ReportizFlow
Filtered by vendor
Subscriptions
Total
2123 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4863 | 10 Bandisoft, Bentley, Debian and 7 more | 17 Honeyview, Seequent Leapfrog, Debian Linux and 14 more | 2024-12-20 | 8.8 High |
| Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2023-45853 | 3 Redhat, Smihica, Zlib | 3 Jboss Core Services, Pyminizip, Zlib | 2024-12-20 | 9.8 Critical |
| MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API. | ||||
| CVE-2020-12819 | 1 Fortinet | 1 Fortios | 2024-12-20 | 5.4 Medium |
| A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context | ||||
| CVE-2024-11576 | 1 Luxion | 1 Keyshot | 2024-12-20 | 7.8 High |
| Luxion KeyShot 3DS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23681. | ||||
| CVE-2024-11580 | 1 Luxion | 1 Keyshot | 2024-12-20 | 7.8 High |
| Luxion KeyShot ABC File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of abc files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23700. | ||||
| CVE-2024-5160 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2024-12-20 | 8.8 High |
| Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-49030 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2024-12-20 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2024-49017 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49015 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49013 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49012 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49011 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49010 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49009 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49008 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49006 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49007 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49005 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49004 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49002 | 1 Microsoft | 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 | 2024-12-20 | 8.8 High |
| SQL Server Native Client Remote Code Execution Vulnerability | ||||