Total
2278 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-12670 | 2025-01-29 | 7.8 High | ||
| A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-12669 | 2025-01-29 | 7.8 High | ||
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-12179 | 2025-01-29 | 7.8 High | ||
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-10525 | 2 Eclipse, Eclipse Foundation | 2 Mosquitto, Mosquitto | 2025-01-29 | 9.8 Critical |
| In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients. | ||||
| CVE-2024-11608 | 1 Autodesk | 1 Revit | 2025-01-28 | 7.8 High |
| A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2023-27410 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2025-01-28 | 2.7 Low |
| A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service. | ||||
| CVE-2024-23154 | 2025-01-28 | 7.8 High | ||
| A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-23155 | 1 Autodesk | 2 Autocad Advance Steel, Autocad Civil 3d | 2025-01-28 | 7.8 High |
| A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-30020 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-28 | 8.1 High |
| Windows Cryptographic Services Remote Code Execution Vulnerability | ||||
| CVE-2024-23127 | 1 Autodesk | 3 Autocad, Autocad Advance Steel, Autocad Civil 3d | 2025-01-28 | 7.8 High |
| A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSW_DLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-37001 | 1 Autodesk | 3 Advance Steel, Autocad, Civil 3d | 2025-01-28 | 7.8 High |
| A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2023-4911 | 6 Canonical, Debian, Fedoraproject and 3 more | 40 Ubuntu Linux, Debian Linux, Fedora and 37 more | 2025-01-28 | 7.8 High |
| A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | ||||
| CVE-2024-30259 | 1 Eprosima | 1 Fast Dds | 2025-01-27 | 8.2 High |
| FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed `RTPS` packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-DDS process, potentially leading to a DOS attack. Versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8 contain a patch for the issue. | ||||
| CVE-2019-15690 | 1 Redhat | 2 Enterprise Linux, Rhel E4s | 2025-01-24 | 8.8 High |
| LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution. | ||||
| CVE-2023-30763 | 1 Intel | 3 Battery Life Diagnostic Tool, Oneapi Base Toolkit, Soc Watch | 2025-01-24 | 7.2 High |
| Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-36036 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38120 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2025-01-23 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-38170 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2025-01-23 | 7.1 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2024-38169 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-01-23 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2024-38154 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2025-01-23 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||