07 | N/A | 7.8 HIGH |
| Memory corruption while processing GPU page table switch. | |||||
| CVE-2024-38409 | 1 Qualcomm | 50 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 47 more | 2024-11-07 | N/A | 7.8 HIGH |
| Memory corruption while station LL statistic handling. | |||||
| CVE-2024-45184 | 2024-11-06 | N/A | 6.2 MEDIUM | ||
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with chipset Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, and Modem 5300. A USAT out-of-bounds write due to a heap buffer overflow can lead to a Denial of Service. | |||||
| CVE-2024-44233 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-04 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination. | |||||
| CVE-2024-44234 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-04 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination. | |||||
| CVE-2024-44232 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-04 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination. | |||||
| CVE-2024-48289 | 2024-11-04 | N/A | 6.5 MEDIUM | ||
| An issue in the Bluetooth Low Energy implementation of Cypress Bluetooth SDK v3.66 allows attackers to cause a Denial of Service (DoS) via supplying a crafted LL_PAUSE_ENC_REQ packet. | |||||
| CVE-2024-10467 | 1 Mozilla | 2 Firefox, Thunderbird | 2024-11-04 | N/A | 8.8 HIGH |
| Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. | |||||
| CVE-2024-8592 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2024-11-01 | N/A | 7.8 HIGH |
| A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||