Total
10857 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-24581 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write. | |||||
| CVE-2024-24561 | 1 Vyperlang | 1 Vyper | 2024-11-21 | N/A | 9.8 CRITICAL |
| Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice() function uses a non-literal argument for the start or length variable, this creates the ability for an attacker to overflow the bounds check. This issue can be used to do OOB access to storage, memory or calldata addresses. It can also be used to corrupt the length slot of the respective array. | |||||
| CVE-2024-24543 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data. | |||||
| CVE-2024-24246 | 2 Fedoraproject, Qpdf Project | 2 Fedora, Qpdf | 2024-11-21 | N/A | 5.5 MEDIUM |
| Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h. | |||||
| CVE-2024-24188 | 1 Jsish | 1 Jsish | 2024-11-21 | N/A | 9.8 CRITICAL |
| Jsish v3.5.0 was discovered to contain a heap-buffer-overflow in ./src/jsiUtils.c. | |||||
| CVE-2024-24186 | 1 Jsish | 1 Jsish | 2024-11-21 | N/A | 9.8 CRITICAL |
| Jsish v3.5.0 (commit 42c694c) was discovered to contain a stack-overflow via the component IterGetKeysCallback at /jsish/src/jsiValue.c. | |||||
| CVE-2024-23978 | 1 Kddi | 2 Home Spot Cube 2, Home Spot Cube 2 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported. | |||||
| CVE-2024-23951 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_element_field` function while handling an `ascii`.msh` file. | |||||
| CVE-2024-23950 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_element_field` function while handling an `binary`.msh` file. | |||||
| CVE-2024-23949 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_node_field` function while handling an `ascii`.msh` file. | |||||
| CVE-2024-23948 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_nodes` function while handling an `ascii`.msh` file. | |||||
| CVE-2024-23947 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_nodes` function while handling a `binary` `.msh` file. | |||||
| CVE-2024-23804 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted PSOBJ files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-23803 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-23798 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-23797 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-23796 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-23795 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-23709 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2024-23698 | 2024-11-21 | N/A | 7.8 HIGH | ||
| In RGXFWChangeOSidPriority of rgxfwutils.c, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||