Total
1969 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50739 | 2025-01-18 | N/A | 8.8 HIGH | ||
|
A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.
|
|||||
| CVE-2025-21129 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2025-01-17 | N/A | 7.8 HIGH |
|
Substance3D - Stager versions 3.0.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2025-21378 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-17 | N/A | 7.8 HIGH |
|
Windows CSC Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21382 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-01-17 | N/A | 7.8 HIGH |
|
Windows Graphics Component Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21417 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-16 | N/A | 8.8 HIGH |
|
Windows Telephony Service Remote Code Execution Vulnerability
|
|||||
| CVE-2025-21413 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-16 | N/A | 8.8 HIGH |
|
Windows Telephony Service Remote Code Execution Vulnerability
|
|||||
| CVE-2025-21411 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-16 | N/A | 8.8 HIGH |
|
Windows Telephony Service Remote Code Execution Vulnerability
|
|||||
| CVE-2025-21409 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-16 | N/A | 8.8 HIGH |
|
Windows Telephony Service Remote Code Execution Vulnerability
|
|||||
| CVE-2024-30038 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-16 | N/A | 7.8 HIGH |
|
Win32k Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-2804 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2025-01-16 | N/A | 6.5 MEDIUM |
|
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overf ...
Show More |
|||||
| CVE-2024-28943 | 1 Microsoft | 3 Odbc Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-16 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-21317 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-15 | N/A | 8.8 HIGH |
|
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
|
|||||
| CVE-2024-21331 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-15 | N/A | 8.8 HIGH |
|
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
|
|||||
| CVE-2024-21333 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-15 | N/A | 8.8 HIGH |
|
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
|
|||||
| CVE-2024-21335 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-15 | N/A | 8.8 HIGH |
|
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
|
|||||
| CVE-2024-21373 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-15 | N/A | 8.8 HIGH |
|
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
|
|||||
| CVE-2024-21398 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-15 | N/A | 8.8 HIGH |
|
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
|
|||||
| CVE-2024-21414 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-15 | N/A | 8.8 HIGH |
|
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
|
|||||
| CVE-2024-21415 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-15 | N/A | 8.8 HIGH |
|
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
|
|||||
| CVE-2024-21425 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-15 | N/A | 8.8 HIGH |
|
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
|
|||||
| CVE-2024-29046 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-29047 | 1 Microsoft | 2 Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-29048 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-29982 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-29983 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-29044 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-28940 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-28927 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-28926 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-29984 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-29985 | 1 Microsoft | 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-15 | N/A | 8.8 HIGH |
|
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-10254 | 2025-01-14 | N/A | 4.7 MEDIUM | ||
|
A potential buffer overflow vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash.
|
|||||
| CVE-2024-10253 | 2025-01-14 | N/A | 4.7 MEDIUM | ||
|
A potential TOCTOU vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash.
|
|||||
| CVE-2024-28941 | 1 Microsoft | 3 Odbc Driver For Sql Server, Sql Server 2019, Sql Server 2022 | 2025-01-14 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-28937 | 1 Microsoft | 5 Odbc Driver For Sql Server, Sql Server 2019, Sql Server 2022 and 2 more | 2025-01-14 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-28935 | 1 Microsoft | 5 Odbc Driver For Sql Server, Sql Server 2019, Sql Server 2022 and 2 more | 2025-01-14 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-28932 | 1 Microsoft | 5 Odbc Driver For Sql Server, Sql Server 2019, Sql Server 2022 and 2 more | 2025-01-14 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2023-32307 | 2 Debian, Signalwire | 2 Debian Linux, Sofia-sip | 2025-01-14 | N/A | 7.5 HIGH |
|
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification.
Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. The previous patch of [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/s ...
Show More |
|||||
| CVE-2021-31439 | 3 Debian, Netatalk, Synology | 3 Debian Linux, Netatalk, Diskstation Manager | 2025-01-14 | 5.8 MEDIUM | 8.8 HIGH |
|
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current ...
Show More |
|||||
| CVE-2024-49125 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-01-14 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||