Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3834 | 1 Apple | 1 Watchos | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-0675 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0676, CVE-2020-0677, CVE-2020-0748, CVE-2020-0755, CVE-2020-0756. | |||||
| CVE-2015-0565 | 1 Google | 1 Native Client | 2024-02-04 | 10.0 HIGH | 10.0 CRITICAL |
| NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. | |||||
| CVE-2020-3871 | 1 Apple | 1 Mac Os X | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-8738 | 1 Apple | 1 Xcode | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution. | |||||
| CVE-2020-0640 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-02-04 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. | |||||
| CVE-2019-8694 | 1 Apple | 1 Mac Os X | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-0124 | 1 Intel | 294 Core I7-10510u, Core I7-10510u Firmware, Core I7-10510y and 291 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-15243 | 1 Cisco | 4 Spa112, Spa112 Firmware, Spa122 and 1 more | 2024-02-04 | 5.2 MEDIUM | 8.0 HIGH |
| Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default. | |||||
| CVE-2018-5732 | 1 Isc | 1 Dhcp | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0 | |||||
| CVE-2019-19601 | 1 Opendetex Project | 1 Opendetex | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of an incorrect sprintf. | |||||
| CVE-2019-15250 | 1 Cisco | 4 Spa112, Spa112 Firmware, Spa122 and 1 more | 2024-02-04 | 5.2 MEDIUM | 8.0 HIGH |
| Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default. | |||||
| CVE-2019-11929 | 1 Facebook | 1 Hhvm | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0. | |||||
| CVE-2020-0711 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2024-02-04 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767. | |||||
| CVE-2020-0603 | 2 Microsoft, Redhat | 3 Asp.net Core, Enterprise Linux, Enterprise Linux Eus | 2024-02-04 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'. | |||||
| CVE-2013-7087 | 3 Clamav, Debian, Fedoraproject | 3 Clamav, Debian Linux, Fedora | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| ClamAV before 0.97.7 has WWPack corrupt heap memory | |||||
| CVE-2019-0151 | 1 Intel | 888 Core I5-5300u, Core I5-5300u Firmware, Core I5-5350u and 885 more | 2024-02-04 | 7.2 HIGH | 6.7 MEDIUM |
| Insufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-10618 | 1 Qualcomm | 2 Qca6390, Qca6390 Firmware | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Driver may access an invalid address while processing IO control due to lack of check of address validation in Snapdragon Connectivity in QCA6390 | |||||
| CVE-2020-3854 | 1 Apple | 1 Mac Os X | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2019-16707 | 1 Hunspell Project | 1 Hunspell | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. | |||||