Total
336 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-3437 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2024-04-22 | N/A | 6.5 MEDIUM |
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. | |||||
CVE-2024-3209 | 2024-04-19 | 5.2 MEDIUM | 5.5 MEDIUM | ||
A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259055. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2024-32038 | 2024-04-19 | N/A | 9.8 CRITICAL | ||
Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in wazuh-analysisd when handling Unicode characters from Windows Eventchannel messages. It impacts Wazuh Manager 3.8.0 and above. This vulnerability is fixed in Wazuh Manager 4.7.2. | |||||
CVE-2024-0257 | 2024-04-18 | N/A | 3.3 LOW | ||
RoboDK v5.5.4 is vulnerable to heap-based buffer overflow while processing a specific project file. The resulting memory corruption may crash the application. | |||||
CVE-2023-5404 | 2024-04-17 | N/A | 8.1 HIGH | ||
Server receiving a malformed message can cause a pointer to be overwritten which can result in a remote code execution or failure. See Honeywell Security Notification for recommendations on upgrading and versioning. | |||||
CVE-2023-5400 | 2024-04-17 | N/A | 8.1 HIGH | ||
Server receiving a malformed message based on a using the specified key values can cause a heap overflow vulnerability which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning. | |||||
CVE-2024-26178 | 2024-04-11 | N/A | 7.8 HIGH | ||
Windows Kernel Elevation of Privilege Vulnerability | |||||
CVE-2024-26166 | 2024-04-11 | N/A | 8.8 HIGH | ||
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-26161 | 2024-04-11 | N/A | 8.8 HIGH | ||
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-26159 | 2024-04-11 | N/A | 8.8 HIGH | ||
Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||
CVE-2024-21370 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 8.8 HIGH |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-21369 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 8.8 HIGH |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-21368 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 8.8 HIGH |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-21367 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 8.8 HIGH |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-21366 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 8.8 HIGH |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-21365 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 8.8 HIGH |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-21361 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 8.8 HIGH |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-21360 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 8.8 HIGH |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-21359 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 8.8 HIGH |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2024-21358 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 8.8 HIGH |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |