| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally. |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. |
| Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network. |
| Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. |
| Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
| Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally. |
| Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. |
| Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally. |
| Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. |
| Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. |
| Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose information over a network. |
| Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. |
| Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. |
| ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, when AVRCP is enabled on ESP32, receiving a malformed VENDOR DEPENDENT command from a peer device can cause the Bluetooth stack to access memory before validating the command buffer length. This may lead to an out-of-bounds read, potentially exposing unintended memory content or causing unexpected behavior. |
| Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. |
| An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.5068 and later |
| A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to gain sensitive information.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.5166 and later |
| An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following version:
Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later |
