Total
278 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31080 | 2024-11-21 | N/A | 7.3 HIGH | ||
| A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. | |||||
| CVE-2024-30079 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | |||||
| CVE-2024-30071 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 4.7 MEDIUM |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
| CVE-2024-30069 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 4.7 MEDIUM |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
| CVE-2024-21465 | 1 Qualcomm | 518 9205 Lte Modem, 9205 Lte Modem Firmware, Aqt1000 and 515 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory corruption while processing key blob passed by the user. | |||||
| CVE-2024-21462 | 1 Qualcomm | 622 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 619 more | 2024-11-21 | N/A | 7.1 HIGH |
| Transient DOS while loading the TA ELF file. | |||||
| CVE-2024-21458 | 1 Qualcomm | 222 Ar8035, Ar8035 Firmware, Csr8811 and 219 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Information disclosure while handling SA query action frame. | |||||
| CVE-2024-21457 | 1 Qualcomm | 222 Ar8035, Ar8035 Firmware, Csr8811 and 219 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| INformation disclosure while handling Multi-link IE in beacon frame. | |||||
| CVE-2024-21456 | 1 Qualcomm | 84 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 81 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Information Disclosure while parsing beacon frame in STA. | |||||
| CVE-2024-21340 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 4.6 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2024-20290 | 2 Cisco, Fedoraproject | 3 Secure Endpoint, Secure Endpoint Private Cloud, Fedora | 2024-11-21 | N/A | 7.5 HIGH |
| A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog . | |||||
| CVE-2023-4758 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2023-43574 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. | |||||
| CVE-2023-43572 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. | |||||
| CVE-2023-43568 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. | |||||
| CVE-2023-43536 | 1 Qualcomm | 618 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 615 more | 2024-11-21 | N/A | 7.5 HIGH |
| Transient DOS while parse fils IE with length equal to 1. | |||||
| CVE-2023-43533 | 1 Qualcomm | 476 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 473 more | 2024-11-21 | N/A | 7.5 HIGH |
| Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. | |||||
| CVE-2023-43512 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services buffer. | |||||
| CVE-2023-38152 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| DHCP Server Service Information Disclosure Vulnerability | |||||
| CVE-2023-36904 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||