Total
211 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-9258 | 2024-11-22 | N/A | 7.8 HIGH | ||
| IrfanView SID File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SID files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23276. | |||||
| CVE-2024-33608 | 2024-11-21 | N/A | 7.5 HIGH | ||
| When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2024-32998 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| NULL pointer access vulnerability in the clock module Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2024-26004 | 2024-11-21 | N/A | 7.5 HIGH | ||
| An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality. | |||||
| CVE-2024-24925 | 1 Siemens | 1 Simcenter Femap | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-22060) | |||||
| CVE-2024-21919 | 2024-11-21 | N/A | 7.8 HIGH | ||
| An uninitialized pointer in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by leveraging the pointer after it is properly. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor. | |||||
| CVE-2023-4508 | 1 Gerbv Project | 1 Gerbv | 2024-11-21 | N/A | 5.5 MEDIUM |
| A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file. | |||||
| CVE-2023-49132 | 1 Siemens | 1 Solid Edge Se2023 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2023-49131 | 1 Siemens | 1 Solid Edge Se2023 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2023-49130 | 1 Siemens | 1 Solid Edge Se2023 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2023-47582 | 1 Fujielectric | 2 Tellus, Tellus Lite | 2024-11-21 | N/A | 7.8 HIGH |
| Access of uninitialized pointer vulnerability exists in TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0 and earlier. If a user opens a specially crafted file (X1, V8, or V9 file), information may be disclosed and/or arbitrary code may be executed. | |||||
| CVE-2023-47054 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-47047 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-47044 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44362 | 3 Adobe, Apple, Microsoft | 3 Prelude, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Prelude versions 22.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44329 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-44327 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-43531 | 2024-11-21 | N/A | 8.4 HIGH | ||
| Memory corruption while verifying the serialized header when the key pairs are generated. | |||||
| CVE-2023-38246 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-38234 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||