Export limit exceeded: 21088 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21088 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-35177 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2024-12-04 | 8.8 High |
| Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser. | ||||
| CVE-2023-20775 | 3 Google, Mediatek, Openwrt | 38 Android, Mt6739, Mt6757 and 35 more | 2024-12-04 | 6.7 Medium |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410. | ||||
| CVE-2023-32622 | 1 Wavlink | 2 Wl-wn531ax2, Wl-wn531ax2 Firmware | 2024-12-04 | 7.2 High |
| Improper neutralization of special elements in WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to execute OS commands with the root privilege. | ||||
| CVE-2024-20761 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-12-04 | 7.8 High |
| Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-20785 | 2 Google, Mediatek | 20 Android, Mt6779, Mt6781 and 17 more | 2024-12-04 | 6.4 Medium |
| In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628524; Issue ID: ALPS07628524. | ||||
| CVE-2023-20786 | 2 Google, Mediatek | 35 Android, Mt2713, Mt6580 and 32 more | 2024-12-04 | 6.7 Medium |
| In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767811; Issue ID: ALPS07767811. | ||||
| CVE-2023-20811 | 3 Google, Linux, Mediatek | 54 Android, Linux Kernel, Mt5221 and 51 more | 2024-12-04 | 6.7 Medium |
| In IOMMU, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061. | ||||
| CVE-2024-27327 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2024-12-04 | 7.8 High |
| PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22277. | ||||
| CVE-2024-30271 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-12-04 | 7.8 High |
| Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-8813 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2024-12-04 | 7.8 High |
| PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24208. | ||||
| CVE-2024-8815 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2024-12-04 | 7.8 High |
| PDF-XChange Editor U3D File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24210. | ||||
| CVE-2024-8817 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2024-12-04 | 7.8 High |
| PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24212. | ||||
| CVE-2024-30272 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-12-04 | 7.8 High |
| Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-30273 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-12-04 | 7.8 High |
| Illustrator versions 28.3, 27.9.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-34420 | 1 Lenovo | 1 Xclarity Administrator | 2024-12-04 | 7.2 High |
| A valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web API. | ||||
| CVE-2024-47431 | 1 Adobe | 1 Substance 3d Painter | 2024-12-04 | 7.8 High |
| Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49516 | 1 Adobe | 1 Substance 3d Painter | 2024-12-04 | 7.8 High |
| Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-47430 | 1 Adobe | 1 Substance 3d Painter | 2024-12-04 | 7.8 High |
| Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-47429 | 1 Adobe | 1 Substance 3d Painter | 2024-12-04 | 7.8 High |
| Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-47428 | 1 Adobe | 1 Substance 3d Painter | 2024-12-04 | 7.8 High |
| Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||