Total
5678 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-21430 | 2024-04-11 | N/A | 5.7 MEDIUM | ||
Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability | |||||
CVE-2024-21344 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 5.9 MEDIUM |
Windows Network Address Translation (NAT) Denial of Service Vulnerability | |||||
CVE-2024-21343 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 7.5 HIGH |
Windows Network Address Translation (NAT) Denial of Service Vulnerability | |||||
CVE-2024-21314 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 6.5 MEDIUM |
Microsoft Message Queuing Information Disclosure Vulnerability | |||||
CVE-2024-21311 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-04-11 | N/A | 5.5 MEDIUM |
Windows Cryptographic Services Information Disclosure Vulnerability | |||||
CVE-2024-20691 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 4.7 MEDIUM |
Windows Themes Information Disclosure Vulnerability | |||||
CVE-2024-20687 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-04-11 | N/A | 7.5 HIGH |
Microsoft AllJoyn API Denial of Service Vulnerability | |||||
CVE-2024-20660 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 6.5 MEDIUM |
Microsoft Message Queuing Information Disclosure Vulnerability | |||||
CVE-2024-20658 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-04-11 | N/A | 7.8 HIGH |
Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | |||||
CVE-2024-20653 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-04-11 | N/A | 7.8 HIGH |
Microsoft Common Log File System Elevation of Privilege Vulnerability | |||||
CVE-2024-20797 | 2024-04-11 | N/A | 7.8 HIGH | ||
Animate versions 23.0.4, 24.0.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20798 | 2024-04-11 | N/A | 5.5 MEDIUM | ||
Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20796 | 2024-04-11 | N/A | 5.5 MEDIUM | ||
Animate versions 23.0.4, 24.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20771 | 2024-04-11 | N/A | 5.5 MEDIUM | ||
Bridge versions 13.0.6, 14.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-39986 | 1 Hitachi | 1 Eh-view | 2024-04-11 | N/A | 5.5 MEDIUM |
** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Read vulnerability in Hitachi EH-VIEW (Designer) allows local attackers to potentially disclose information on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2023-34256 | 3 Debian, Linux, Suse | 3 Debian Linux, Linux Kernel, Linux Enterprise | 2024-04-11 | N/A | 5.5 MEDIUM |
An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. | |||||
CVE-2023-29417 | 1 Bzip3 Project | 1 Bzip3 | 2024-04-11 | N/A | 6.5 MEDIUM |
An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior can only occur for a contract violation, and thus the report is invalid. | |||||
CVE-2022-24198 | 1 Itextpdf | 1 Itext | 2024-04-11 | 4.3 MEDIUM | 6.5 MEDIUM |
iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. NOTE: Vendor does not view this as a vulnerability and has not found it to be exploitable. | |||||
CVE-2020-36325 | 1 Jansson Project | 1 Jansson | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification | |||||
CVE-2020-17360 | 1 Readytalk | 1 Avian | 2024-04-11 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of these checks, and out-of-bounds read/write. NOTE: This vulnerability only affects products that are no longer supported by the maintainer |