Export limit exceeded: 21518 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21518 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-21493 | 2024-11-21 | 5.3 Medium | ||
| All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead to a panic (index out of range). Panics during the parsing of a configuration file may introduce ambiguity and vulnerabilities, hindering the correct interpretation and configuration of the web server. | ||||
| CVE-2024-21465 | 1 Qualcomm | 518 9205 Lte Modem, 9205 Lte Modem Firmware, Aqt1000 and 515 more | 2024-11-21 | 7.8 High |
| Memory corruption while processing key blob passed by the user. | ||||
| CVE-2024-21462 | 1 Qualcomm | 622 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 619 more | 2024-11-21 | 7.1 High |
| Transient DOS while loading the TA ELF file. | ||||
| CVE-2024-21458 | 1 Qualcomm | 222 Ar8035, Ar8035 Firmware, Csr8811 and 219 more | 2024-11-21 | 6.5 Medium |
| Information disclosure while handling SA query action frame. | ||||
| CVE-2024-21457 | 1 Qualcomm | 222 Ar8035, Ar8035 Firmware, Csr8811 and 219 more | 2024-11-21 | 6.5 Medium |
| INformation disclosure while handling Multi-link IE in beacon frame. | ||||
| CVE-2024-21456 | 1 Qualcomm | 84 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 81 more | 2024-11-21 | 6.5 Medium |
| Information Disclosure while parsing beacon frame in STA. | ||||
| CVE-2024-21030 | 1 Oracle | 1 Complex Maintenance Repair And Overhaul | 2024-11-21 | 6.1 Medium |
| Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Complex Maintenance, Repair, and Overhaul accessible data as well as unauthorized read access to a subset of Oracle Complex Maintenance, Repair, and Overhaul accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). | ||||
| CVE-2024-20820 | 1 Samsung | 1 Android | 2024-11-21 | 4.4 Medium |
| Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read. | ||||
| CVE-2024-20814 | 1 Samsung | 1 Android | 2024-11-21 | 4 Medium |
| Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information. | ||||
| CVE-2024-20785 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | 7.8 High |
| InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20783 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | 7.8 High |
| InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20781 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | 7.8 High |
| InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20753 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | 7.8 High |
| Photoshop Desktop versions 24.7.3, 25.7 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20742 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | 7.8 High |
| Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20741 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | 7.8 High |
| Substance3D - Painter versions 9.1.1 and earlier are affected by a Write-what-where Condition vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20736 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 5.5 Medium |
| Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20725 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | 5.5 Medium |
| Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20724 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | 5.5 Medium |
| Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20723 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | 7.8 High |
| Substance3D - Painter versions 9.1.1 and earlier are affected by a Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20722 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | 5.5 Medium |
| Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||