Export limit exceeded: 45691 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20197 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20197 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20755 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2024-12-04 | 7.8 High |
| Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20756 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2024-12-04 | 7.8 High |
| Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-21236 | 1 Google | 1 Android | 2024-12-04 | 6.7 Medium |
| In aoc_service_set_read_blocked of aoc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-270148537References: N/A | ||||
| CVE-2023-21517 | 1 Samsung | 1 Exynos | 2024-12-04 | 8.8 High |
| Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. | ||||
| CVE-2023-20757 | 2 Google, Mediatek | 17 Android, Mt6739, Mt6768 and 14 more | 2024-12-04 | 6.7 Medium |
| In cmdq, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07636133. | ||||
| CVE-2023-20758 | 2 Google, Mediatek | 18 Android, Mt6739, Mt6768 and 15 more | 2024-12-04 | 4.4 Medium |
| In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07636130. | ||||
| CVE-2023-20759 | 2 Google, Mediatek | 18 Android, Mt6739, Mt6768 and 15 more | 2024-12-04 | 4.4 Medium |
| In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07634601. | ||||
| CVE-2023-20761 | 2 Google, Mediatek | 42 Android, Mt6739, Mt6761 and 39 more | 2024-12-04 | 6.7 Medium |
| In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628604; Issue ID: ALPS07628582. | ||||
| CVE-2023-20766 | 2 Google, Mediatek | 53 Android, Mt6580, Mt6735 and 50 more | 2024-12-04 | 6.7 Medium |
| In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573202. | ||||
| CVE-2023-20767 | 2 Google, Mediatek | 10 Android, Mt6879, Mt6886 and 7 more | 2024-12-04 | 6.7 Medium |
| In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629584. | ||||
| CVE-2023-20771 | 2 Google, Mediatek | 11 Android, Mt6580, Mt6739 and 8 more | 2024-12-04 | 6.4 Medium |
| In display, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07671046; Issue ID: ALPS07671046. | ||||
| CVE-2023-21066 | 1 Google | 1 Android | 2024-12-04 | 9.8 Critical |
| In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-250100597References: N/A | ||||
| CVE-2023-2625 | 1 Abb | 2 Txpert Hub Coretec 4, Txpert Hub Coretec 4 Firmware | 2024-12-04 | 9 Critical |
| A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system. | ||||
| CVE-2023-3333 | 1 Nec | 34 Aterm Wf300hp, Aterm Wf300hp Firmware, Aterm Wg1400hp and 31 more | 2024-12-04 | 7.2 High |
| Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities. | ||||
| CVE-2024-8360 | 1 Visteon | 1 Infotainment | 2024-12-04 | 6.8 Medium |
| Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability. The specific flaw exists within the REFLASH_DDU_ExtractFile function. A crafted software update file can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23421. | ||||
| CVE-2024-7508 | 1 Trimble | 2 Sketchup, Sketchup Viewer | 2024-12-04 | 7.8 High |
| Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19575. | ||||
| CVE-2023-20753 | 2 Google, Mediatek | 55 Android, Mt6580, Mt6731 and 52 more | 2024-12-04 | 6.7 Medium |
| In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07588667. | ||||
| CVE-2023-20754 | 2 Google, Mediatek | 55 Android, Mt6580, Mt6731 and 52 more | 2024-12-04 | 6.7 Medium |
| In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07588343. | ||||
| CVE-2023-35177 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2024-12-04 | 8.8 High |
| Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser. | ||||
| CVE-2023-20775 | 3 Google, Mediatek, Openwrt | 38 Android, Mt6739, Mt6757 and 35 more | 2024-12-04 | 6.7 Medium |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410. | ||||