Export limit exceeded: 13794 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13794 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-23698 | 1 Google | 1 Android | 2024-12-17 | 7.8 High |
| In RGXFWChangeOSidPriority of rgxfwutils.c, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-23709 | 1 Google | 1 Android | 2024-12-17 | 6.5 Medium |
| In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2024-21913 | 1 Rockwellautomation | 2 Arena, Arena Simulation Software | 2024-12-17 | 7.8 High |
| A heap-based memory buffer overflow vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code into the software by overstepping the memory boundaries, which triggers an access violation. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor. | ||||
| CVE-2024-21912 | 1 Rockwellautomation | 1 Arena | 2024-12-17 | 7.8 High |
| An arbitrary code execution vulnerability in Rockwell Automation Arena Simulation could let a malicious user insert unauthorized code into the software. This is done by writing beyond the designated memory area, which causes an access violation. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor. | ||||
| CVE-2022-48486 | 1 Huawei | 1 Emui | 2024-12-17 | 7.5 High |
| Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2014-125106 | 1 Nanopb Project | 1 Nanopb | 2024-12-17 | 9.8 Critical |
| Nanopb before 0.3.1 allows size_t overflows in pb_dec_bytes and pb_dec_string. | ||||
| CVE-2024-2929 | 1 Rockwellautomation | 1 Arena | 2024-12-17 | 7.8 High |
| A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory triggering an access violation. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor. | ||||
| CVE-2024-11156 | 1 Rockwellautomation | 1 Arena | 2024-12-17 | 7.8 High |
| An “out of bounds write” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor. | ||||
| CVE-2024-53959 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-12-17 | 7.8 High |
| Adobe Framemaker versions 2020.7, 2022.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-53956 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-12-17 | 7.8 High |
| Premiere Pro versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-0050 | 1 Google | 1 Android | 2024-12-16 | 7.8 High |
| In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-0051 | 1 Google | 1 Android | 2024-12-16 | 7.8 High |
| In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-0031 | 1 Google | 1 Android | 2024-12-16 | 9.8 Critical |
| In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-0040 | 1 Google | 1 Android | 2024-12-16 | 7.5 High |
| In setParameter of MtpPacket.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-0033 | 1 Google | 1 Android | 2024-12-16 | 7.8 High |
| In multiple functions of ashmem-dev.cpp, there is a possible missing seal due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-0018 | 1 Google | 1 Android | 2024-12-16 | 7.8 High |
| In convertYUV420Planar16ToY410 of ColorConverter.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-0023 | 1 Google | 1 Android | 2024-12-16 | 7.8 High |
| In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-12668 | 2024-12-16 | 8.2 High | ||
| Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Write vulnerability. By using an IO Control, a user space program can trick the driver into writing a 0 into any chosen memory location. In conjunction with information leakage from the WinPmem driver, attackers can discover the location in memory for the g_CiOptions global symbol. This can be leveraged to disable signed driver enforcement on the target system - allowing attackers to load unsigned drivers. | ||||
| CVE-2024-53957 | 1 Adobe | 1 Substance 3d Painter | 2024-12-13 | 7.8 High |
| Substance3D - Painter versions 10.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-53958 | 1 Adobe | 1 Substance 3d Painter | 2024-12-13 | 7.8 High |
| Substance3D - Painter versions 10.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||