Total
2411 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28942 | 2024-06-28 | 8.8 High | ||
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36792 | 1 Microsoft | 16 .net, .net Framework, Visual Studio 2017 and 13 more | 2024-06-28 | 7.8 High |
| Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2023-32434 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-06-27 | 7.8 High |
| An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. | ||||
| CVE-2024-30067 | 2024-06-27 | 5.5 Medium | ||
| Winlogon Elevation of Privilege Vulnerability | ||||
| CVE-2024-30064 | 2024-06-27 | 8.8 High | ||
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2024-30072 | 1 Microsoft | 3 Windows 11 22h2, Windows 11 23h2, Windows Server 2022 23h2 | 2024-06-27 | 7.8 High |
| Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | ||||
| CVE-2024-27833 | 1 Apple | 5 Ipados, Iphone Os, Safari and 2 more | 2024-06-27 | 8.8 High |
| An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2020-14409 | 4 Debian, Fedoraproject, Libsdl and 1 more | 4 Debian Linux, Fedora, Simple Directmedia Layer and 1 more | 2024-06-27 | 7.8 High |
| SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file. | ||||
| CVE-2024-24857 | 1 Linux | 1 Linux Kernel | 2024-06-27 | 6.8 Medium |
| A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service. | ||||
| CVE-2019-25033 | 2 Debian, Nlnetlabs | 2 Debian Linux, Unbound | 2024-06-26 | 9.8 Critical |
| Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | ||||
| CVE-2024-2452 | 2024-06-26 | 7.0 High | ||
| In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of __portable_aligned_alloc() could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows. | ||||
| CVE-2020-17360 | 1 Readytalk | 1 Avian | 2024-06-26 | 7.8 High |
| An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of these checks, and out-of-bounds read/write. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2024-22396 | 2024-06-21 | N/A | ||
| An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload. | ||||
| CVE-2023-36478 | 3 Debian, Eclipse, Jenkins | 3 Debian Linux, Jetty, Jenkins | 2024-06-21 | 7.5 High |
| Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. `MetaDataBuilder.java` determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. `(_size+length)` will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. Users of HTTP/2 can be impacted by a remote denial of service attack. The issue has been fixed in versions 11.0.16, 10.0.16, and 9.4.53. There are no known workarounds. | ||||
| CVE-2021-23840 | 7 Debian, Fujitsu, Mcafee and 4 more | 27 Debian Linux, M10-1, M10-1 Firmware and 24 more | 2024-06-21 | 7.5 High |
| Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). | ||||
| CVE-2024-20795 | 2024-06-20 | 7.8 High | ||
| Animate versions 23.0.4, 24.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-37305 | 2024-06-20 | 8.2 High | ||
| oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-hybrid PQ key operation is not affected. This issue has been patched in in v0.6.1. All users are advised to upgrade. There are no workarounds for this issue. | ||||
| CVE-2024-30021 | 2024-06-19 | 6.8 Medium | ||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | ||||
| CVE-2024-30012 | 2024-06-19 | 6.8 Medium | ||
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | ||||
| CVE-2024-30005 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2024-06-19 | 6.8 Medium |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | ||||