Filtered by vendor Microsoft
Subscribe
Total
22989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-39385 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-09-16 | N/A | 5.5 MEDIUM |
|
Premiere Pro versions 24.5, 23.6.8 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-39384 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-09-16 | N/A | 7.8 HIGH |
|
Premiere Pro versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-34134 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-09-16 | N/A | 5.5 MEDIUM |
|
Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-41873 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-09-16 | N/A | 5.5 MEDIUM |
|
Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-41872 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-09-16 | N/A | 5.5 MEDIUM |
|
Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-41870 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-09-16 | N/A | 5.5 MEDIUM |
|
Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-39377 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-09-16 | N/A | 7.8 HIGH |
|
Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-43758 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-09-13 | N/A | 7.8 HIGH |
|
Illustrator versions 28.6, 27.9.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-45111 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-09-13 | N/A | 5.5 MEDIUM |
|
Illustrator versions 28.6, 27.9.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-43759 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-09-13 | N/A | 5.5 MEDIUM |
|
Illustrator versions 28.6, 27.9.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a DoS condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-43756 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-13 | N/A | 7.8 HIGH |
|
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-43760 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-13 | N/A | 7.8 HIGH |
|
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-45108 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-13 | N/A | 7.8 HIGH |
|
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-45109 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-09-13 | N/A | 7.8 HIGH |
|
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-39380 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-09-13 | N/A | 7.8 HIGH |
|
After Effects versions 23.6.6, 24.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-39381 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-09-13 | N/A | 7.8 HIGH |
|
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-39382 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-09-13 | N/A | 5.5 MEDIUM |
|
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-41859 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-09-13 | N/A | 7.8 HIGH |
|
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-5760 | 2 Microsoft, Samsung | 2 Windows, Universal Print Driver | 2024-09-13 | N/A | 7.8 HIGH |
|
The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018.
|
|||||
| CVE-2024-38252 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h1 and 9 more | 2024-09-13 | N/A | 7.8 HIGH |
|
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38253 | 1 Microsoft | 5 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 2 more | 2024-09-13 | N/A | 7.8 HIGH |
|
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38254 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-09-13 | N/A | 6.2 MEDIUM |
|
Windows Authentication Information Disclosure Vulnerability
|
|||||
| CVE-2024-38256 | 1 Microsoft | 9 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 6 more | 2024-09-13 | N/A | 5.5 MEDIUM |
|
Windows Kernel-Mode Driver Information Disclosure Vulnerability
|
|||||
| CVE-2024-38258 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-09-13 | N/A | 7.5 HIGH |
|
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
|
|||||
| CVE-2024-38263 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-09-13 | N/A | 7.5 HIGH |
|
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38260 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-09-13 | N/A | 8.8 HIGH |
|
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43454 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-09-13 | N/A | 7.1 HIGH |
|
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43455 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-09-13 | N/A | 9.8 CRITICAL |
|
Windows Remote Desktop Licensing Service Spoofing Vulnerability
|
|||||
| CVE-2024-43464 | 1 Microsoft | 1 Sharepoint Server | 2024-09-13 | N/A | 7.2 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43465 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2024-09-13 | N/A | 7.8 HIGH |
|
Microsoft Excel Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-43466 | 1 Microsoft | 1 Sharepoint Server | 2024-09-13 | N/A | 7.5 HIGH |
|
Microsoft SharePoint Server Denial of Service Vulnerability
|
|||||
| CVE-2024-43475 | 1 Microsoft | 1 Windows Server 2008 | 2024-09-13 | N/A | 7.3 HIGH |
|
Microsoft Windows Admin Center Information Disclosure Vulnerability
|
|||||
| CVE-2024-43476 | 1 Microsoft | 1 Dynamics 365 | 2024-09-13 | N/A | 5.4 MEDIUM |
|
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
|
|||||
| CVE-2024-43479 | 1 Microsoft | 1 Power Automate | 2024-09-13 | N/A | 8.5 HIGH |
|
Microsoft Power Automate Desktop Remote Code Execution Vulnerability
|
|||||
| CVE-2024-41856 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-09-13 | N/A | 7.8 HIGH |
|
Illustrator versions 28.5, 27.9.4, 28.6, 27.9.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-45107 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-09-06 | N/A | 5.5 MEDIUM |
|
Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-41879 | 2 Adobe, Microsoft | 2 Acrobat Reader, Edge | 2024-09-05 | N/A | 7.8 HIGH |
|
Acrobat Reader versions 127.0.2651.105 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-2881 | 3 Linux, Microsoft, Wolfssl | 3 Linux Kernel, Windows, Wolfssl | 2024-09-04 | N/A | 8.8 HIGH |
|
Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.
|
|||||
| CVE-2024-38219 | 1 Microsoft | 1 Edge Chromium | 2024-08-29 | N/A | 9.0 CRITICAL |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43472 | 1 Microsoft | 1 Edge Chromium | 2024-08-28 | N/A | 8.3 HIGH |
|
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
|
|||||