Total
12297 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7993 | 1 Autodesk | 1 Revit | 2025-02-10 | N/A | 7.8 HIGH |
| A maliciously crafted PDF file, when parsed through Autodesk Revit, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-7672 | 1 Autodesk | 1 Navisworks | 2025-02-10 | N/A | 7.8 HIGH |
| A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-7671 | 1 Autodesk | 1 Navisworks | 2025-02-10 | N/A | 7.8 HIGH |
| A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-7305 | 2025-02-10 | N/A | 7.8 HIGH | ||
| A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||
| CVE-2022-47337 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | N/A | 5.5 MEDIUM |
| In media service, there is a missing permission check. This could lead to local denial of service in media service. | |||||
| CVE-2023-42917 | 4 Apple, Debian, Fedoraproject and 1 more | 7 Ipados, Iphone Os, Macos and 4 more | 2025-02-10 | N/A | 8.8 HIGH |
| A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. | |||||
| CVE-2023-1906 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2025-02-10 | N/A | 5.5 MEDIUM |
| A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. | |||||
| CVE-2023-28488 | 1 Intel | 1 Connman | 2025-02-08 | N/A | 6.5 MEDIUM |
| client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process. | |||||
| CVE-2023-29086 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-07 | N/A | 6.8 MEDIUM |
| An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header. | |||||
| CVE-2023-29085 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-07 | N/A | 6.8 MEDIUM |
| An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line. | |||||
| CVE-2024-39556 | 1 Juniper | 2 Junos, Junos Os Evolved | 2025-02-07 | N/A | 6.4 MEDIUM |
| A Stack-Based Buffer Overflow vulnerability in Juniper Networks Junos OS and Juniper Networks Junos OS Evolved may allow a local, low-privileged attacker with access to the CLI the ability to load a malicious certificate file, leading to a limited Denial of Service (DoS) or privileged code execution. By exploiting the 'set security certificates' command with a crafted certificate file, a malicious attacker with access to the CLI could cause a crash of the command management daemon (mgd), limited to the local user's command interpreter, or potentially trigger a stack-based buffer overflow. This issue affects: Junos OS: * All versions before 21.4R3-S7, * from 22.1 before 22.1R3-S6, * from 22.2 before 22.2R3-S4, * from 22.3 before 22.3R3-S3, * from 22.4 before 22.4R3-S2, * from 23.2 before 23.2R2, * from 23.4 before 23.4R1-S1, 23.4R2; Junos OS Evolved: * All versions before 21.4R3-S7-EVO, * from 22.1-EVO before 22.1R3-S6-EVO, * from 22.2-EVO before 22.2R3-S4-EVO, * from 22.3-EVO before 22.3R3-S3-EVO, * from 22.4-EVO before 22.4R3-S2-EVO, * from 23.2-EVO before 23.2R2-EVO, * from 23.4-EVO before 23.4R1-S1-EVO, 23.4R2-EVO. | |||||
| CVE-2024-53296 | 1 Dell | 1 Data Domain Operating System | 2025-02-07 | N/A | 2.7 LOW |
| Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. | |||||
| CVE-2024-20844 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 8.4 HIGH |
| Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2024-20845 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 8.4 HIGH |
| Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2024-20846 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 5.9 MEDIUM |
| Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2024-20848 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 4.0 MEDIUM |
| Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2024-20849 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 7.3 HIGH |
| Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
| CVE-2024-20842 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 4.2 MEDIUM |
| Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||||
| CVE-2024-20843 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 5.6 MEDIUM |
| Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code. | |||||
| CVE-2023-29090 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-07 | N/A | 6.8 MEDIUM |
| An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Via header. | |||||